CISSP Practice Questions 861-880

Q: Which of the following does Temporal Key Integrity Protocol (TKIP) support? A. Multicast and broadcast messages B. Coordination of IEEE 802.11 protocols C. Wired Equivalent Privacy (WEP) systems D. Synchronization of multiple devices

Correct answer: C. TKIP was developed as an enhancement to WEP to fix its weaknesses without requiring hardware replacement.

Q: The goal of software assurance in application development is to A. enable the development of High Availability (HA) systems. B. facilitate the creation of Trusted Computing Base (TCB) systems. C. prevent the creation of vulnerable applications. D. encourage the development of open source applications.

Correct answer: C. Software assurance ensures applications are developed securely, minimizing coding flaws and vulnerabilities.

Q: Which of the following BEST represents the principle of open design? A. Disassembly, analysis, or reverse engineering will reveal the security functionality of the computer system. B. Algorithms must be protected to ensure the security and interoperability of the designed system. C. A knowledgeable user should have limited privileges on the system to prevent their ability to compromise security capabilities. D. The security of a mechanism should not depend on the secrecy of its design or implementation.

Correct answer: D. Open design promotes transparency; security should rely on robust mechanisms, not obscurity.

Q: Which of the following wraps the decryption key of a full disk encryption implementation and ties the hard disk drive to a particular device? A. Trusted Platform Module (TPM) B. Preboot eXecution Environment (PXE) C. Key Distribution Center (KDC) D. Simple Key-Management for Internet Protocol (SKIP)

Correct answer: C. Lack of change control is the most common cause of operational and security failures; it leads to unauthorized or poorly tested modifications.

Q: Two companies wish to share electronic inventory and purchase orders in a supplier and client relationship. What is the BEST security solution for them? A. Write a Service Level Agreement (SLA) for the two companies. B. Set up a Virtual Private Network (VPN) between the two companies. C. Configure a firewall at the perimeter of each of the two companies. D. Establish a File Transfer Protocol (FTP) connection between the two companies.

Correct answer: B. A VPN provides secure, encrypted communication channels between trusted business partners.

Q: Which Hyper Text Markup Language 5 (HTML5) option presents a security challenge for network data leakage prevention and/or monitoring? A. Cross Origin Resource Sharing (CORS) B. WebSockets C. Document Object Model (DOM) trees D. Web Interface Definition Language (IDL)

Correct answer: B. WebSockets establish persistent connections that bypass traditional monitoring, complicating data leakage prevention.

Q: At a MINIMUM, a formal review of any Disaster Recovery Plan (DRP) should be conducted A. monthly. B. quarterly. C. annually. D. bi-annually.

Correct answer: C. Annual DRP reviews ensure the plan remains accurate and aligns with changes in systems and personnel.

Q: In Disaster Recovery (DR) and business continuity training, which BEST describes a functional drill? A. A full-scale simulation of an emergency and the subsequent response functions B. A specific test by response teams of individual emergency response functions C. A functional evacuation of personnel D. An activation of the backup site

Correct answer: D. A functional drill simulates full emergency response scenarios to evaluate readiness and coordination.

Q: What do Capability Maturity Models (CMM) serve as a benchmark for in an organization? A. Experience in the industry B. Definition of security profiles C. Human resource planning efforts D. Procedures in systems development

Correct answer: D. CMM benchmarks process maturity, particularly in systems development lifecycle procedures.

Q: Which of the following is an example of two-factor authentication? A. Retina scan and a palm print B. Fingerprint and a smart card C. Magnetic stripe card and an ID badge D. Password and Completely Automated Public Turing test to tell Computers and Humans Apart (CAPTCHA)

Correct answer: B. Two-factor authentication requires two distinct categories—something you have (smart card) and something you are (fingerprint).

Question 861

Question 861

Which of the following does Temporal Key Integrity Protocol (TKIP) support?
A. Multicast and broadcast messages
B. Coordination of IEEE 802.11 protocols
C. Wired Equivalent Privacy (WEP) systems
D. Synchronization of multiple devices

Question 862

Question 862

The goal of software assurance in application development is to
A. enable the development of High Availability (HA) systems.
B. facilitate the creation of Trusted Computing Base (TCB) systems.
C. prevent the creation of vulnerable applications.
D. encourage the development of open source applications.

Question 863

Question 863

Which of the following BEST represents the principle of open design?
A. Disassembly, analysis, or reverse engineering will reveal the security functionality of the computer system.
B. Algorithms must be protected to ensure the security and interoperability of the designed system.
C. A knowledgeable user should have limited privileges on the system to prevent their ability to compromise security capabilities.
D. The security of a mechanism should not depend on the secrecy of its design or implementation.

Question 864

Question 864

Which of the following wraps the decryption key of a full disk encryption implementation and ties the hard disk drive to a particular device?
A. Trusted Platform Module (TPM)
B. Preboot eXecution Environment (PXE)
C. Key Distribution Center (KDC)
D. Simple Key-Management for Internet Protocol (SKIP)

Question 865

Question 865

Two companies wish to share electronic inventory and purchase orders in a supplier and client relationship. What is the BEST security solution for them?
A. Write a Service Level Agreement (SLA) for the two companies.
B. Set up a Virtual Private Network (VPN) between the two companies.
C. Configure a firewall at the perimeter of each of the two companies.
D. Establish a File Transfer Protocol (FTP) connection between the two companies.

Question 866

Question 866

Which Hyper Text Markup Language 5 (HTML5) option presents a security challenge for network data leakage prevention and/or monitoring?
A. Cross Origin Resource Sharing (CORS)
B. WebSockets
C. Document Object Model (DOM) trees
D. Web Interface Definition Language (IDL)

Question 867

Question 867

At a MINIMUM, a formal review of any Disaster Recovery Plan (DRP) should be conducted
A. monthly.
B. quarterly.
C. annually.
D. bi-annually.

Question 868

Question 868

In Disaster Recovery (DR) and business continuity training, which BEST describes a functional drill?
A. A full-scale simulation of an emergency and the subsequent response functions
B. A specific test by response teams of individual emergency response functions
C. A functional evacuation of personnel
D. An activation of the backup site

Question 869

Question 869

What do Capability Maturity Models (CMM) serve as a benchmark for in an organization?
A. Experience in the industry
B. Definition of security profiles
C. Human resource planning efforts
D. Procedures in systems development

Question 870

Question 870

Which of the following is an example of two-factor authentication?
A. Retina scan and a palm print
B. Fingerprint and a smart card
C. Magnetic stripe card and an ID badge
D. Password and Completely Automated Public Turing test to tell Computers and Humans Apart (CAPTCHA)

Question 871

Question 871

Which of the following is the MOST beneficial to review when performing an IT audit?
A. Audit policy
B. Security log
C. Security policies
D. Configuration settings

Question 872

Question 872

When dealing with compliance with the Payment Card Industry-Data Security Standard (PCI-DSS), an organization that shares card holder information with a service provider MUST do which of the following?
A. Perform a service provider PCI-DSS assessment on a yearly basis.
B. Validate the service provider's PCI-DSS compliance status on a regular basis.
C. Validate that the service providers security policies are in alignment with those of the organization.
D. Ensure that the service provider updates and tests its Disaster Recovery Plan (DRP) on a yearly basis.

Question 873

Question 873

Which of the following provides effective management assurance for a Wireless Local Area Network (WLAN)?
A. Maintaining an inventory of authorized Access Points (AP) and connecting devices
B. Setting the radio frequency to the minimum range required
C. Establishing a Virtual Private Network (VPN) tunnel between the WLAN client device and a VPN concentrator
D. Verifying that all default passwords have been changed

Question 874

Question 874

Which of the following MOST influences the design of the organization's electronic monitoring policies?
A. Workplace privacy laws
B. Level of organizational trust
C. Results of background checks
D. Business ethical considerations

Question 875

Question 875

According to best practice, which of the following groups is the MOST effective in performing an information security compliance audit?
A. In-house security administrators
B. In-house Network Team
C. Disaster Recovery (DR) Team
D. External consultants

Question 876

Question 876

What physical characteristic does a retinal scan biometric device measure?
A. The amount of light reflected by the retina
B. The size, curvature, and shape of the retina
C. The pattern of blood vessels at the back of the eye
D. The pattern of light receptors at the back of the eye

Question 877

Question 877

What does secure authentication with logging provide?
A. Data integrity
B. Access accountability
C. Encryption logging format
D. Segregation of duties

Question 878

Question 878

Refer to the information below to answer the question.

A security practitioner detects client-based attacks on the organization’s network. A plan will be necessary to address these concerns. In addition to web browsers, what PRIMARY areas need to be addressed concerning mobile code used for malicious purposes?
A. Text editors, database, and Internet phone applications
B. Email, presentation, and database applications
C. Image libraries, presentation and spreadsheet applications
D. Email, media players, and instant messaging applications

Question 879

Question 879

Which of the following assures that rules are followed in an identity management architecture?
A. Policy database
B. Digital signature
C. Policy decision point
D. Policy enforcement point

Question 880

Question 880

Which of the following is the MOST difficult to enforce when using cloud computing?
A. Data access
B. Data backup
C. Data recovery
D. Data disposal