Brainscape's Knowledge GenomeTM


Top Flashcards (Certified)
All Flashcards

AWS Cloud > CISSP > Flashcards

CISSP Flashcards

(74 cards)

Start Studying
1
Q

What is the triad of principles that make-up Security

A

CIA

Cofidentiality
Integrity
Availability

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What is Availability?

A

Ensures reliability and timely acces to data and resources to authorize individuals.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What is Integrity?

A

The assurance of the accuracy and reliability of information and systems. The provention of any unauthorized modifictions.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What is Confidentiality?

A

The necessary level of secrecy is enforced at eah junction of the data processing and prevention of unauthorized disclosure.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What is Balanced Security?

A

Keep the triad (CIA) balanced

see pg 5-6 for list

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What are the goals of security?

A

Availibility
Integrity
Confidentiality

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What are the terminologies used in the security industry?

A

Vulnerability
Threat
Risk
Control

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Why are controls put into place?

A

To reduce the Risk to the organization

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What are Technical Controls?

A

Logical controls, are software or hardware components such as firewalls, IDS, encryption, and identification and authentication mechanisims.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What is defense-in-depth?

A

is the coordinated use of multiple security controls in a layered approach.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Whats the sequence of Threats?

A

Threat Agent
Threat
Vulnerability
Risk
Asset
Exposure
Safeguard

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What does IDS stand for?

A

Intrusion Detection System

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What is the rule of thumb when it comes to sensitive assets?

A

The more sensitive the asset, the more layers of security should be in place.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

What are the different functionalities of security controls?

A

Preventive
Detective
Corrective
Deterrent
Recovery
Cmpensating

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

What is the Preventive function of security?

A

Intended to avoid an incident from occuring

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

What is Detective function of security?

A

Helps identify an incident’s activities and potentially an intruder

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

What is Corrective funtion of security?

A

Fixes components or systems after an incident has occured

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

What is Deterrent function of security?

A

Intended to discourage a potential attacker

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

What is Recovery function of security?

A

Intended to bring the environment back to regular operations

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

What is Compensating function of security?

A

Controls that provide an alternative measure of control

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

45

True or False, prentative and detective controls should be implemented together.

A

True
You should prevent first and what you can’t prevent, you should detect. Each should complement eachother

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

What are the Preventive Control types?

A

Preventive Administrative
Preventive Physical
Preventive Technical

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

What type of computer memory improves system performance by acting as a special storage area for information that is retrieved often?

A) RAM
B) Virtual
C) Cache
D) Primaty

A

C) Cache

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

Which of the following is the most common security issue for most companies?

A) IP spoofing
B) Dumpster diving
C) Excessive privileges
D) Denial of service

A

C) Excessive privileges

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
Which best describes the simple security rule? A) No write down in the Bell-LaPadula model B) No read down in the Biba model C) No read up in the Bell-LaPadula model D) No write up in the Biba model
C) No read up in the Bell-LaPadula model | Chap 03: Security Engineering ## Footnote The simple security rule is implemented to ensure atat any subject at a lower security ;eve; cammpt voew data tjat resode at a higher level. The readson this type of rule is put into place isto protect the confidentiality of the data that reside at the higer level. This rule is used in the Bell-LaPadula mode. Remember that if you see "simple" in a rul, it pertains to reading, * or "star" pertains to writing.
26
What is meant by confidentiality when used in the AIC Triad? A) Preventing unauthorized modification B) Ensuring the ability to recover from disruptions in a secure and quick manner C) Ensuring the necessary level of secrecy is enforced at each junction of data processing and preventing unauthorized disclosure D) Keeping information regarding a network breach secret
C) Ensuring the necessary level of secrecy is enforced at each junction of data processing and preventing unauthorized disclosure
27
Proper lighting is critical areas is important to deterring potential intruders and protecting employees and customers. Lighting is an example of what type of control? A) Environmental B) Access C) Physical D) Technical
C) Physical | Chap 03: Security Engineering ## Footnote Just as perimeter fences, intrusion detection systems, and guard dogs are important to protecting a facility from intruders - lighting plays an important role in physical security as well. Search lights, flood lights, street lights, and spot lights are all types of lighting that a company may choose to install.
28
Which of the following access control types is considered a "soft" measure for protecting an organization as a whole? A) Preventive-Administrative B) Preventive-Physical C) Predictive D) Corrective
A) Preventive-Administrative | Chap 05: Identity and Access Management ## Footnote Organizations use a variety of techniques to protect themselves, such as employee background checks, drug screens, security training, polices, procedures, standards, and hiring and firing policies. These types of actions fall under the preventive-administative category, which is often refferred to as "soft" access controls.
29
Which of the following is monitored after a risk response has been implemented? A) Asset value B) The cost of maintaining controls C) Incidences resulting from low threats D) The continuing effectiveness of controls to protect assets
D) The continuing effectiveness of controls to protect assets
30
Which of the following is a Canadian law that deals with the protection of personal information? A) Canadian Personal Information Protection and Electronic Act B) Personal Information Protection and Electronic Act C) Personal Information Protection and Electronic Documents Act D) Canadian Personal Information Protection and Electronit Documents Act
C) Personal Information Protection and Electronic Documents Act
31
What does AES accomplish? A) Key recovery B) Symmetric key distribution C) Bulk data encryption D) Message integrity
C) Bulk data encryption | Chap 03: Security Engineering ## Footnote Advanced Encryption Standard (AES) uses the Rijndael algorithm. It is a symmetric algorithm, which is used to encrypt bulk data.
32
Trunk lines are used in whichof the following scenarios? A) Communication between two switches at a central office B) Communication between terminals for different classes of traffic C) Internal wiring in a Token Ring architecture D) Remote office ISDN wiring for an employee
A) Communication between two switches at a central office | Chap 04: Communications and Network Security ## Footnote Trunks are usedto connect multiple switches for traffic of the same class.
33
What type of attack attempts all possible solutions? A) Spoofing B) Man in the middle C) Brute force D) Dictionary
C) Brute force | Chap 05: Identify and Access Managment ## Footnote A brute force attack tries a combination of values in a attempt to discover the correct sequence that represents the captured password or whatever the goal of the task is.
34
A __________ attack exploits information that is being leaked by a cryiptosystem. A) Dictionary attack B) Side-channel attack C) Brut-force attack D) Man-in-the-middle attack
B) Side-channel attack | Chap 02: Asset Security ## Footnote A side-channel attack focuses on information leaked by a cryptosystem, as a byproduct of that system.
35
What should be done to media that is no longer required for use and is to be disposed of? A) It should be reviewed for data sensitivity classification B) The data on the media should be encrypted C) It should be sanitized D) Nothing, since the data is obsolete, it is of no value to anyone
C) It should be sanitized
36
What step should the organization take to ensure that the classification levels assigned to data are current and relevant? A) Data arcival B) Reclassification C) Periodic reviews D) Data destruction
C) Periodic reviews
37
Which of the following best describes the main focus of operational security? A) It outlines and defines the access users have to company resources B) It performs assessments to determine who should have access to software nad to what degree C) It maintains controls for access to hardware and medial to ensure production stans operationa and secure D) it identifies, implements, and maintains policies to ensure that production stays operational
C) It maintains controls for access to hardware and medial to ensure production stans operationa and secure | Chap 07: Security Operations ## Footnote Operations' goal is to keep production in proper working order and, in most environments, they have a focus of protecting the company's hardware and media from unauthrized access.
38
Which of the following is the 128-bit algorithm that was accespted for the DES? A) SkipJack B) Lucifer C) RSA D) Data Encryption Algorithm
B) Lucifer
39
Oftern systems will have backup mechanisms built into their operating procedures. This can be helpful when planning how to properly store files and ensure that data will be protected at offsite facilities. Which of the following describes database disk shadowing? A) A system that writes to two different disks for redundancy B) A system that has two controllers. If one fails, the other immediately takes over C) Asystem that periodically saves files to external media devices D) A system that captures redundant copies of log files for redundancy
A) A system that writes to two different disks for redundancy | Chap 07: security Operations ## Footnote Disk-shadowing systems are built for redundancy. The system has two disks, both of which are written to simultaneously. One disk is referred to as the primary, while the other is the secondary or backup.
40
What is the purpos of configuration management? A) Controlling access to protected assets B) Controlling changes that happen to hardware and software C) Controlling who accesses the facility D) Controlling who sniffs network traffic
B) Controlling changes that happen to hardware and software
41
Which of the following gives an accurate picture of biometrics? A) Relatively inexpensive, well received by society, and highly accurate B) Very expensive, moderately received by society, and moderately accurate C) Very expensive, very well received by society, and highly accurate D) Very expensive, not well recieved by society, and highly accurate
C) Very expensive, very well received by society, and highly accurate D) Very expensive, not well recieved by society, and highly accurate
42
Which organizaiton developed the TCSEC? A) ISO B) DoD C) FBI D) ITSEC
B) DoD | Chap 03: Security Engineering ## Footnote The US Department of Defense (DoD) developed the Trusted Computer System Evaluation Criteria (TCSEC) to evaluate the security and assurance operating systems provide. It is also referred to as the Orange Book and is in the Rainbow Series.
43
Denise is a newly hired executive brought on specifically to implement improved physical security controls. In her first staff meeting with her team, she asks the group to outline how data flow through the company. The critical assets that are necessary to keep data flowing need to be identified along with existing redundant paths. What is the name of the process Denise has just delegated? A) Policy planning B) Critical path analysis C) Planning horizon D) Risk reduction
B) Critical path analysis | Chap 03: Security Engineering ## Footnote This task is identifying the critical path, which is defined as teh path that is critical for business functionality. It should be shown in detail with all supporting mechanisms required for critical data flow. Redundant pahts should be shown, and there should be at least one redundant path for every critical path. The critical path analysis lists all pieces of an environment and how they interact and are interdependent.
44
Which entity would handle business continuity planning (BCP) tasks, such as making insurance claims, assessing damage value, adn estimating recovery expenses? A) Senior executives B) Financial representative to the BCP committee C) HR D) Department leads
B) Financial representative to the BCP committee
45
What is the single point of failure in a Kerberos architecture? A) KDC B) Client workstation C) E-mail server D) Application server
A) KDC | Chap 05: Indentity and Access Management ## Footnote The Key Distribution Center (KDC) is the core component within Kerberos. It houses all of the priciples' keys and performs authentication functionality. If the KDC goes down, users and network services could not authenticate to each other.
46
A proper risk analysis has specific steps and objectives that it needs to accomplish. Which of the following lists these items? A) Identify assets and their values, identify vulnerabilities and threats, quantify the probability and business impact of these potential threats, and provide non-economical countermeasure recommendations B) Identify assets and their values, identify vulnerabilities and threats, quantify the probability and business impact of these potential threats, and provide economical countermesure recommendations C) Identify assets, identify vulnerabilities and threats, quantify the probability and business impact of these potential threats, and provide economical countermeasure recommendation D) Identify assess and their values, identify fraud and collusion, quantify the probability and business impact of these potential threats, and provide economical countermeasure recommendation
B) Identify assets and their values, identify vulnerabilities and threats, quantify the probability and business impact of these potential threats, and provide economical countermesure recommendations | Chap 01: Security and Risk Management ## Footnote A risk analysis has four main goals: identify assests and their values, identify vulnerabilities and threats, quantify the probability and business impact of these protential threats, and provide an economic balance between the impact of the threat and the cost of the countermeasure. Risk analysis provides a cost-benefit comparison where the annualized cost of sageguards is compared with the potential cost of loss.
47
An attacker has infiltrated a company's network and is using a network mapping tool to learn about different devices. The tool sends out multiple ping commands and port scans and waits for reponses from all of the devices. The tool then analyzes the responses to identify the operating system type, services running, and ports that are open. What is the process called? A) Fingerprinting B) port scanning C) TCP Wrapping D) Ping evaluations
A) Fingerprinting | Chap 07: Security Operations ## Footnote Network mapping tools perform fingerprinting functions within networks.
48
Which of the following types of tests involves testing both the primary and alternate processing sites simultaneously? A) Parallel test B) Structured wlk-through test C) Checklist test D) Full-interruption test
A) Parallel test
49
What is the first step in forensic analysis at a cybercrime scene? A) Nofify customers of potential outages B) Capture log files on computer C) Capture a complete image of the system D) Execute the primary programs on hte computer to obtain more information
C) Capture a complete image of the system | Chap 07: Security Operations ## Footnote The first step in a forensic investigation is to make a copy of the hard drive. This method ensures that the original system is not altered in any way during the investigation process. Following this procedure ensurews an accurate chain of custody.
50
Which of the following is used in web sites as a way to respond dynamically to inputted data? A) Applets B) ActiveX C) CGI D) Cookies
C) CGI | Chap 08: Software Development Security ## Footnote Common Gateway Interface (CGI) is used in web sites that require a user to input informaiton. CGI scripts or executables re used to translate, respond to request, build a new web page, and the send it to the user. The user is the presented with data based on their request.
51
Telnet is a commonly used protocol that works at the applicaiton layer of the OSI model. Telnet is used in all of the following ways except wich one? A) Network monitoring and polling B) Remote login capabilities C) To establish command promps on remote devices D) To execute commands on a remote system
A) Network monitoring and polling
52
Mike's companyt needs to implement a new security mechanism in order to monitor the following activities: 1) selected individuals' login attempts to a customer database; 2) commands executed by thes individuals; 3) the files opened and closed in each session A) Host-based IDS B) Network-based IDS C) ACLs D) Discretionary
A) Host-based IDS | Chap 05: Indentity and Access Management ## Footnote Host-based intrusion detection systems (IDSs) cab be installed on individual workstations and servers to watch for inappropriate or anomalous activity and insider attacks.
53
Which statement is not true regarding computer crimes involving foreign countries? A) All nations agree on evidence collection methods B) Governments are not always willing to cooperate with one another C) There are different interpretations of crimes within different countries D) The seriousness of computer crime is viewed differently bhy individual nations
A) All nations agree on evidence collection methods
54
A medical dispatching company is n the process of determining facility backup optons. their number one objectiove is to ensure zero downtime. In addition, the senior executives aere extremely focused on contingency planning and insist that testing take place throughout the year. Which of the following alternatives would serve the company best? A) Warm site B) Redundant site C) Hot site D) Reciprocal aggrement
B) Redundant site | Chap 07: Security Operations ## Footnote Redundant sites provide the most advantages to a company that needs to ensure no, or a small amount of downtime.
55
There are many environmental issues to consider when securing a facility and its assets. One issue is maintaining proper temperatures to avoid damage to devices. What is the threshold temperature at which computer devices will become damaged? A) 110 degress Fahrenheit B) 350 degrees Fahrenheit C) 175 degrees Fahrenheit D) 98 degrees Fahrenheit
C) 175 degrees Fahrenheit
56
Which of the following includes ensuring that baseline versions of all software products are saved and protected as an assurance that if something bad happened, the system could be properly rebuilt? A) Change control process B) Custodian responsibilities within the operations department C) Resources protection D) Trusted recovery and degaussing
B) Custodian responsibilities within the operations department | Chap 07: Security Operations ## Footnote The operations department has the responsibility of making sure changes to producftion systems are done in an approved and controlled manner. they are also responsible for ensuring that the systems are environment are in stable working condition.
57
What is the creitical difference between vulnerability testing and penetration testing? A) Vulnerability testing is performed by black hat hackers, but Penetration testing is performed by whit hat hackers B) Penetration testing attempts to explooit discoverd vulnerabilities. Vulnerability testing discovers vulnerablities, but does not attemt to exploit them Penetration testing is performed by black hat hackers, but Vulnerability testing is performed by white hat hackers D) Vulnerability testing attempts to exploit discovered vulnerabilities. Penetration testing only discovers vulnerabilities, but does not attempt to exploit them
B) Penetration testing attempts to explooit discoverd vulnerabilities. Vulnerability testing discovers vulnerablities, but does not attemt to exploit them | Chap 06: Security Assessment and Testing ## Footnote Vulnerability testing discovers vulnerabilities but does not attempt to exploit them.
58
There are different types of offsite facilities, either subscription based or company owned. Which type of subscription-based backup facility is used most often? A) Warm B) Colde C) Redundant D) Hot
A) Warm
59
Operations deparments should backup data in all of the following situations except which of the following? A) Once per year B) Immediately following a reorganizaiton C) After a system upgrade D) for authirized on-demand requests
A) Once per year | Chap 07: Security Operations ## Footnote Backing up data is critical within operations organizations. The most import step to take is to create a backup plan. It is not realistic to provide backing up data once per year.
60
Which statement descripbs the proper relationship of the words "threat,""exposure," and "risk?" A) An exposure gives rise to a threat which exploits a risk and leads to a vulnerability B) A risk causes a vulnerability that leads to a threat and causes an exposure C) An exposure allows a weakness that leads to a threat creating an exposure D) A threat is that a threat agent will exploit a vulnerability. the probability of this happening is the risk. Once the vulnerability is exploited there is an exposure
D) A threat is that a threat agent will exploit a vulnerability. the probability of this happening is the risk. Once the vulnerability is exploited there is an exposure
61
Different controls and technologies can be implemented by the operations department. One technology that many organizations use is called RAID, a data storage system that can provide redundancy and efficiency. it funtions by writing data across serveral aggregate drives. What is this called? A) Parity B) Striping C) Degaussing D) Data mining
B) Striping
62
ron needs to restrict employee access to the centrl database by only allowing access Monday through Friday and from 7 A.M. until 6 P.M. Which of the following best describes this type of access control? A) Administrative B) Logical C) Physical D) Temporal
D) Temporal | Chap 5: Identity and Access Management ## Footnote temproal isolation is a type of access control that can be implemented to restrict access during specific time periods.
63
Sally has found out that software programmers in her company will make changes to software components and upload them to the main software repository without following version control or documenting their changes. This has caused a lot of confusion and has caused serveral teams to use the older versions. Which of the following would be the best solution for this situation? A) Software change control management B) Software configuration managment escorow C) Sofware escrow D) Software configuration management
D) Software configuration management
64
Which of the following devices typically works at the applicaiton layer and acts as a protocol translator for different environments? A) Switch B) Gateway C) Bridge D) Switch
B) Gateway
65
Continually educating the entire organization on security awareness has which one of the following outcomes? A) The network will operate at an increased level and efficiency B) The network users will be able to detect another network user's abuses C) The IT staff will have he added knowledge of how tohack into their competitors' networks D) It broadens the company's perspective on its own security and the protection of its systems and resources
D) It broadens the company's perspective on its own security and the protection of its systems and resources
66
Terry is told by his boss that he needs to implement a networked switched infrastructure that allows serveral systems to be connected to any storage device. What does Terry need to roll out? A) Electronic vaulting B) Hierarchical storage management C) Storage area network D) Remote journaling
C) Storage area network
67
Cryptanalysis is an importat piece to cryptography as a whole. Which best describes the purpose of cryptanalysis? A) Assurance of securely transmitting data over public and hostile enviroments B) The science of hiding the meaning of communication C) A system tht provides encryption and decryption and can be created through hardware components or program code in a application D) Science of studing and breaking the secrecy of encryption algrorithms and their necessary pieces
D) Science of studing and breaking the secrecy of encryption algrorithms and their necessary pieces
68
A secret key that is used for data encryption only one time is called a __________ A) Public key B) Asymmemtic key C) Key exchange D) Session key
D) Session key
69
What is authorization creep and what is the best defense against it? A) Employees contiually being given more rights and permissions. The best countermeasure is to continue to review employees' beed to know B) Employees contiually being given less rights and permissions. The best countermeasure is to continue to review employees' needto know C) Employees contiually being given more rights and permissions. the best countermeasure is to continue to review employees' job performance D) Employees contiually being given less rights and permissions. The best countermeasure is to continue to review employees' collusion possibilities
A) Employees contiually being given more rights and permissions. The best countermeasure is to continue to review employees' beed to know
70
What is the overall term for creating, modifying, deleting, or otherwise using accounts? A) System management B) Password management C) Account management D) User management
C) Account management
71
Which of the following is the most valuable asset an organization has? A) Information B) Reputation C) Equipment D) Facilities
A) Information
72
Hackers use several fallacies to retionalize their activities. One of them is that the systems they comprimise and use are idle and not being used to their full capacitity. Which of the following best describes the flaw in this logic? A) This is true. Some systems are not being fully used B) The constant use of the systems can damage them, even if this is not the hacker's intent C) The systems are not to be used for general purpose for unintended users D) the owner of the system is paying for its activity
C) The systems are not to be used for general purpose for unintended users | Chap 01: Security and Risk Management ## Footnote It does not matter if systems are used to their full capacity or not if they are not yours. Often attackers will use idle systems for their processing power in creacking passwords, cryptographic keys, or during distributed attacks. these systems asre private property, not a resource to be used by the open community.
73
There are many types of high-level languages, then there is assembly code and machine language. Which is not true of machine language? A) Expressed in binary format B) Understood by processors C) Referred to as "source code" D) Use ones and zeros
C) Referred to as "source code" | Chap 03: Security Engineering ## Footnote Processors need instructins in 1s and 0s, or binary code. This is called "machine language." Binbary code is very difficult for programmers and developers to work in, so they use assembly language or high languages to write their source code. The source code is then compiled or interpreted into machine code for the processor to understan and work with.
74

AWS Cloud (3 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2025 Bold Learning Solutions. Terms and Conditions