2026年新版CISSP全英文真题库｜历年考试题+答案解析+备考资料

A': ") any system on the DMZ can be compromised because it's accessible from the Internet", 'B': ") any system on the DMZ cannot be compromised because it's not accessible from the Internet", 'C. some systems on the DMZ can be compromised because they are accessible from the Internet

A. CHAP

B. Pre-shared Key

C. certificate based authentication

D. Public Key authentication

A. Only tunnel mode can be used

B. Only transport mode can be used

C. Encapsulating Security Payload (ESP) authentication must be used

D. Both tunnel and transport mode can be used

A. Enabling a system to select required security protocols.

B. Providing traffic analysis protection.

C. Determining the algorithm(s) to use for the IPsec services.

D. Putting in place any cryptographic keys required to provide the requested services.

A. The IPv4 and IPv5 Authentication Headers

B. The Authentication Header Encapsulating Security Payload

C. The Authentication Header and Digital Signature Tag

D. The Authentication Header and Message Authentication Code

A. It is required for gateways providing access to internal systems

B. Set-up when end-point is host or communications terminates at end-points

C. If used in gateway-to-host communication, gateway must act as host

D. )Detective/Administrative Pairing

A. Internet Key Exchange

B. Secure Key Exchange Mechanism

C. Oakley

D. Internet Security Association and Key Management Protocol

A. To provide non-repudiation and confidentiality for IP transmission.

B. To provide integrity and confidentiality for IP transmissions.

C. To provide integrity and authentication for IP transmissions.

D. To provide key management and key distribution for IP transmissions.

A. SOCK-et-S (SOCKS)

B. Common Information Model (CIM)

C. Secure Multipurpose Internet Mail Extension (S/MIME)

D. Generic Security Service Application Programming Interface (GSS-API)

A. By negotiating encryption keys during the connection setup.

B. By attaching Authentication Headers (AH) to each packet.

C. By distributing encryption keys to SOCKS enabled applications.

D. By acting as a connection proxy.

A. Application

B. Network

C. Presentation

D. Session

A. 40 bit & 54 bit

B. 40 bit & 128 bit

C. 64 bit & 128 bit

D. 128 bit & 256 bit

A': ") By convention is uses 's-http://' instead of 'http://'. ", 'B.It stands for Secure Sockets Layer

C. It was developed by Netscape

D. IT is used for transmitting private documents over the internet

A. SSL v1

B. SSL v2

C. SSL v3

D. SSL v4

A': "It uses signed certificates to authenticate the server's public key. ", 'B. A 128 bit value is used during the handshake protocol that is unique to the connection.

C. It uses only 40 bits of secret key within a 128 bit key length.

D. Every message sent by the SSL includes a sequence number within the message contents.

A. Internet transactions

B. Ethernet transactions

C. Telnet transactions

D. Electronic Payment transactions

A. Internet Protocol (IP) spoofing.

B. Data manipulation during transmissions.

C. Network based birthday attack.

D. Compromise of the source/destination host.

A. tunnel

B. one-time password

C. pipeline

D. bypass

A. Brute force

B. Man-in-the-middle

C. Traffic analysis

D. Replay

A. VPN Server

B. NAT Server

C. authentication

D. encryption

A. File transfer protocol

B. Data link messaging

C. HTTP protocol

D. Session information

A. L2TP

B. PPTP

C. IPSec

D. L2F

A. Generating excessive broadcast packets.

B. Creating a high number of half-open connections.

C. Inserting repetitive Internet Relay Chat (IRC) messages.

D. A large number of Internet Control Message Protocol (ICMP) traces.

A. Network aliasing

B. Domain Name Server (DNS) poisoning

C. Reverse Address Resolution Protocol (ARP)

D. Port scanning

A. A syn scan

B. A half-port scan

C. A buffer overflow

A. Over-subscription of the traffic on a backbone

B. A source quench packet

C. a FIN scan

D. A buffer overflow

A. Sniffers allow an attacker to monitor data passing across a network.

B. Sniffers alter the source address of a computer to disguise and exploit weak authentication methods.

C. Sniffers take over network connections

D. Sniffers send IP fragments to a system that overlap with each other.

A. SYN flood

B. Spam

C. Ping of death

D. Macro virus

A. requires a synchronized effort by multiple attackers

B. takes advantage of the way a TCP session is established

C. may result in elevation of privileges.

D. is not something system users would notice

A. Spoofing

B. Brute force

C. Teardrop

D. Scanning

A. Most users requesting DNS name service do not follow hyperlinks.

B. The attack performs user authentication with audit logs.

C. The attack relies on modifications to server software.

D. Most users do not make a request to connect to a DNS names, they follow hyperlinks.

A. Establishing communications between the handler and agent.

B. Disrupting the normal traffic to the host.

C. Disabling the router so it cannot filter traffic.

D. Compromising as many machines as possible.

A. Network Address Translation

B. Network Address Hijacking

C. Network Address Supernetting

D. Network Address Sniffing

A. Compromising a web server Domain Name Service reference.

B. Connecting the user to a different web server.

C. Executing Hypertext Transport Protocol Secure GET commands.

D': "Starting the user's browser on a secured page. "}

A. The bomb code is obscured by the message encoding algorithm.

B. Mail bombs are polymorphic and present no consistent signature to filter on.

C. Filters do not examine the data portion of a packet.

D. The bomb code is hidden in the header and appears as a normal routing information.

A. Node, server, hacker, destination

B. Client, handler, agent, target

C. Source, destination, client, server

D. Attacker, proxy, handler, agent

A. A teardrop attack

B. A SYN flood attack

C. A DNS spoofing attack

D. A test.cgi attack

A. Spoofing

B. Traffic Analysis

C. Playback

D. Masquerading

A. DNS spoofing

B. Session hijacking

C. Denial of service flooding

D. Digital signature spoofing

A. SYN flood attack

B. Smurf attack

C. Ping of Dead Attack

D. Denial of Service (DOS) Attack

A. TCP sequence number attack

B. IP spoofing attack

C. Piggybacking attack

D. Teardrop attack

A. Spoofing

B. Brute force

C. DoS

D. Exhaustive

A. Exhaustive

B. Brute force

C. Ping of Death

D. Spoofing

A. Producing large volume of ICMP echos.

B. Producing fragmented IP packets.

C. Attacking an established TCP connection.

D. None of the choices.

A. Teardrop

B. Exhaustive

C. Spoofing

D. Brute force

A. Spoofing

B. Teardrop

C. Brute force

D. SMURF

A. SMURF

B. Brute force

C. Teardrop

D. Spamming

A. Process does not implement proper object reuse.

B. Process is executed by a privileged entity.

C. Network interface becomes promiscuous.

D. Daemon can be replaced by a trojan horse.

A. Misdirected traffic jammed to the internal network.

B. A denial of service attack.

C. An error in the internal address matrix.

D. A hyper overflow in the IP stack.

A. Physical attacks

B. Logical attacks

C. Trojan Horse attacks

D. Social Engineering attacks

A. Communication based on random challenge.

B. Communication based on face to face contact.

C. Communication based on token.

D. Communication based on asymmetric encryption.

A. Spoofing

B. replay attacks

C. password compromise

D. denial-of-service

A. Masking analysis

B. Protocol analysis

C. Traffic analysis

D. Pattern analysis

A. Zone Transfer

B. Smurf

C. Syn Flood

D. TearDrop

A. new loop

B. local loop

C. loopback

D. indigenous loop

A. Pre-schedule the transmission of the information.

B. Locate the facsimile equipment in a private are

A.

C. Encrypt the transmission.

D. Phone ahead to the intended recipient.

A. Call vectoring

B. Direct Inward System Access (DISA)

C. Teleconferencing bridges

D. Remote maintenance ports

A. Red boxes

B. Blue boxes

C. White boxes

D. Black boxes

A. Magnetic stripe copier

B. Tone generator

C. Tone recorder

D. Video recorder

A. Encryption

B. Authentication

C. Call detail suppression

D. Time-division multiplexing

A. Multiplexer

B. Modem

C. Protocol converter

D. Concentrator

A. )The alternate site is a warm site

B. Critical recovery priority levels are not defined

C. Offsite backups are located away from the alternate site

D. The alternate site is located 70 miles away from the primary site

A. Plan manual, plan communication, primer for survival, warning and alarms

B. Plan communication, primer for survival, escalation, declaration

C. Plan manual, warning and alarm, declaration, primer for survival

D. Primer for survival, escalation, plan communication, warning and alarm

A. Mitigate risks associated with disaster.

B. Enable a business to continue functioning without impact.

C': "Protect the organization's people, place and processes. ", 'D. Minimize financial profile.

A. Maintain Nance of Business Continuity

B. Protection of Critical Data

C. Increase in IS performance

D. Minimized Impact of a disaster

A. committed expense

B. discretionary expense

C. enforcement of legal statues

D. compliance with regulations

A': ") A recovery team's primary task is to get the pre-defined critical business functions at the alternate backup processing site. ", 'B': ") A salvage team's task is to ensure that the primary site returns to normal processing conditions", 'C.The disaster recovery plan should include how the company will return from the alternate site to the primary site

D. When returning to the primary site, the most critical applications should be brought back first

A. The CEO should always be the spokesperson for the company during a disaster

B. The disaster recovery plan must include how the media is to be handled during the disaster

C': ") The organization's spokesperson should report bad news before the press gets ahold of it through another channel", 'D. An emergency press conference site should be planned ahead

A. Alternative procedures to process transactions

B. The probability that a disaster will occur

C. Strategic long-range planning

D. Availability of compatible equipment at a hot site

A. Security Policy

B. Management Support

C. Availability of backup information processing facilities

D. Staff training

A. it is unlikely to be affected by the same contingency

B. it is close enough to become operation quickly

C': ") is it close enough to serve it's users", 'D. it is convenient to airports and hotels

A. Back-up procedures, off-site storage, and data recover.

B. Steering committee, emergency response team, and reconstruction team.

C. Impact assessment, recover strategy, and testing.

D. Insurance coverage, alternate site, and manual procedures.

A. determining the extent of property damage

B. protecting evidence

C. preventing looting and further damage

D. mitigating the damage to avoid the need for recovery

A. Chief Information Officer

B. Chief Operating Officer

C. Disaster Recovery Manager

D. Chief Executive Officer

A. Critical-channel analysis

B. Critical-route analysis

C. Critical-path analysis

D. Critical-conduit analysis

A. Identify all business units within the organization

B. Evaluate the impact of the disruptive events

C. Estimate the Recovery Time Objectives (RTO)

D. Evaluate the criticality of business functions

A. Notifying senior management

B. Gathering the needed assessment materials

C. Performing the vulnerability assessment

D. Analyzing the information compiled

A. Work Group Recovery

B. Business Impact Analysis

C. Qualitative Risk Analysis

D. Quantitative Risk Analysis

A. Identify all business units within an organization

B. Evaluate the impact of disruptive events

C. Estimate the Recovery Time Objectives (RTO)

D. Evaluate the criticality of business functions

A. Criticality Prioritization

B. Down time estimation

C. Determining requirements for critical business functions

D. Deciding on various test to be performed to validate Business Continuity Plan

A. A risk analysis

B. A Business Impact assessment

C. A Vulnerability assessment

D. A disaster recovery plan

A. Recommend the appropriate recovery solution

B. Determine critical and necessary business functions and their resource dependencies

C. Identify critical computer applications and the associated outage tolerance

D. Estimate the financial and operation impact of a disruption

A. The Business Assessment (BA)

B. The Business Impact Analysis (BIA)

C. The Risk Assessment (RA)

D. The Business Continuity Plan (BCP)

A. Estimate the financial and operational impact of a disruption

B. Identify regulatory exposure

C. Determine if functions Recovery Time Objective (RTO)

D. Determine the impact upon the organizations market share and corporate image

A. Identify the type and quantity of resources required for recovery

B. Identify the critical processes and the dependencies between them

C. Identify organizational risks

D. Develop a mission statement

A. Areas that would suffer the greatest financial or operation loss in the event of a disaster

B. Systems critical to the survival of the enterprise

C. The names of individuals to be contacted during a disaster

D. The outage time that can be tolerated by the enterprise as a result of a disaster

A. Sustain the organization.

B. Recover from a major data center outage.

C. Test the ability to prevent major outages.

D. Satisfy audit requirements.

A. Hardware failure

B. Natural disaster

C. Human error

D. Software failure

A. A lower MTBF and a lower MTTR

B. A higher MTBF and a lower MTTR

C. A lower MTBF and a higher MTTR

D. A higher MTBF and a higher MTTR

A. Creation of a BCP committee

B. Business Impact Assessment (BIA)

C. Business Continuity Plan Development

D. Scope plan initiation

A. Internal and external support functions.

B. The change management process.

C. The risk management process.

D. Backup and restoration functions.

A. Marketing/Public relations

B. Data/Telecomm/IS facilities

C. IS Operations

D. Facilities security

A. Executive management staff

B. Senior business unit management

C. BCP committee

D. Functional business units

A. Critical System

B. Vital System

C. Sensitive System

D. Non-critical system

A. Directives of Senior Management

B. Business Impact Analysis (BIA)

C. Scope and Plan Initiation

D. Skills of BCP committee

A. Scope and Plan Initiation

B. Business Impact Assessment

C. Business Continuity Plan Development

D. Plan Approval and Implementation

A. Detailed credit investigation prior to acquisition.

B. Source code held in escrow.

C. Standby contracts with other vendors.

D': "Substantial penalties for breech of contract. '"}

A. They need extensive testing

B. They need to be developed by business continuity experts

C. They become obsolete quickly

D. The create employment opportunities

A. Business continuity plan

B. Business recovery plan

C. Continuity of operations plan

D. Disaster recovery plan

A. Need Security controls, as it usually contain mirror copies of live production data

B. Full redundancy in hardware, software, communication lines, and applications lines is very expensive

C. The hot sites are available immediately or within maximum allowable downtime (MTD)

D. They are administratively resource intensive, as transaction redundancy controls need to be implemented to keep data up-to-date