CISSP Practice Questions 841-860

Q: The BEST way to check for good security programming practices, as well as auditing for possible backdoors, is to conduct A. log auditing. B. code reviews. C. impact assessments. D. static analysis.

Correct answer: B. Manual or automated code reviews help detect insecure coding practices and hidden logic that could enable backdoors.

Q: An external attacker has compromised an organization's network security perimeter and installed a sniffer onto an inside computer. Which of the following is the MOST effective layer of security the organization could have implemented to mitigate the attacker's ability to gain further information? A. Implement packet filtering on the network firewalls B. Require strong authentication for administrators C. Install Host Based Intrusion Detection Systems (HIDS) D. Implement logical network segmentation at the switches

Correct answer: D. Logical network segmentation isolates systems, limiting an attacker’s ability to move laterally and capture data.

Q: In Business Continuity Planning (BCP), what is the importance of documenting business processes? A. Provides senior management with decision-making tools B. Establishes and adopts ongoing testing and maintenance strategies C. Defines who will perform which functions during a disaster or emergency D. Provides an understanding of the organization's interdependencies

Correct answer: D. Documenting processes clarifies interdependencies, enabling accurate impact analysis and effective recovery planning.

Q: Which of the following can BEST prevent security flaws occurring in outsourced software development? A. Contractual requirements for code quality B. Licensing, code ownership and intellectual property rights C. Certification of the quality and accuracy of the work done D. Delivery dates, change management control and budgetary control

Correct answer: C. Independent code certification ensures that software meets quality and security standards before delivery.

Q: The birthday attack is MOST effective against which one of the following cipher technologies? A. Chaining block encryption B. Asymmetric cryptography C. Cryptographic hash D. Streaming cryptography

Correct answer: C. Birthday attacks exploit hash collisions, making them particularly effective against cryptographic hash functions.

Q: A disadvantage of an application filtering firewall is that it can lead to A. a crash of the network as a result of user activities. B. performance degradation due to the rules applied. C. loss of packets on the network due to insufficient bandwidth. D. Internet Protocol (IP) spoofing by hackers.

Correct answer: B. Deep inspection in application filtering can slow throughput due to complex rule evaluations.

Q: Which of the following is the FIRST step of a penetration test plan? A. Analyzing a network diagram of the target network B. Notifying the company's customers C. Obtaining the approval of the company's management D. Scheduling the penetration test during a period of least impact

Correct answer: C. Management authorization ensures testing is sanctioned, legal, and aligned with organizational objectives.

Q: Which type of control recognizes that a transaction amount is excessive in accordance with corporate policy? A. Detection B. Prevention C. Investigation D. Correction

Correct answer: A. Detection controls identify anomalies, such as unusually high transaction amounts, after they occur.

Q: Which of the following elements MUST a compliant EU-US Safe Harbor Privacy Policy contain? A. An Explanation: of how long the data subject's collected information will be retained for and how it will be eventually disposed. B. An Explanation: of who can be contacted at the organization collecting the information if corrections are required by the data subject. C. An Explanation: of the regulatory frameworks and compliance standards the information collecting organization adheres to. D. An Explanation: of all the technologies employed by the collecting organization in gathering information on the data subject.

Correct answer: B. Safe Harbor compliance requires contact details for individuals to correct or query their personal data.

Q: Which of the following would be the FIRST step to take when implementing a patch management program? A. Perform automatic deployment of patches. B. Monitor for vulnerabilities and threats. C. Prioritize vulnerability remediation. D. Create a system inventory.

Correct answer: D. Knowing all systems and software versions is essential before deploying patches or assessing vulnerabilities.

Question 841

Question 841

The BEST way to check for good security programming practices, as well as auditing for possible backdoors, is to conduct
A. log auditing.
B. code reviews.
C. impact assessments.
D. static analysis.

Question 842

Question 842

An external attacker has compromised an organization's network security perimeter and installed a sniffer onto an inside computer. Which of the following is the MOST effective layer of security the organization could have implemented to mitigate the attacker's ability to gain further information?
A. Implement packet filtering on the network firewalls
B. Require strong authentication for administrators
C. Install Host Based Intrusion Detection Systems (HIDS)
D. Implement logical network segmentation at the switches

Question 843

Question 843

In Business Continuity Planning (BCP), what is the importance of documenting business processes?
A. Provides senior management with decision-making tools
B. Establishes and adopts ongoing testing and maintenance strategies
C. Defines who will perform which functions during a disaster or emergency
D. Provides an understanding of the organization's interdependencies

Question 844

Question 844

Which of the following can BEST prevent security flaws occurring in outsourced software development?
A. Contractual requirements for code quality
B. Licensing, code ownership and intellectual property rights
C. Certification of the quality and accuracy of the work done
D. Delivery dates, change management control and budgetary control

Question 845

Question 845

The birthday attack is MOST effective against which one of the following cipher technologies?
A. Chaining block encryption
B. Asymmetric cryptography
C. Cryptographic hash
D. Streaming cryptography

Question 846

Question 846

A disadvantage of an application filtering firewall is that it can lead to
A. a crash of the network as a result of user activities.
B. performance degradation due to the rules applied.
C. loss of packets on the network due to insufficient bandwidth.
D. Internet Protocol (IP) spoofing by hackers.

Question 847

Question 847

Which of the following is the FIRST step of a penetration test plan?
A. Analyzing a network diagram of the target network
B. Notifying the company's customers
C. Obtaining the approval of the company's management
D. Scheduling the penetration test during a period of least impact

Question 848

Question 848

Which type of control recognizes that a transaction amount is excessive in accordance with corporate policy?
A. Detection
B. Prevention
C. Investigation
D. Correction

Question 849

Question 849

Which of the following elements MUST a compliant EU-US Safe Harbor Privacy Policy contain?
A. An Explanation: of how long the data subject's collected information will be retained for and how it will be eventually disposed.
B. An Explanation: of who can be contacted at the organization collecting the information if corrections are required by the data subject.
C. An Explanation: of the regulatory frameworks and compliance standards the information collecting organization adheres to.
D. An Explanation: of all the technologies employed by the collecting organization in gathering information on the data subject.

Question 850

Question 850

Which of the following would be the FIRST step to take when implementing a patch management program?
A. Perform automatic deployment of patches.
B. Monitor for vulnerabilities and threats.
C. Prioritize vulnerability remediation.
D. Create a system inventory.

Question 851

Question 851

Following the completion of a network security assessment, which of the following can BEST be demonstrated?
A. The effectiveness of controls can be accurately measured
B. A penetration test of the network will fail
C. The network is compliant to industry standards
D. All unpatched vulnerabilities have been identified

Question 852

Question 852

When implementing controls in a heterogeneous end-point network for an organization, it is critical that
A. hosts are able to establish network communications.
B. users can make modifications to their security software configurations.
C. common software security components be implemented across all hosts.
D. firewalls running on each host are fully customizable by the user.

Question 853

Question 853

While impersonating an Information Security Officer (ISO), an attacker obtains information from company employees about their User IDs and passwords. Which method of information gathering has the attacker used?
A. Trusted path
B. Malicious logic
C. Social engineering
D. Passive misuse

Question 854

Question 854

Which of the following defines the key exchange for Internet Protocol Security (IPSec)?
A. Secure Sockets Layer (SSL) key exchange
B. Internet Key Exchange (IKE)
C. Security Key Exchange (SKE)
D. Internet Control Message Protocol (ICMP)

Question 855

Question 855

Who must approve modifications to an organization's production infrastructure configuration?
A. Technical management
B. Change control board
C. System operations
D. System users

Question 856

Question 856

What is the MOST important purpose of testing the Disaster Recovery Plan (DRP)?
A. Evaluating the efficiency of the plan
B. Identifying the benchmark required for restoration
C. Validating the effectiveness of the plan
D. Determining the Recovery Time Objective (RTO)

Question 857

Question 857

Passive Infrared Sensors (PIR) used in a non-climate controlled environment should
A. reduce the detected object temperature in relation to the background temperature.
B. increase the detected object temperature in relation to the background temperature.
C. automatically compensate for variance in background temperature.
D. detect objects of a specific temperature independent of the background temperature.

Question 858

Question 858

When constructing an Information Protection Policy (IPP), it is important that the stated rules are necessary, adequate, and
A. flexible.
B. confidential.
C. focused.
D. achievable.

Question 859

Question 859

Which of the following MUST be done when promoting a security awareness program to senior management?
A. Show the need for security; identify the message and the audience
B. Ensure that the security presentation is designed to be all-inclusive
C. Notify them that their compliance is mandatory
D. Explain how hackers have enhanced information security

Question 860

Question 860

A system has been scanned for vulnerabilities and has been found to contain a number of communication ports that have been opened without authority. To which of the following might this system have been subjected?
A. Trojan horse
B. Denial of Service (DoS)
C. Spoofing
D. Man-in-the-Middle (MITM)