[Q66-Q87] CISSP Exam Brain Dumps - Study Notes and Theory [Apr-2022]

NO.66 A security practitioner has just been assigned to address an ongoing Denial of Service (DoS) attack against the company’s network, which includes an e-commerce web site. The strategy has to include defenses for any size of attack without rendering the company network unusable. Which of the following should be a PRIMARY concern when addressing this issue?

Deal with end user education and training.

Pay more for a dedicated path to the Internet.

Allow legitimate connections while blocking malicious connections.

Ensure the web sites are properly backed up on a daily basis.

NO.67 Proxies works by transferring a copy of each accepted data packet from one network to another, thereby masking the:

data’s payload.

data’s details.

data’s owner.

data’s origin.

NO.68 Checking routing information on e-mail to determine it is in a valid format and contains valid information is an example of which of the following anti-spam approaches?

Simple Mail Transfer Protocol (SMTP) blacklist

Reverse Domain Name System (DNS) lookup

Hashing algorithm

Header analysis

NO.69 Aprocessor in which a single instruction specifies more than one CONCURRENT operation is called:

Pipelined processor.

Very Long Instruction Word processor.

Scalar processor.

Superscalar processor.

NO.70 Convert Channel Analysis, Trusted Facility Management, and Trusted
Recovery are parts of which book in the TCSEC Rainbow Series?

Red Book

Dark Green Book

Orange Book

Green Book

NO.71 Who in the organization is accountable for classification of data information assets?

Data owner

Data architect

Chief Information Security Officer (CISO)

Chief Information Officer (CIO)

NO.72 Which one of the following security areas is directly addressed by
Kerberos?

Confidentiality

Frequency analysis

Availability

Physical attacks

NO.73 The Federal Intelligence Surveillance Act (FISA) of 1978, the Electronic
Communications Privacy Act (ECPA) of 1986, and the Communications
Assistance for Law Enforcement Act (CALEA) of 1994 are legislative
acts passed by the United States Congress. These acts all address what
major information security issue?

Computer fraud

Wiretapping

Unlawful use of and access to government computers and networks

Malicious code

NO.74 Which of the following is defined as an Internet, IPsec, key-establishment protocol, partly based on OAKLEY, that is intended for putting in place authenticated keying material for use with ISAKMP and for other security associations?

Internet Key exchange (IKE)

Security Association Authentication Protocol (SAAP)

Simple Key-management for Internet Protocols (SKIP)

Key Exchange Algorithm (KEA)

NO.75 Which of the following BEST describes a chosen plaintext attack?

The cryptanalyst can generate ciphertext from arbitrary text.

The cryptanalyst examines the communication being sent back and forth.

The cryptanalyst can choose the key and algorithm to mount the attack.

The cryptanalyst is presented with the ciphertext from which the original message is determined.

NO.76 The number of times a password should be changed is NOT a function of:

The responsibilities and clearance of the user.

The criticality of the information to be protected.

The type of workstation used.

The frequency of the password’s use.

NO.77 Rank the Hypertext Transfer protocol (HTTP) authentication types shows below in order of relative strength.
Drag the authentication type on the correct positions on the right according to strength from weakest to strongest.

NO.78 Which choice below is NOT an element of BCP plan approval and implementation?

Executing a disaster scenario and documenting the results

Obtaining senior management approval of the results

Creating an awareness of the plan

Updating the plan regularly and as needed

NO.79 Which of the following encryption types is used in Hash Message Authentication Code (HMAC) for key distribution?

Symmetric

Asymmetric

Ephemeral

Permanent

NO.80 Which kind of evidence would printed business records, manuals, and, printouts classify as?

Direct evidence

Real evidence

Documentary evidence

Demonstrative evidence

NO.81 When an outgoing request is made on a port number greater than 1023, this type of firewall creates an ACL to allow the incoming reply on that port to pass:

packet filtering

CIrcuit level proxy

Dynamic packet filtering

Application level proxy

NO.82 What is the most effective form of media sanitization to ensure residual data cannot be retrieved?

Clearing

Destroying

Purging

Disposal

NO.83 When conducting a forensic criminal investigation on a computer had drive, what should be dene PRIOR to analysis?

Create a backup copy of all the important files on the drive.

Power off the computer and wait for assistance.

Create a forensic image of the hard drive.

Install forensic analysis software.

NO.84 Which of the following can best eliminate dial-up access through a Remote Access Server as a hacking vector?

Using TACACS+ server

Installing the Remote Access Server outside the firewall and forcing legitimate users to authenticate to the firewall.

Setting modem ring count to at least 5

Only attaching modems to non-networked hosts.

NO.85 In Synchronous dynamic password tokens:

The token generates a new password value at fixed time intervals (this password could be based on the time of day encrypted with a secret key).

The token generates a new non-unique password value at fixed time intervals (this password could be based on the time of day encrypted with a secret key).

The unique password is not entered into a system or workstation along with an owner’s PIN.

The authentication entity in a system or workstation knows an owner’s secret key and PIN, and the entity verifies that the entered password is invalid and that it was entered during the invalid time window.

NO.86 Which choice below would NOT be a common element of a transaction
trail?

Why the transaction was processed

The date and time of the transaction

Who processed the transaction

At which terminal the transaction was processed

NO.87 A security professional has been requested by the Board of Directors and Chief Information Security Officer (CISO) to perform an internal and external penetration test. What is the BEST course of action?

Review data localization requirements and regulations.

Review corporate security policies and procedures,

With notice to the Configuring a Wireless Access Point (WAP) with the same Service Set Identifier external test.

With notice to the organization, perform an external penetration test first, then an internal test.