Practice Exam 2

Which of the following types of fire detectors works by means of a photoelectric sensor?

• A. Flame activated
• B. Heat activated
• C. Pressure activated
• D. Smoke activated

A fire caused by combustible metals would be considered which class of fire?

• A. A
• B. B
• C. C
• D. D

Which of the following types of water sprinkler systems works by leaving the sprinkler head open and filling the pipe only when a fire has been detected?

• A. Deluge
• B. Dry pipe
• C. Preaction
• D. Wet pipe

Which of the following types of card keys contains rows of copper?

• A. Magnetic strip
• B. Electronic circuit
• C. Magnetic stripe
• D. Active electronic

Tony's company manufactures proprietary cellphone-tracking devices. Now that employees will be issued laptops, Tony is concerned about the loss of confidential information if an employee's laptop is stolen. Which of the following represents the best defensive method?

• A. Use integrity programs such as MD5 and SHA to verify the validity of installed programs
• B. Place labels on the laptops offering a reward for stolen or missing units
• C. Issue laptop users locking cables to secure the units and prevent their theft
• D. Encrypt the hard drives

Under what conditions can halon be expected to degrade into toxic compounds?

• A. At temperatures greater than 500°F
• B. At temperatures greater than 900°F and concentrations greater than 10%
• C. At temperatures greater than 900°F
• D. At temperatures greater than 500°F and concentrations greater than 7%

According to NIST perimeter lighting standards, critical areas should be illuminated to what measurement?

• A. 10 feet in height, with 2-foot candle power
• B. 12 feet in height, with 4-foot candle power
• C. 8 feet in height, with 2-foot candle power
• D. 8 feet in height, with 4-foot candle power

What type of biometric error is used to signify that an authorized user has been denied legitimate access?

• A. Type I
• B. Type II
• C. Type III
• D. Type IV

In biometrics, the point at which the FAR equals the FRR is known as which of the following?

• A. Crossover error rate
• B. Error acceptance rate
• C. Crossover acceptance rate
• D. Failure acceptance rate

RSA's SecurID is an example of which of the following?

• A. SSO system
• B. Synchronous authentication
• C. Token authentication
• D. Asynchronous authentication

Which of the following is an example of an SSO technology?

• A. NetSP
• B. RADIUS
• C. TACACS
• D. WIDZ

When discussing the security of SSO systems, which of the following is considered a disadvantage?

• A. Single sign-on requires much more maintenance and overhead because all systems are tied together.
• B. The biggest disadvantage to single sign-on is that system time on all systems must be held to very tight standards; if deviated from, this can cause serious access problems.
• C. There are no real disadvantages to single sign-on.
• D. If single sign-on is breached, it offers the intruder access to all systems.

SNORT is an example of a what?

• A. Behavior-based IPS system
• B. Signature-based IDS system
• C. Behavior-based IDS system
• D. Signature-based IPS system

What type of attack is also known as a race condition?

• A. Synchronous attack
• B. Buffer overflow
• C. Asynchronous attack
• D. Scanlog attack

I/O drivers and utilities are typically found at what protected ring level?

• A. Ring 1
• B. Ring 2
• C. Ring 3
• D. Ring 0

What type of CPU can interleave two or more programs for execution at any one time?

• A. Multiprogramming
• B. Multitasking
• C. Multiapp
• D. Multiprocessor

This portion of the CPU performs arithmetic and logical operations on the binary data.

• A. I/O buffer
• B. Registers
• C. Control circuit
• D. ALU

What security model is also known as the Chinese Wall?

• A. Biba
• B. Clark-Wilson
• C. Brewer and Nash
• D. Harrison-Ruzzo-Ullman

What piece of documentation was developed to evaluate standalone systems and is a basis of measurement for confidentiality?

• A. The Red Book
• B. The Orange Book
• C. Common Criteria
• D. CTCPEC

Which level of Orange Book protection is considered mandatory protection?

• A. D
• B. C
• C. B
• D. A

Which of the following is considered the totality of protection mechanisms within a computer system and is responsible for enforcing security?

• A. Rings of protection
• B. The security kernel
• C. TCB
• D. Resource isolation

Johnny is worried that someone might be able to intercept and decrypt his VoIP phone calls. Which of the following protocols is most closely associated with VoIP?

• A. SKYP
• B. SLIP
• C. S/MIME
• D. SIP

Which of the following wireless standards uses direct sequence spread spectrum (DSSS) by default?

• A. Bluetooth
• B. 802.11a
• C. 802.11b
• D. 802.11g

What is a rogue AP?

• A. An individual who has connected to an unauthorized modem
• B. An unauthorized AP that has been attached to the corporate network
• C. An unauthorized modem that has been attached to the network
• D. An individual who is intercepting wireless traffic from inside or outside the organization

Pulse code modulation (PCM) is used to digitize a voice with 8 bits of sampling for transmission on a DS0 line. What is the max rate of encoding for one of these voice channels?

• A. 28.8 Kpbs
• B. 56 Kbps
• C. 64 Kbps
• D. 128 Kbps

A T1 uses which of the following to multiplex DS0s into a composite T1?

• A. Channel division
• B. Frequency-hopping spread spectrum
• C. Frequency division
• D. Time division

Which of the following focuses on how to repair and restore the data center and information at an original or new primary site?

• A. BCP
• B. BCM
• C. DRP
• D. BIA

This type of service is used to provide protection for source code in case the manufacturer declares bankruptcy or goes broke.

• A. Government access to keys
• B. MAD
• C. Electronic vaulting
• D. Software escrow

Which of the following describes the cooperative effort between the United States and Europe to exchange information about European citizens between European firms and North American parent corporations?

• A. SB 168
• B. Demar Act
• C. Safe Harbor
• D. Safety Shield

Which of the following best describes an approved type of forensic duplication?

• A. Logical copy
• B. Bit copy
• C. Microsoft backup
• D. Xcopy

Which of the following best describes the SET protocol?

• A. Originated by Victor Miller and Neal Koblitz for use as a digital signature cryptosystem. It is useful in applications for which memory, bandwidth, or computational power is limited.
• B. Originated by MasterCard and Visa to be used on the Internet for credit card transactions. It uses digital signatures.
• C. Originated by Victor Miller and Neal Koblitz for use as a key exchange cryptosystem. It is useful in applications for which memory, bandwidth, or computational power is limited.
• D. Originated by MasterCard and Visa to be used on the Internet for credit card transactions. It uses the SSL protocol.

Which of the following information-management systems uses artificial intelligence?

• A. Polyinstantiation
• B. Known signature scanning
• C. Application programming interface
• D. Knowledge discovery database

DNS lookups are typically performed on which of the following protocols and ports?

• A. UDP 53
• B. UDP 69
• C. TCP 53
• D. UDP 161

Bob is worried that the program someone gave him at DEFCON has been altered from the original. Which of the following is a valid technique that Bob can use to verify its authenticity?

• A. Run AES against the program
• B. Compare the size and date with the version found on the developer's website
• C. Run an MD5sum
• D. Calculate a digital signature

Which of the following is not an email-encryption standard?

• A. VSP
• B. MOSS
• C. PGP
• D. PEM

Which of the following best describes link encryption?

• A. Data is encrypted at the point of origin and is decrypted at the point of destination.
• B. The message is decrypted and re-encrypted as it passes through each successive node using a key common to the two nodes.
• C. The KDC shares a user-unique key with each user.
• D. It requires a session key that the KDC shares between the originator and the final destination.

Diameter uses which of the following as a base?

• A. TACACS
• B. TACACS+
• C. RADIUS
• D. Kerberos

The ACID test is used to describe what?

• A. Behavior-based intrusion detection
• B. Database transactions
• C. Signature-based intrusion detection
• D. The strength of a cryptographic function

Which of the following best describes a Fault Resistant Disk Systems (FRDS) system?

• A. Uninterrupted power supply
• B. RAID
• C. Backup power supply
• D. Hot sites

Which of the following is a stream cipher?

• A. DES
• B. Skipjack
• C. RC4
• D. Twofish

Which of the following is considered the weakest mode of DES?

• A. Electronic Code Book
• B. Cipher Block Chaining
• C. Cipher Feedback
• D. Output Feedback

Which ethical standard states that "access and use of the Internet is a privilege and should be treated as such by all users"?

• A. RFC 1087
• B. ISC2 Code of Ethics
• C. The Ten Commandments of Computer Ethics
• D. RFC 1109

Which of the following would be considered the oldest and most well-known software-development method?

• A. Spiral
• B. Clean room
• C. Waterfall
• D. Prototyping

Which of the following types of viruses can infect both boot sectors and program files?

• A. File infector
• B. Multipartite
• C. Polymorphic
• D. System infector

HTTPS uses which of the following ports?

• A. 80
• B. 110
• C. 111
• D. 443

Which of the following is considered the oldest type of database system?

• A. Hierarchical
• B. Network
• C. Relational
• D. Object-orientated

The IEEE separates the OSI data link layer into two sublayers. What are they?

• A. Media MAC Control and Media Access Control
• B. Logical Link Control and Media Access Control
• C. High-Level Data Link Control and Media MAC Control
• D. Data Link Control and Media MAC Control

What is considered the most current version of wireless cellular technology?

• A. Gen4
• B. 2G
• C. 3G
• D. Gen5

This protocol started as a simplified version of X.25 and is used in packet-switched networks.

• A. Asynchronous DSL (ADSL)
• B. Digital Data Service (DDS)
• C. T1
• D. Frame Relay

802.11 networks are identified by which of the following?

• A. Security identifier (SID)
• B. Broadcast name
• C. Kismet
• D. Service set identifier (SSID)

ISO 17799 evolved from what regional standard?

• A. British standard 7799
• B. Canadian Trusted Computer Product Evaluation Criteria (CTCPEC)
• C. Information Technology Security Evaluation Criteria (ITSEC)
• D. Trusted Computer System Evaluation Criteria (TCSEC)

A Common Criteria rating of "Functionally Tested" means the design meets what level of verification?

• A. EAL 1
• B. EAL 2
• C. EAL 4
• D. EAL 5

Which of the following is not addressed by the Clark-Wilson security model?

• A. Blocks unauthorized individuals from making changes to data
• B. Maintains internal and external consistency
• C. Protects the confidentiality of the information
• D. Blocks authorized individuals from making unauthorized changes to data

Which of the following individuals' roles and responsibilities would include the responsibility for maintaining and protecting the company's assets and data?

• A. User
• B. Data owner
• C. Data custodian
• D. Security auditor

Which of the following is the proper formula used to calculate ALE?

• A. Single loss expectancy (SLE) · Annualized rate of occurrence (ARO)
• B. Asset value x Annualized rate of occurrence (ARO)
• C. Single loss expectancy (SLE) x Annualized rate of occurrence (ARO)
• D. Asset value · Annualized rate of occurrence (ARO)

Which of the following best describes a qualitative assessment?

• A. A qualitative assessment deals with real numbers and seeks to place dollar values on losses. These dollar amounts are then used to determine where to apply risk controls.
• B. A qualitative assessment assigns ratings to each risk.
• C. A qualitative assessment is performed by experts or external consultants who seek to place dollar values on losses.
• D. A qualitative assessment is performed by experts or external consultants, is based on risk scenarios, and assigns nondollar values to risks.

The facilitated risk assessment process is an example of what?

• A. A BCP analysis technique
• B. A quantitative-assessment technique
• C. A DRP analysis technique
• D. A qualitative-assessment technique

Classification levels such as confidential and secret are tied to which data classification scheme?

• A. ISO 17799
• B. U.S. Department of Defense (DoD)
• C. RFC 2196 Site Security Guidelines
• D. Commercial Data Classification Standard (CDCS)

This method of dealing with risk is considered the least prudent course of action.

• A. Risk reduction
• B. Risk rejection
• C. Risk transference
• D. Risk acceptance

Your employer is pleased that you have become CISSP certified and would now like you to evaluate your company's security policy. Your boss believes that encryption should be used for all network traffic and that a $50,000 encrypted database should replace the current customer database. Based on what you know about risk management, what should your decision to use encryption and purchase the new database be based on? Choose the most correct answer.

• A. If an analysis shows that there is potential risk, the cost of protecting the network and database should be weighed against the cost of the deterrent.
• B. If an analysis shows that the company's network is truly vulnerable, systems should be implemented to protect the network data and the customer database.
• C. If the network is vulnerable, systems should be implemented to protect the network and the database, regardless of the price.
• D. Because it is only a customer database and the company is not well known, the probability of attack is not as great; therefore, the risk should be accepted or transferred through the use of insurance.