The following questions are examples of questions from the CISSP exam. These
questions are similar to the type of questions that a person could expect to see on the
test and should not be misinterpreted as being questions FROM the test. I’ve broken
them down into the Domains.
ACCESS CONTROL
1. Access control is implemented by several categories and types. The three types
are administrative, technical, and:
a. Preventive
b. Deterrent
c. Physical
d. Discretionary
2. Which one of the following provides access control assurance?
a. Incident response handling
b. Penetration testing
c. The reference monitor
d. Vulnerability mapping/scanning
3. The two parts of integrity are the system and the:
a. Data
b. Process
c. User
d. Transaction
4. Separation of duties forces collusion to commit fraud. Collusion can BEST be
broken up by which one of the following?
a. Supervision
b. Need to know
c. Rotation of duties
d. Awareness training
5. The main benefit of an information classification program is:
a. To meet military security requirements
b. To give data the appropriate level of protection
c. To save the company money
d. To meet regulatory requirements
6. How does centralized identity and access management (IAM) support
compliance with regulations?
a. It improves security governance by taking scattered identity data and
centralizing it, so it can be more easily reviewed for appropriateness
b. It reduces the time spent on manually managing accounts
c. It is required by Sarbanes-Oxley (SOX), section 404, which lists specific
internal controls including IAM
d. It prevents unauthorized access to company resources using a
centralized control application
7. What is an authoritative system of records ((ASOR)?
a. A hierarchical end system that contains users, accounts, and
authorizations for that system
b. An active directory (AD), where all users are created and managed
c. A hierarchical parent system that tracks users, accounts, and
authorization chains
d. A lightweight directory access protocol (LDAP) directory, where all users
are created and managed
8. What is an advantage of legacy single sign-on (SSO)?
a. It provides a single system where all authentication information is stored
b. It allows integration of old, non-interoperable systems into the SSO
process
c. It provides a single technology allowing all systems to authenticate the
users once using the same technology
d. It allows users to authenticate once – no matter how many different
systems they wish to access
9. Which one of the following measures is used to control the emanations from
electronic equipment?
a. Kerberos
b. Remote Authentication Dial-In User Server/Service (RADIUS)
c. Internet Protocol Security (IPSec)
d. TEMPEST
10. Which one of the following is an alternative authentication system used in single
sign-on?
a. Secure European System for Applications in a Multivendor Environment
(SESAME)
b. DIAMETER
c. TEMPEST
d. SOCKS
Business Continuity and Disaster Recovery Planning
1. Which of the following contains references to expected business continuity
planning (BCP) practices that organizations must implement?
a. ISO 17799:2008, section 1
b. ISO 27005:2008, section 8
c. ISO 27002:2005, section 10
d. ISO 27001:2005, annex A
2. What process identifies the business continuity requirements for the
organization’s assets?
a. Risk analysis
b. Business impact analysis
c. Threat analysis
d. Asset classification
3. A contingency plan should be written by
a. Address all possible risk scenarios
b. Address all likely risk scenarios
c. Remediate all vulnerabilities
d. Recover all operations
4. Which of the following components make up enterprise-wide business continuity
management?
a. Business continuity planning (BCP), disaster recovery planning (DRP),
and incident management
b. Business resiliency planning (BRP), disaster preparedness and
reconstitution planning (DPRP), and incident management
c. Business impact analysis (BIA), contingency planning, and incident
management
d. Capacity planning, risk analysis, inventory management, and business
continuity planning (BCP)
5. BS 25999 is based on which well-established continuous improvement model?
a. Six-sigma
b. Plan-do-check-act (PDCA)
c. Total quality management (TQM)
d. SEI capability and maturity model integration (CMMI)
6. What is the main goal of business continuity?
a. To ensure the confidentiality, integrity, and availability of business assets
b. To ensure the business is able to continue operations throughout different
incidents
c. To ensure the business maintains sensitive assets at their required
protection level
d. To ensure the business is able to continue operations throughout different
disasters
7. What are the five (5) steps that should be followed when developing a business
continuity plan?
a. Conduct a business impact analysis, assess the risks, develop a strategy,
develop a plan, and rehearse the plan
b. Conduct a business impact analysis, assess the risks, develop a strategy,
develop a plan, and establish training requirements
c. Analyze the business, assess the risks, develop a strategy, develop a
plan, and rehearse the plan
d. Analyze the business, assess the risks, develop a strategy, develop a
plan, and establish training requirements
8. Of the choices below, which best describes the reasons for business continuity
management (BCM) project failure?
a. Timeliness not being adhered to and unwise use of resources
b. Timeliness not being adhered to and incorrect staff assignment to assist in
the project
c. Lack of program management and unwise use of resources
d. Lack of program management and incorrect staff assigned to assist in the
project
9. Which of the following is not typically a part of business continuity management
documentation?
a. Business impact analysis
b. Risk and threat assessment
c. Response plans
d. Certification and accreditation plan (CAP)
10. An agreement between two or more organizations in which the organizations
agree to recover critical operations for each other is known as which type of
processing agreement?
a. Service bureau
b. Reciprocal or mutual aid
c. Contingency
d. Remote working arrangement
CRYPTOGRAPHY
1. In which type of cryptoanalytic attack is a cryptosystem’s work factor MOST
relevant?
a. Differential cryptanalysis
b. Chosen plaintext attacks
c. Linear-differential cryptanalysis
d. Brute force attacks
2. RC4 and RC5
a. Are related symmetric key cryptographic algorithms, although RC5 was
designed to accommodate larger key sizes
b. Both employ repeated substitution and permutation transformations on
each plaintext block
c. Are unrelated symmetric key cryptographic algorithms, although they were
created by the same individual
d. Address the need for message integrity controls that resist intentional
changes
3. Which of the following is the most common attack against message digests used
to determine the original plaintext?
a. Ciphertext only attack
b. Dictionary attack
c. Known plaintext attack
d. Linear cryptanalysis attack
4. Wired Equivalent Privacy (WEP) and WIFI-Protected Access (WPA) use which of
the following ciphers?
a. Rivest Cipher 4 (RC4)
b. Rivest-Shamir-Adleman (RSA)
c. Triple Data Encryption Standard (3DES)
d. Advanced Encryption Standard (AES)
5. The process of hiding information in photos, music, and videos in such a way as
to make the alteration invisible to casual observers is called
a. Steganography
b. Optimal Asymmetric Encryption Padding (OAEP)
c. A null cipher
d. expansion
6. Which of the following is typically used to help two parties agree on a session key
without exchanging secret information?
a. Initialization vectors (IVs)
b. Exclusive –or (XOR) operations
c. Rivest-Shamir-Adleman (RSA)
d. Diffie-Hellman
7. Keyed hashes and digital signatures differ in what way?
a. Keyed hashes employ symmetric keys alone while digital signatures
employ symmetric keys and has functions
b. Keyed hashes combine a hash function with a shared symmetric key while
digital signatures combine a hash function with an asymmetric key
c. Keyed hashes provide for message integrity while digital signatures
provide for message confidentiality
d. Keyed hashes are intended to detect accidental changes while digital
signatures are intended to detect intentional changes
8. What is the most significant advantage that the Advanced Encryption Standard
(AES) offers over the Data Encryption Standard (DES)?
a. Larger key space due to larger key sizes
b. More efficient operation when used in general-purpose computing devices
c. Smaller key sizes with greater strength per bit than DES
d. More block-cipher modes are supported
9. For what application would Electronic Code Book (ECB) mode be MOST
acceptable?
a. Encryption of Wi-Fi communications
b. Applications where high security is required
c. Encrypting small executable files
d. Encrypting large graphic image files
10. What is the BEST way to verify that a digital signature is valid?
a. Verify the digital signature through a manual comparison of the hash value
b. Obtain the public key from the partner and verify the digital signature
c. Obtain a public key certificate from a trusted certification authority and
verify the digital signature using that key
d. Use a hash algorithm to determine if the message has been altered
INFORMATION SECURITY, GOVERNANCE, AND RISK MANAGEMENT
1. Which of the following is a standard rather than a policy?
a. Data classification
b. Access control
c. Privacy
d. Ethernet
2. Which of the following would include information security best practices
a. ISO 25999
b. “Taking candy from a baby”
c. ISO 27002
d. Understanding that ethics are situational
3. Which of the following is correct?
a. ALE = ARO x EF
b. ARO = EF x SLE
c. ALE = SLE x ARO
d. SRO = ALE x SLE
4. IT systems are normally operated by
a. Auditors
b. Sutodians
c. CISSPs
d. Management
5. From a security perspective, mandatory vacations
a. Make it easier to detect fraud
b. Keep employees fresh
c. Make it easier to find out who can be replaced
d. Comply with the least privilege principle
6. Security awareness
a. Is the same as professional education
b. Includes background checks and verifying education
c. Makes it easy to find out who is a security risk
d. Begins the first day of employment
7. Which one of the following is a primary step in qualitative risk analysis?
a. Develop scenarios
b. Conduct a threat analysis
c. Determine annual loss expectancy
d. Estimate potential losses
8. Guidelines are
a. Recommendations
b. The same as standards
c. Mandatory
d. Part of high-level policy statements
9. It is possible to
a. Totally eliminate risk
b. Do a totally qualitative risk assessment
c. Do a totally quantitative risk assessment
d. Have ARO equal a negative number when doing a qualitative risk
assessment
10. When establishing the value of information, the least important factor is what?
a. Trade secrets
b. Operational impact
c. Value of the information to others
d. Quantity of information
11. Which of the following is the FIRST (ISC)² canon?
a. Advance and protect the profession
b. Protect society, the commonwealth, and the infrastructure
c. Provide competent service to principals
d. Act honorably, honestly, justly, responsibly, and legally
LEGAL, REGULATIONS, INVESTIGATIONS, AND COMPLIANCE
1. Chain of custody is a legal term that deals with evidence
a. Investigation and follows evidence through its life cycle
b. Handling and follows evidence through its life cycle
c. Identification and analysis and follows evidence through its life cycle
d. Protection from contamination and follows evidence through its life cycle
2. What does the Wassenaar Arrangement cover?
a. It specifies all controlled dual-use goods, including encryption products
and products that use encryption utilities, and how those can be used and
exported
b. It specifies all controlled goods, like encryption products and products that
use encryption utilities, and how those can be developed
c. It specifies all dual-use goods, including encryption products and products
that use encryption utilities, and how those can be used and exported
d. It specifies how controlled dual-use goods, including encryption products
and products that use encryption utilities, should be developed and
maintained
3. What is the role of the auditor?
a. The auditor checks the effectiveness of the controls implemented by the
organization in terms of design and implementation and makes changes,
as necessary
b. The auditor ensures that the controls comply with COBIT (Control
Objectives for IT)
c. The auditor checks that controls comply with ISO (International Standards
Organization) 27001:2005, Annex A (Controls Section)
d. The auditor compares the stated policy with the actual controls in place
4. Which of the following BEST describes what compliance should be, in
accordance with
a. The law, organizational rules, and industry standards
b. Guidelines, specifications, and legislation
c. Standards, regulations, and guidelines
d. The relevant International Standards Organization (ISO) standards
5. The person with the greatest single responsibility for compliance, who sets out
the classification levels and access controls for each piece of sensitive
information is the
a. Local manager
b. Auditor
c. Information owner
d. Individual
6. A auditing method used to automatically perform control of risk assessments on
a more frequent basis is known as
a. Certification
b. Continuous monitoring
c. Accreditation
d. Periodic review
7. What are the three (3) categories of computer forensics?
a. Investigation of media, network traffic, and software
b. Investigation of data, processes, and computer systems
c. Investigation of data, systems and people
d. Investigation of crime scene, evidence, and suspects
8. What does it mean “work by order of volatility” when investigating evidence?
a. Some computer evidence is volatile. It can disappear or be affected more
easily than physical evidence, therefore more volatile evidence should be
investigated before less volatile evidence
b. All computer evidence is volatile. It can disappear or be affected more
easily than physical evidence, therefore more volatile evidence should be
investigated before less volatile evidence
c. Evidence that can evaporate (spilled alcohol) must be investigated before
solid evidence is investigated
d. Volatile evidence includes evidence that is potentially harmful to the
organization, such as a negative effect on reputation, and should therefore
be handled before other evidence
9. Which of the following BEST describes the steps to be answered to prove chain
of custody?
a. Who, why, where, and how
b. Who, what how, and when
c. Who, what, when, where, and how
d. Who, what, when, which, and how
10. Why is it important to make two copies of investigated media?
a. To have a control copy in the event that the working copy is damaged
b. So there is a backup in case the original media is contaminated during the
investigation
c. So that the investigator can make a hash of the original media and
compare it to the copy he or she investigates
d. It is mandated by criminal forensic laws in most countries
OPERATIONS SECURITY
1. Due to a software bug and a reload of the firewall, the firewall has lost its
complete configuration. After that happened, all firewall ports are shut down.
This is commonly referred to as
a. Secure configuration
b. Fail secure
c. Fail open
d. Fail soft
2. The BEST way to control users with elevated system privileges is with
a. Clear job descriptions
b. Thorough hiring procedures
c. Constant supervision
d. Rotation of duty
3. Which RAID (Redundant Array of Independent Disks) configuration offers the
usable disk storage as the sum of all disk capacities?
a. RAID 0
b. RAID 1
c. RAID 3
d. RAID 6
4. Which RAID (Redundant Array of Independent Disks) configuration offers the
lowest cost redundancy?
a. RAID 0
b. RAID 1
c. RAID 5
d. RAID 6
5. The temperature in the data center has risen. It has been observed that the
primary and backup air conditioning units are malfunctioning. When contacted,
the vendor maintenance staff advises that it will take one (1) hour before anyone
can arrive. What step should be taken?
a. Power down the complete system and all of the peripheral devices
b. Do nothing until the vendor maintenance staff arrives
c. Power down only the peripheral devices
d. Follow your business continuity plan’s procedures
6. Security administrator responsibilities include reviewing audit log data, setting
access permissions, conducting vulnerability assessments, and
a. Setting file-sensitivity labels
b. Reassigning ports/lines
c. Mounting I/O volumes
d. Configuration management
7. Media management practices include media marking, labeling, handling, storing,
a. Recovery, and destroying
b. Declassifying, and recovery
c. Declassifying, and destroying
d. Reviewing, and backup
8. Which of the following backup types is the replication of data on spate disks in
real time?
a. File image
b. System image
c. Data mirroring
d. Database shadowing
9. Storage area network (SAN) is BEST defined as
a. Disk drives connected to a separate optical network for the use of servers
b. Disk drives connected to a separate optical network for the use of clients
c. Disk drives connected to the same network as all clients and servers for
the use of servers
d. Disk drives connected to the same network as all clients and servers for
the use of all
10. Network administrator responsibilities include
a. Performing backups of data
b. Applying operating system updates and configuration changes
c. Resetting of time/date and network/operating system passwords
d. Configuring traffic priority controls on devices
PHYSICAL SECURITY
1. The six (6) goals of physical security are
a. Protect, delay, detect, assess, respond, and recover
b. Deter, delay, detect, assess, respond, and recover
c. Protect, delay, detect, assess, respond, and react
d. Deter, delay, detect, assess, respond, and react
2. The union representing many of the employees who work for your coal supplier
goes on strike. This type of threat is best categorized as
a. Natural/environmental
b. Utilities
c. Circumstantial
d. Human-made/political events
3. Five (5) examples of successful countermeasures for theft include
a. Strong access controls, intrusion detection systems, locked doors, key
control, and bag checks
b. Strong access controls, anti-phishing software, locked doors, key control,
and bag checks
c. Identification and authentication, intrusion detection systems, locked
doors, key control, and bag check
d. Identification and authentication, anti-phishing software, locked doors, key
control, and bag check
4. Environmental controls are grouped into three (3) distinct categories:
a. Layered, administrative/managerial, and technical
b. Physical, layered and technical
c. Physical, administrative/managerial, and layered
d. Physical, administrative/managerial, and technical
5. An approach to physical security that delves into the relationship between
incidents and frequency of crime, and the environment the crime was committed
in, is known as
a. Defensible space – crime prevention through urban design (CPTUD)
b. The layered approach
c. Crime prevention through environmental design (CPTED)
d. Creating defensible space through superior design and analysis
(CDSTSDA)
6. You have been directed to assist with determining the minimum height of a fence
which will encircle the building that houses your company’s data center. The
desired is to deter trespassers and to delay determined intruders. What is the
minimum recommended height of the fence?
a. 1.0 meters/ ~3.0 feet
b. 2.0 meters/ ~6.0 feet
c. 2.5 meters/ ~8.0 feet
d. 3.0 meters/ ~10 feet
7. Which type of intrusion detection system (IDS) is BEST described as an active
beam of light that triggers an alarm when the beam is broken?
a. Electrical circuits
b. Motion sensor
c. Ultrasonic
d. Photoelectric
8. Closed circuit television (CCTV) systems must meet which of the following
requirements?
a. Mixing capabilities, recognition, and identification
b. Detection, recognition, and identification
c. Detection, recognition, and mixing capabilities
d. Detection, identification, and mixing capabilities
9. Which of the following statement BEST describes the relationships between
guards and a cost benefit analysis?
a. Guards are inexpensive and provide a unique capability by providing
reasoned, discriminating, and measured responses to changing situations
b. Guards are inexpensive and do not provide a unique capability by
providing reasoned, discriminating, and measured responses to changing
situations
c. Guards are expensive and do not provide a unique capability by providing
reasoned, discriminating, and measured responses to changing situations
d. Guards are expensive and provide a unique capability by providing
reasoned, discriminating, and measured responses to changing situations.
10. Doors play a critical role in a physical security program. Best business practice
guidelines for doors include solid core open
a. Inward if permitted by law, minimum of three (3) hinges, and the same fire
resistance rating as the adjoining walls
b. Outward if permitted by law, minimum of three (3) hinges, and the same
fire resistance rating as the adjoining walls
c. Inward if permitted by law, minimum of three (3) hinges, and a 25 percent
greater fire resistance rating as the adjoining walls
d. Outward if permitted by law, minimum of three (3) hinges, and a 25
percent greater fire resistance rating as the adjoining walls
SECURITY ARCHITECTURE AND DESIGN
1. What type of central processing unit (CPU) functionality allow simultaneous
execution of two or more programs by one or more processors?
a. Multithreading
b. Multiprocessor
c. Multiprocessing
d. Multitasking
2. What computer component organizes memory, logging, and error detection?
a. Central processing unit (CPU)
b. Registers
c. Input devices
d. Output devices
3. What central processing unit (CPU) operational mode processes data for an
application and allows less access to some resources?
a. Supervisor state
b. Limited state
c. Problem state
d. Semi-privileged state
4. What type of system architecture supports standardized interfaces and protocols,
rather than proprietary and customized applications?
a. Embedded
b. Open
c. Closed
d. Single level
5. What network architectural structure is more secure, removes client functions,
and primarily supports processing and storage at a centralized location?
a. Clusters
b. Diskless computing
c. Thin client
d. Distributed
6. Which of the following software is best described as being distributed, providing
translation or communications, and expanding applications and services?
a. Middleware
b. Firmware
c. Operating system
d. Cloud computing
7. Which of the following is the combination of all hardware, firmware, and software
responsible for enforcing the security policy and serves as a protection
mechanism within a computer system?
a. Reference monitor
b. Security kernel
c. Computer operating system
d. Trusted computer base
8. Which of the following security models addresses preventing unauthorized users
from making modifications, preventing authorized users from making improper
modifications, and maintaining internal and external consistency?
a. Bell-LaPadula
b. Biba
c. Clark-Wilson
d. Brewer and Nash
9. What Lattice model is characterized by Read “Down” and No Write “Down”
a. Access control matrix
b. Clark-Wilson
c. Bell-LaPadula
d. Biba
10. Which of the following security models PRIMARILY protects confidentiality?
a. Brewer and Nash
b. Clark-Wilson
c. Graham-Denning
d. Karger and Gong
APPLICATION DEVELOPMENT SECURITY
1. Which software development method focuses on preventing defects by
emphasizing writing the code correctly the first time?
a. The spiral model
b. The waterfall model
c. The clean-room model
d. The prototyping model
2. What does “separation of duties” mean in software development guidelines for
transaction processing?
a. There should be two different people writing each transaction to ensure it
is secure
b. Sensitive transactions must be designed to require a minimum of dual
control or the approval of another party
c. Sensitive transactions must be designed so that an internal or external
person cannot change data
d. The software developer cannot be the same person as the one approving
the software for release to production
3. How can a buffer overflow vulnerability be prevented?
a. By using blacklists that contain all characters that can be potentially
harmful and not allowing those into the function
b. By installing patches to fix buffer overflow vulnerabilities
c. By programming with C++ instead of C because C++ is not vulnerable to
buffer overflows like C
d. By using strongly typed programming languages, implementing bounds
and input checking, and using save functions
4. An effective control against structured query language (SQL) injection attacks is
a. To implement anti-virus software
b. To validate user input
c. To encrypt communications using transport layer security (TLS)
d. To deploy an intrusion prevention system
5. What program utility translates a high-level (source) language into machine
language?
a. Compiler
b. Interpreter
c. Assembler
d. driver
6. Which of the following statements is true?
a. Common object request broker architecture (CORBA) provides the
definition of the extensible markup language (XML)-based information that
can be used for exchanging structured and typed information between
peers in a decentralized, distributed environment
b. Distributed component object model (DCOM) in a Microsoft-only protocol
and runs over remote procedure call (RPC)
c. Simple object access protocol (SOAP) requires ActiveX to run as the
underlying framework
d. RPC provides comprehensive security capabilities protecting DCOM
Implementation over it from attacks and misuse
7. Why is it important to build security into the application as opposed to just adding
it later?
a. It is not – both approaches are equally appropriate
b. It conforms to the concept of “secure by obscurity” which provides security
by obscuring it within the application itself
c. Building security into the application provides more layers of security and
can be harder to circumvent
d. Building security into the application can reduce development time,
allowing the application to be released to production sooner
8. What is a common issue to consider regarding cryptographic protection of data?
a. Using cryptographic data protection controls needs to only include
appropriate key creation, storage, and management
b. It requires getting licenses for the cryptographic algorithms
c. Using cryptographic data protection controls requires expensive hardware
security modules (HSM) to store the keys securely
d. Smart cards are required to store the keys securely
9. What is the goal of software configuration management (SCM) as it applies to
application security?
a. SCM controls software by managing the versions of all components and
the relations between them
b. SCM ensures that software configuration is up-to-date, accurate, and that
only authorized software versions are used
c. SCM is part of configuration management, in general, and it integrates
with and relies on change management
d. SCM aims to prevent unauthorized individuals from accessing and making
unauthorized modifications and potentially malicious changes to code
10. How can a statement of work (SOW) protect against software development
project risks?
a. A SOW includes a risk analysis which helps identify the potential risk
elements the project may be exposed to
b. A SOW includes a qualitative risk analysis which helps identify the
potential risk elements the project may be exposed to
c. A SOW lists agree-upon objectives and deliverables, which could prevent
scope creep
d. A SOW defines the business terms od the project engagement, including
fees, staff, and legal terms of the engagement
TELECOMMUNICATIONS AND NETWORK SECURITY
1. Cloud computing involves access software and data across the internet on
servers managed by a third-party supplier. Cloud computing arrangements
increases availability, offer greater scalability, and
a. Increase confidentiality
b. Increase the opportunity for attack
c. Increase integrity
d. Eliminate the need for data encryption
2. Which of the following is the correct sequence of the open systems interconnect
(OSI) model layers, starting with the layer closest to the end user?
a. Application, session, network, and physical
b. Application, network, session, and physical
c. Presentation, network, transport and physical
d. Transport, presentation, network and physical
Questions 3 – 7 refer to the following information:
Every Monday, the London branch of a manufacturing company sends its weekly sales
figures for the prior week to corporate headquarters in Seattle. It is imperative to use
the most secure method of data transmission.
3. You are in charge of deciding what technology to use for this data transfer. The
BEST alternative is
a. X.25 protocol
b. A permanent virtual circuit (PVC)
c. A virtual private network (VPN)
d. An optical carrier-class (OC-class) carrier
4. Your boss is confused about the merits of RIP (routing information protocol) and
OSPF (open shortest path first). You explain that
a. RIP is preferable because variable length subnet masks (VLSMs) are
supported in all versions
b. OSPF is preferable because it is more flexible and inherently more secure
c. RIP is preferable because OSPF is only used in smaller networks
d. RIP is preferable because it is more flexible and inherently more secure
5. London is one of a number of small branch offices, and there is no local
authentication server. The employees must, therefore, authenticate to a domain
controller at the corporate office. The best method of authentication involves
a. A dial-up virtual private network (VPN)
b. Establishing a private virtual circuit (PVC) to forward the request
c. A Windows server running routing and remote access (RRAS) configured
as a remote authentication dial in user service (RADIUS) client
d. Synchronous optical network (SONET)
6. You advise the use of Layer 2 Tunneling Protocol (L2TP) virtual private networks
(VPN) for people working outside of the branch offices or headquarters because
a. A L2TP VPN is automatically encrypted. This removes the responsibility
of remembering to encrypt from the shoulders of employees and enables
them to focus on their jobs
b. Data entering the enterprise is encrypted and will pose no internal danger
c. You can chose to use Encapsulating Security Payload (ESP) with internet
protocol security (IPSec) when you set up the VPN to make the remote
communication more secure
d. Full-disk encryption makes the use of VPNs unnecessary
7. The head office has decided to use Kerberos for network authentication. The
company has a number of remote offices scattered across the country. What
problems might this present?
a. Kerberos is time sensitive in its default configuration
b. Kerberos logons are sent in plaintext
c. If the central key distribution center (KDC) fails, then all logons will fail
d. The key distribution center (KDC) retrieves passwords from the security
accounts manager (SAM)
8. Which of the following is a network configuration protocol for hosts on internet
protocol (IP) networks and provides other configuration information, particularly
the IP addresses of local caching DNS resolvers, network boot servers, and
other service hosts?
a. DHCP (Dynamic Host Configuration Protocol)
b. NIS (Network Information Service)
c. DNS (Domain Name Service)
d. LDAP (Lightweight Directory Access Protocol)
9. Which statement is TRUE concerning internet protocol (IP)V4 and IPV6 security?
a. IPV6 is less security than IPV4. IPV6 allows every node to have its own
IP address. IPV4 allows shielding private addresses behind public
addresses
b. IPV6 is less security than IPV4. Although there is still a centralizing body,
it is now international and terrorist organizations may now get IP
addresses
c. IPV6 is more security than IPV4. IPV6 mandates the use of internet
protocol security (IPSec)
d. IPV6 is more secure than IPV4. Only enterprises that have been
governmentally approved may use it
10. You are a CISSP working for a small corporation with responsibility for providing
security advice to the internet technology (IP) department. Your primary concern
for training all employees in the company on security awareness is defending
against
a. Denial of service
b. Malware
c. Social engineering
d. Botnets