Dotifi.com

A Digital Web & Security Company...

Dot swordpress

Byadmin

Mar 9, 2024

CISSP practice questions #1 – ALL CISSP domains 250 Q – 2020

10 CISSP bonus questions from test #2! – Results

Attempt 9
Question 1: Correct

You put a fire out by removing one of the legs of the fire triangle, which is not one of them.
  • Oxygen.
  • Light.
    (Correct)
  • Heat.
  • Fuel.

Explanation

A fire does not require light to burn. Fire suppression is done by removing one of the 3 requirements a fire has. A fire needs Oxygen, Heat and Fuel to burn. Removing any of the 3 will put the fire out. Removing Oxygen is done by replacing the oxygen in the room with something else, or covering the fire so the burning material doesn’t have oxygen access (Halon, FM200, Argon). Removing Heat is done by adding chemicals or water to the fire, cooling it down. Removing Fuel is rarely done since the fuel is our equipment.
Question 2: Correct

Which type ROM can only be programmed once?
  • EEPROM.
  • APROM.
  • PROM.
    (Correct)
  • EPROM.

Explanation

PROM (Programmable Read Only Memory) – Can only be written once, normally at the factory.
Question 3: Correct

How do we define impact?

  • How bad is it if we are compromised, adding another vector to the Risk calculation.

    (Correct)

  • The total risk after we have implemented our countermeasures.

  • A potential harmful incident.

  • A weakness that can possibly be exploited.

Explanation

Risk = Threat x Vulnerability. Impact – Can at times be added to give a more full picture. Risk = Threat x Vulnerability x Impact (How bad is it?). Total Risk = Threat x Vulnerability x Asset Value. Residual Risk = Total Risk – Countermeasures.
Question 4: Correct

When a penetration tester is doing a gray box testing they have which knowledge?
  • All of these.
  • Full knowledge and privileges access to systems.
  • Partial knowledge, user or vendor access level.
    (Correct)
  • No knowledge other than what is publically available.

Explanation

Gray (Grey) box (Partial Knowledge) Pen testing: The attacker has limited knowledge, a normal user, vendor or someone with limited environment knowledge.
Question 5: Correct

Which type of networking circuits can the traffic use different paths?
  • Weighted routing tables.
  • Full traffic switching.
  • Circuit switching.
  • Packet switching.
    (Correct)

Explanation

Packet switching – Cheap, but no capacity guarantee, very widely used today. Data is sent in packets, but take multiple different paths to the destination. The packets are reassembled at the destination.
Question 6: Correct

Which is the safest, but should be the last resort in a data center fire?
  • Powder.
  • Water.
    (Correct)
  • Halon.
  • FM-200.

Explanation

Water: Removes the “heat” leg of the fire triangle by lowering the temperature. Is the safest suppression agent, but for Data Centers: Water + hardware = dead hardware. Should always be a last resort and electricity could always be cut before water is used.
Question 7: Correct

When we apply standards and framework we can use tailoring to do what?
  • To implement the full standard or framework, but implement different standards in some areas.
    (Correct)
  • Find out how much the implementation will cost us.
  • To see if the standard is a good fit for our organization.
  • To pick and chose which parts of the standard or framework we want to implement.

Explanation

Tailoring is customizing a standard to your organization. This could be we will apply this standard, but we use a stronger encryption (AES 256bit).
Question 8: Correct

A pen tester calling an employee and explains how they are the CEO’s executive assistant and they need to do what they are told is:
  • Authority.
    (Correct)
  • Familiarity.
  • Intimidation.
  • Scarcity.

Explanation

Social engineering uses people skills to bypass security controls. Authority (someone you trust or are afraid of) – Look and sound like an authority figure, be in charge, this can be in a uniform or a suit. Most effective with impersonation, whaling, and vishing attacks.
Question 9: Correct

Patents are protected how?
  • Protected 10 years at a time, can be renewed indefinitely.
  • Protected for 70 years after the creators death or 95 years for corporations.
  • Protected for 20 years after filing.
    (Correct)
  • You tell no one, if discovered you are not protected.

Explanation

Patents: Protects inventions for 20 years (normally) – Cryptography algorithms can be patented. Inventions must be:Novel (New idea no one has had before). Useful (It is actually possible to use and it is useful to someone). Nonobvious (Inventive work involved).
Question 10: Correct

Implementing secure cables in our building what would be our cheapest option?
  • Fiber Ethernet.
    (Correct)
  • Coax copper.
  • Copper Ethernet.
  • Wireless.

Explanation

The most secure cable is fiber cables, it is slightly more expensive than copper, since we need both we would use fiber cables. Wireless is .. well not a cable.

By admin

Related Post

Dot dotifi dotifi.com swordpress

What Is An Inode Limit On Your WordPress Hosting? dotifi.com wedeyhost !

Apr 21, 2024 admin
Dot swordpress

Dotifi – Great domains grow great business. We are an industry-leading domain name broker that specialises in Low to high-end Nigerian & International domain name acquisitions and sales.

Apr 21, 2024 admin
dotifi dotifi.com swordpress

My Dotifi.com From Home !

Apr 21, 2024 admin

Leave a Reply

Your email address will not be published. Required fields are marked *

You missed

te

2063 Gender Goals: ImpactHER, AU sign MoU on African Women Empowerment

May 18, 2024 aisha alongu
te

APRA Elects new Executives with Arik Karani as the President

May 18, 2024 aisha alongu
te

CIBN Inaugurate Deji Olanrenwaju as 23rd President/Chairman 

May 18, 2024 aisha alongu
te

Lenovo Advances Hybrid AI Innovation to Organisations Irrespective of the Size  

May 18, 2024 aisha alongu