CISSP

Question 1

ISC2 Code of Ethics: Preamble

Answer 1

The safety and welfare of society and the common good, duty to our principals, and duty to each other requires that we adhere, and be seen to adhere, to the highest ethical standards of behavior.

Therefore, strict adherence to this Code is a condition of certification.

Question 2

ISC2 Code of Ethics: Canons

Answer 2

1) Protect society, the common good, necessary public trust and confidence, and the infrastructure.

2) Act honorably, honestly, justly, responsibly, and legally.

3) Provide diligent and competent service to principals.

4) Advance and protect the profession.

Question 3

OSI Layers

Answer 3

7 Application
6 Presentation
5 Sessions
4 Transport
3 Network
2 Data Link
1 Physical

Question 4

OSI: Application

Answer 4

Network Process to Application
Application Firewall
HTTP/S
DNS
SSH
SNMP
FTP

Question 5

OSI: Presentation

Answer 5

Data representation and encryption.
XML
JPEG
ANSI

Question 6

OSI: Session

Answer 6

Interhost communication and session management

Question 7

OSI: Transport

Answer 7

End-to-end connection with error correction and detection
TCP/UDP
iSCSI (SAN

Uses segments.

Question 8

OSI: Network

Answer 8

Local addressing, routing and delivery of packets.
Routers
Packet Filtering Firewalls
IP Addresses
ICMP
NAT

Uses Bits.

Question 9

OSI: Data Link

Answer 9

Physical addressing and reliable point-to-point connection.
Switches
Bridges
MAC Addresses
Point-to-Point Protocol (PPP)
Point-to-Point Protocol over Ethernet (PPPoE)
ARP

Uses Frames.

Question 10

OSI: Physical

Answer 10

Media, Signal and Binary Transmission

Uses Bits.

Question 11

TCP/IP Model

Answer 11

Application
Transport
Internet
Link

Question 12

Incident Response

Answer 12

Preparation
Detection
Response
Mitigation
Reporting
Recovery
Remediation
Lessons Learned

Question 13

Cyber Kill Chain: Recon

Answer 13

Identify vulnerabilities

Question 14

Cyber Kill Chain

Answer 14

Recon
Weaponization
Delivery
Exploit
Installation
Command & Control (C&C)
Actions

Question 15

Cyber Kill Chain: Weaponization

Answer 15

Create Malware

Question 16

Cyber Kill Chain: Delivery

Answer 16

Transmits weapon

Question 17

Cyber Kill Chain: Exploit

Answer 17

Exploit vulnerability

Question 18

Cyber Kill Chain: Installation

Answer 18

Installs persistent access point

Question 19

Cyber Kill Chain: C&C

Answer 19

Persistent access

Question 20

Cyber Kill Chain: Actions

Answer 20

Achieve goal, exfiltrate data, ransomware, etc.

Question 21

IR: Preparation

Answer 21

Developing IR process, team members, etc.

Question 22

IR: Detection

Answer 22

Triage
Identify an adverse event - an incident - and begin dealing with it.

Question 23

IR: Response

Answer 23

Triage
IR Team is activated and begin impact assessment.

Question 24

IR: Mitigation (Containment)

Answer 24

Action/Investigation
Minimize damage or impact from the incident.

Question 25

IR: Reporting

Answer 25

Action/Investigation Happens throughout incident response.

Question 26

IR: Recovery

Answer 26

Recovery Return to normal Getting back to business as usual.

Question 27

Remediation

Answer 27

Recovery Prevention methods such as implementing fixes and improvements to systems, processes to prevent similar incidents.

Question 28

IR: Lessons Learned

Answer 28

Recovery Improve processes and try to prevent future incidents.

Question 29

Layer / Lattice-based Models

Answer 29

Bell-LaPadula Biba

Question 30

Bell-LaPadula

Answer 30

Confidentiality Simple security property, “no read up”. Star (*) property, “no write down”. Strong star property: read and write.

Question 31

Biba

Answer 31

Integrity Simple integrity property: “no read down” Star (*) integrity property: “no write up” Invocation property: can’t send information to someone that is rated at a higher layer.

Question 32

Rule-Based Models

Answer 32

Information Flow Clark-Wilson Brewer-Nash (Chinese Wall) Graham-Denning Harrison-Ruzzo-Ullman

Question 33

Information Flow Model

Answer 33

Help address unintentional covert channels.

Question 34

Clark-Wilson Model

Answer 34

Integrity Rules of Integrity Well-Formed Transactions: Good, consistent, validated data. Separation of Duties Access Triple: Subject | Program | Object

Question 35

Brewer-Nash (The Chinese Wall) Model

Answer 35

Preventing conflicts of interest.

Question 36

Graham-Denning

Answer 36

Integrity Specific rules for allowing subjects to access objects.

Question 36

ISO 27001

Answer 36

Provides best practice recommendations for a functional security department. Organizations can be certified against ISO 27001

Question 36

Harrison-Ruzzo-Ullman Model

Answer 36

Integrity Adds Generic Rights, rights applied to everyone universally.

Question 36

ISO 27002

Answer 36

Implementation guidance for ISO 27001

Question 37

ISO 27001 - Annex A

Answer 37

Where the domains and controls are listed.

Question 38

Symmetric Cryptography Advantages

Answer 38

Fast/Efficient Strong

Question 39

Symmetric Cryptography Disadvantages

Answer 39

Key Distribution Scalability No authenticity, integrity, or nonrepudiation

Question 40

Symmetric Cryptography

Answer 40

Same key has to be at both ends to decrypt and encrypt.

Question 41

Asymmetric Cryptography

Answer 41

Different keys that decrypt and encrypt at both ends.

Question 42

DES

Answer 42

Weak Symmetric key: 56 Block 64

Question 43

IDEA

Answer 43

Strong Key: 128 Block: 64

Question 44

3DES

Answer 44

Strong Key: 168=112 Block: 64 Susceptible to meet in the middle attack.

Question 45

AES

Answer 45

Very Strong Key: 128, 192, 256 Block: 128

Question 46

Asymmetric Advantages

Answer 46

Solves key exchange problem Enables digital signatures and other services, like authenticity (proof of origin), confidentiality, and access control Solves scalability

Question 47

Asymmetric Disadvantages

Answer 47

Significantly slower Requires large key sizes

Question 48

RSA

Answer 48

Math: Factoring

Question 49

Ellipitic Curve (ECC)

Answer 49

Math: Discrete logarithm ECC uses shorter keys than RSA for same level of security.

Question 50

Diffie-Hellman

Answer 50

Math: Discrete Logs Only used for Key Exchange.

Question 51

ElGamal

Answer 51

Asymmetric key encryption algorithm for public-key cryptography which is based on Diffie-Hellman key exchange.

Question 52

DSA (Digital Signature Algorithm)

Answer 52

Uses a different algorithm for signing and encryption than RSA, yet provides the same level of security. Key generation has two phases.

Question 53

FTP

Answer 53

Port 20/21

Question 54

Secure Shell (SSH)

Answer 54

Port 22

Question 55

SMTP

Answer 55

Port 25 Port 587 is secure via TLS

Question 56

NTP (Time)

Answer 56

Port 37

Question 57

DNS

Answer 57

Port 53

Question 58

TFTP

Answer 58

Port 69

Question 59

HTTP

Answer 59

Port 80

Question 60

SNMP

Answer 60

Port 161

Question 61

SNMP Trap

Answer 61

Port 162

Question 62

Border Gateway Protocol (BGP)

Answer 62

Port 179