Written by the #1 name in IT security certification training, fully revised for the latest exam release, and featuring + practice questions plus 24 hours of audio. CISSP Practice Exams, Fourth Edition, 4th Edition. 4 reviews. by Shon Harris. Publisher: McGraw-Hill. Release Date: July ISBN: CISSP Practice Exams, Fourth Edition (4th ed.) by Shon Harris. Read online, or download in secure PDF or secure EPUB format.
|Language:||English, Spanish, Hindi|
|Distribution:||Free* [*Registration Required]|
Book CISSP All-in-One Exam Guide, Seventh Edition By Shon Harris, In addition to using this book, I also used SkillSoft, practice exams, Quizlet, and. People that have gone through the Shon Harris exams and went on to pass the real deal, is it comparable to the real test? I still have the I found an old CISSP s book in a book store. Someone sent me free PDF of it. CISSP Practice Exams by Shon Harris, , available at Book and drag & drop practice exam questions 30 hours of audio training PDF copy of.
The attacker must know the password encryption mechanism and key variable. Answer: C Explanation: The program encrypts the combination of characters and compares them to the encrypted entries in the password file. If a match is found, the program has uncovered a password. Security measures that protect message traffic independently on each communication path are called A. Link oriented B.
Pass-through oriented D. End-to-end oriented Answer: A Explanation: Link encryption encrypts all the data along a specific communication path like a satellite link, T3 line, or telephone circuit. Not only is the user information encrypted, but the header, trailers, addresses, and routing data hat are part of the packets are also encrypted.
This provides extra protection against packet sniffers and eavesdroppers. Which security program exists if a user accessing low-level data is able to draw conclusions about high-level information? Interference B. Inference C. Polyinstatiation D. To mitigate the impact of a software vendor going out of business, a company that uses vendor software should require which one of the following?
Detailed credit investigation prior to acquisition. Source code held in escrow. Standby contracts with other vendors. Substantial penalties for breech of contract. SLA and standby are good ideas but in this case B is right. Under a software escrow agreement, the developer provides copies of the application source code to an independent third-party organization.
The third party then maintains updated backup copies of the source code in a secure fashion. The agreement between the end user and the developer specifies "trigger events", such as the failure of the developer to meet terms of a service level agreement SLA or the liquidation of the developer's firm. Which one of the following instigates a SYN flood attack? Generating excessive broadcast packets. Creating a high number of half-open connections. The attacker floods the target system's small "in-process" queue with connection requests, but it does not respond when a target system replies to those requests.
This causes the target system to time out while waiting for the proper response, which makes the system crash or become unusable. This process repeats hundreds or even thousands of times, and the targeted computer eventually becomes overwhelmed and runs out of available resources for the half-opened connections.
At that time, it either crashes or simply ignores all inbound connection requests because it cant possibly handle any more half-open connections. What is the purpose of certification path validation?
Checks the legitimacy of the certificates in the certification path. Checks that all certificates in the certification path refer to same certification practice statement. Checks that no revoked certificates exist outside the certification path. Checks that the names in the certification path are the same. Revoked certificates are not checked outside the certification path.
A Transaction with Digital Certificates 1. Certificate Authority sends Certificate Transaction to Repository. Repository responds to Party Transacting with Subscriber the verification request. John needs to obtain a digital certificate for himself so that he can participate in a PKI, so he makes a request to the RA.
The RA requests certain identification from John, like a copy of his drivers licens, his phone number, address, and other identification information. The CA creates a certificate with Johns public key and identify information embedded. If it is created at the CA, his private key needs to be sent to him by secure means. In most cases the user generates this pair and sends in his public key during the registration process. Now John is registered and can participate in PKI.
John decides he wants to communicate with Diane, so he requests Dianes public key from a public directory. The directory, sometimes called a repository, sends Dianes public key, and John uses this to encrypt a session key that will be used to encrypt their messages. John sends the encrypted session key to Diane. Jon then sends his certificate, containing his public key, to Diane. When Diane receives Johns certificate, her browser looks to see if it trusts the CA that digitally signed this certificate.
Dianes browser trusts this CA, and she makes a reques to the CA to see if this certificate is still valid. The CA responds that the certificate is valid, so Diane decrypts the session key with her private key. Now they can both communicate using encryption. Which of the following is a means of restricting access to objects based on the identity of the subject to which they belong?
Mandatory access control B. Group access control C. Discretionary access control D.
User access control Answer: A "An identity-based access control is a type of discretionary access control based on an individual's identity. Each subject possesses attributes that define its clearance, or authority to access resources. Each object possesses attributes that define its classification. Different types of security methods classify resources in different ways.
For example, subject is granted access to object B if the security system can find a rule that allows a subject with subject As clearance to access an object with object Bs classification.
Why is the investigation of computer crime involving malicious damage especially challenging? Information stored in a computer is intangible evidence. Evidence may be destroyed in an attempt to restore the system. Isolating criminal activity in e detailed audit log is difficult.
Reports resulting from common user error often obscure the actual violation.
Answer: B The gathering, control, storage, and preservation of evidence are extremely critical in any legal investigation. Because evidence involved in a computer crime might be intangible and subject to easy modification without a trace, evidence must be carefully handled and controlled throughout its entire life cycle.
Which one of the following properties of a transaction processing system ensures that once a transaction completes successfully commits , the update service even if there is a system failure? Atomicity B. Consistency C.
Isolation D. Durability Answer: A Atomicity is correct. Consistency is not a viable answer. Atomicity states that database modifications must follow an "all or nothing" rule. Each transaction is said to be "atomic. It is critical that the database management system maintain the atomic nature of transactions in spite of any DBMS, operating system or hardware failure. Consistency states that only valid data will be written to the database.
If, for some reason, a transaction is executed that violates the database's consistency rules, the entire transaction will be rolled back and the database will be restored to a state consistent with those rules. On the other hand, if a transaction successfully executes, it will take the database from one state that is consistent with the rules to another state that is also consistent with the rules.
Isolation requires that multiple transactions occurring at the same time not impact each other's execution.
The database should either perform Joe's entire transaction before executing Mary's or viceversa. This prevents Joe's transaction from reading intermediate data produced as a side effect of part of Mary's transaction that will not eventually be committed to the database. Note that the isolation property does not ensure which transaction will execute first, merely that they will not interfere with each other.
Durability ensures that any transaction committed to the database will not be lost. Durability is ensured through the use of database backups and transaction logs that facilitate the restoration of committed transactions in spite of any subsequent software or hardware failures. Which one of the following control steps is usually NOT performed in data warehousing applications? Monitor summary tables for regular use. Control meta data from being used interactively.
Monitor the data purging plan. Reconcile data moved between the operations environment and data warehouse. Answer: A Explanation: Not: B It is important to control meta data from being used interactively by unauthorized users. Data warehouses and data mining are significant to security professionals for two reasons.
First, as previously mentioned, data warehouses contain large amounts of potentially sensitive information vulnerable to aggregation and inference attacks, and security practitioners must ensure that adequate access controls and other security measures are in place to safeguard this data.
The term data scrubbing refers to maintenance of the data warehouse by deleting information that is unreliable or no longer relevant.
Protect the system hardware from environment damage. Monitor the actions of vendor service personnel. Safeguard information assets that are resident in the system. Establish thresholds for violation detection and logging. Answer: C I think A or C could be the answers. I am leaning towards the C answer but use your best judgment.
A Cissp candidate will be expected to know the resources that must be protected, the privileges that must be restricted, the control mechanisms that are available, the potential for access abuse, the appropriate controls, and the principles of good practice. The auditing method that assesses the extent of the system testing, and identifies specific program logic that has not been tested is called A.
Decision process analysis B. Mapping C. Parallel simulation D. Test data method Answer: D Testing of software modules or unit testing should be addressed when the modules are being designed. Personnel separate from the programmers should conduct this testing. The test data is part of the specifications.
Live or actual field data is not recommended for use in the testing procedures because both data types might not cover out-ofrange situations and the correct outputs of the test are unknown.
Special test suites of data that exercise all paths of the software to the fullest extent possible and whose corrected resulting outputs are known beforehand should be used. Which one of the following describes Kerchoffs Assumption for cryptoanalytic attack? Key is secret; algorithm is known B. Key is known; algorithm is known C.
Key is secret; algorithm is secret D. Key is known; algorithm is secret Answer: A Explanation: Kerhkoff's laws were intended to formalize the real situation of ciphers in the field. Basically, the more we use any particular cipher system, the more likely it is that it will "escape" into enemy hands.
HTM Question: Which one of the following access control models associates every resource and every user of a resource with one of an ordered set of classes? Take-Grant model B. Biba model C.
Lattice model D. Clark-Wilson model Answer: C With a lattice model you first have to define a set of security classes that can be assigned to users or objects After you have defined set of security classes, you define a set flow operations showing when information can flow from one class to another - Roberta Bragg Cissp Certification Training Guide que pg 23 Question: The concept that all accesses must be meditated, protected from modification, and verifiable as correct is the concept of A.
Secure model B. Security locking C. Security kernel D. Secure state Answer: C A security kernel is defined as the hardware, firmware, and software elements of a trusted computing base that implements the reference monitor concept. A reference monitor is a system component that enforces access controls on an object. Therefore, the reference monitor concept is an abstract machine that mediates all access of subjects to objects.
Which one of the following could a company implement to help reduce PBX fraud? Call vectoring B. Teleconferencing bridges D. PBX's Private Branch Exchange are telephone switches used within state agencies to allow employees to make out-going and receive in- coming phone calls.
These PBX's can also provide connections for communications between personal computers and local and wide area networks. Security measures must be taken to avoid the possibility of theft of either phone service or information through the telephone systems.
A screening router can perform packet filtering based upon what data? Translated source destination addresses. Inverse address resolution. Source and destination port number. Source and destination addresses and application data. Answer: C The original answer was A translated source destination address.
I did not come across this term in my reading. Screening router A screening router is one of the simplest firewall strategies to implement. This is a popular design because most companies already have the hardware in place to implement it. A screening router is an excellent first line of defense in the creation of your firewall strategy. A controlled light fixture mounted on a 5-meter pole can illuminate an area 30 meter in diameter.
For security lighting purposes, what would be the proper distance between fixtures? The identity of a remote communicating entity and the authenticity of the source of the data that are received. The authenticity of a remote communicating entity and the path through which communications Are received. The location of a remote communicating entity and the path through which communications Are received.
The identity of a remote communicating entity and the level of security of the path through Which data are received.
Answer: A Explanation: OSI model needs to know the source of the data and that it is who it says it is. Path it the data take is not cared about unless source routing is used. The level of security is not cared about inherently by the receiving node in general unless configured. A is the best option in this question. When block chaining cryptography is used, what type of code is calculated and appended to the data to ensure authenticity? Message authentication code. Ciphertext authentication code C.
Cyclic redundancy check D. This is incorrect as cipthertext is the result not an authentication code. The computation is a function of the entire message and a secret key; it is practically impossible to find another message with the same authenticator.
The receiver checks the authenticity of the message by computing the MAC using the same secret key and then verifying that the computed value is the same as the one transmitted with the message. A MAC can be used to provide authenticity for unencrypted messages as well as for encrypted ones. I'm mentioning this because I think it's helpful to know what skill level someone has reading this material and going into the exam. I first downloadd the CBK and it was horrible.
It was such a chore reading through each chapter and I knew it was time to change up so I downloadd this book. I read the first two chapters and then I started reading the summaries and doing the chapter tests. I can say that this book did a way better job explaining the concepts you will see on the exam. I give it 4 stars because even though it went over exactly what I needed, it was still very boring at times. Mostly, the legal sections.
Overkill, I know but it all helped. This book coupled with a few other things will help you to be successful! By Nick W. Security Architecture and Design Chapter 4: Physical and Environmental Security Chapter 5: Telecommunications and Network Security Chapter 6: Cryptography Chapter 7: Business Continuity and Disaster Recovery Chapter 8: Legal, Regulations, Investigations, and Compliance Chapter 9: Software Development Security Chapter Security Operations Appendix A: Air Force's Information Warfare unit, an instructor, and a bestselling author.
She consulted with Fortune corporations and government agencies on extensive security issues. Rating details. Book ratings by Goodreads.
Goodreads is the world's largest site for readers with over 50 million reviews. We're featuring millions of their reader ratings on our book pages to help you find your new favourite book.