« 返回题库列表CISSP信息系统安全专家模拟考试题及答案|最新真题练习合集
问题 #1
The guarantee that the message sent is the message received, and that the message was not intentionally or unintentionally altered is?
A. Integrity
B. Confidentiality
C. Availability
D. Identity
问题 #2
Which of the following is a preventive control?
A. Motion detectors
B. Guard dogs
C. Audit logs
D. Intrusion detection systems
问题 #3
What uses a key of the same length as the message?
A. Running key cipher
B. One-time pad
C. Steganography
D. Cipher block chaining
问题 #4
Which of the following protocols operates at the session layer (layer 5)?
A. RPC
B. IGMP
C. LDP
D. SPX
问题 #5
Which of the following are NOT a countermeasure to traffic analysis?
A. Padding messages
B. Eavesdropping
C. Sending noise
D. Covert channel analysis
问题 #6
Which of the following layers of the ISO/OSI model do packet filtering firewalls operate at?
A. Application layer
B. Session layer
C. Network layer
D. Presentation layer
问题 #7
A prolonged high voltage is?
A. Spike
B. Blackout
C. Surge
D. Fault
问题 #8
How do the Information Labels of Compartmented Mode Workstation differ from the Sensitivity Levels of B3 evaluated systems?
A. Information Labels in CMW are homologous to Sensitivity Labels, but a different term was chosen to emphasize that CMW's are not described in the Orange Book.
B. Information Labels contain more information than Sensitivity Labels, thus allowing more granular access decisions to be made.
C. Sensitivity Labels contain more information than Information Labels because B3+ systems should store more sensitive data than workstations.
D. Information Labels contain more information than Sensitivity Labels, but are not used by the Reference Monitor to determine access permissions.
问题 #9
In what security mode can a system be operating if all users have the clearance or authorization and need-to-know to all data processed within the system?
A. Dedicated security mode.
B. System-high security mode.
C. Compartmented security mode.
D. Multilevel security mode.
问题 #10
What are the three conditions that must be met by the reference monitor?
A. Confidentiality, availability and integrity.
B. Policy, mechanism and assurance.
C. Isolation, layering and abstraction.
D. Isolation, completeness and verifiability.
问题 #11
While referring to Physical Security, what does Positive pressurization means?
A. The pressure inside your sprinkler system is greater than zero.
B. The air goes out of a room when a door is opened and outside air does not go into the room.
C. Causes the sprinkler system to go off.
D. A series of measures that increase pressure on employees in order to make them more productive.
问题 #12
The baseline sets certain thresholds for specific errors or mistakes allowed and the amount of these occurrences that can take place before it is considered suspicious?
A. Checkpoint level
B. Ceiling level
C. Clipping level
D. Threshold level
问题 #13
The most prevalent cause of computer center fires is which of the following?
A. AC equipment
B. Electrical distribution systems.
C. Heating systems
D. Natural causes
问题 #14
An offsite backup facility intended to operate an information processing facility, having no computer or communications equipment, but having flooring, electrical writing, air conditioning, etc. Is better known as a?
A. Hot site
B. Duplicate processing facility
C. Cold site
D. Warm site
问题 #15
Which of the following are necessary components of a Multi-Level Security Policy?
A. Sensitivity Labels and a "system high" evaluation.
B. Sensitivity Labels and Discretionary Access Control.
C. Sensitivity Labels and Mandatory Access Control.
D. Object Labels and a "system high" evaluation.
问题 #16
Which of the following, used to extend a network, has a storage capacity to store frames and act as a store-and-forward device?
A. Bridge
B. Router
C. Repeater
D. Gateway
问题 #17
Which of the following is addressed by Kerberos?
A. Authorization and authentication.
B. Validation and integrity.
C. Confidentiality and integrity.
问题 #18
Access Control techniques do not include which of the following choices?
A. Relevant Access Controls
B. Discretionary Access Control
C. Mandatory Access Control
D. Lattice Based Access Control
问题 #19
Why is public key cryptography recommended for use in the process of securing facsimiles during transmission?
A. Keys are never transmitted over the network.
B. Data compression decreases key change frequency.
C. Key data is not recognizable from facsimile dat
A.
D. The key is securely passed to the receiving machine.
问题 #20
Database views are not used to:
A. Implement referential integrity.
B. Implement least privilege.
C. To implement content-dependent access restrictions.
D. Implement need-to-know.
问题 #21
Which of the following is most concerned with personnel security?
A. Management controls
B. Operational controls
C. Technical controls
D. Human resources controls.
问题 #22
Which of the following statements pertaining to the Trusted Computer System Evaluation Criteria (TCSEC) is incorrect?
A. With TCSEC, functionality and assurance are evaluated separately.
B. TCSEC provides a means to evaluate the trustworthiness of an information system.
C. The Orange book does not cover networks and communications.
D. Data base management systems are not covered by the TCSEC.
问题 #23
Which of the following could illegally capture network user passwords?
A. Data diddling
B. Sniffing
C. Spoofing
D. Smurfing
问题 #24
Which trusted facility management concept implies that two operators must review and approve the work of each other?
A. Two-man control
B. Dual control
C. Double control
D. Segregation control
问题 #25
There are more than 20 books in the Rainbow Series. Which of the following covers password management guidelines?
A. Orange Book
B. Green Book
C. Red Book
D. Lavender Book
问题 #26
Which of the following is an ip address that is private? (i.e. reserved for internal networks, and not a valid address to use on the Internet)?
A. 172.5.42.5
B. 172.76.42.5
C. 172.90.42.5
D. 172.16.42.5
问题 #27
How fast is private key cryptography compared to public key cryptography?
A. 10 to 100 times faster.
B. 100 to 1000 times faster.
C. 1000 to 10000 times faster.
D. 10000 to 20000 times faster.
问题 #28
The continual effort of making sure that the correct policies, procedures and standards are in place and being followed is described as what?
A. Due care
B. Due concern
C. Due diligence
D. Due practice
问题 #29
Which tape format type is mostly used for home/small office backups?
A. Quarter Inch Cartridge drives (QIC)
B. Digital Linear Tapes (DLT)
C. 8mm tape
D. Digital Audio Tape (DAT)
问题 #30
In an organization, an Information Technology security function should:
A. Be a function within the information systems function of an organization.
B. Report directly to a specialized business unit such as legal, corporate security or insurance.
C. Be lead by a Chief Security Officer and report directly to the CEO.
D. Be independent but report to the Information Systems function.
问题 #31
Who of the following is responsible for ensuring that proper controls are in place to address integrity, confidentiality, and availability of IT systems and data?
A. Business and functional managers.
B. IT Security practitioners.
C. System and information owners.
D. Chief information officer.
问题 #32
The act of requiring two of the three factors to be used in the authentication process refers to?
A. Two-Factor Authentication
B. One-Factor Authentication
C. Bi-Factor Authentication
D. Double Authentication
问题 #33
This type of backup management provides a continuous on-line backup by using optical or tape "jukeboxes", similar to WORMs, (Write Once, Read Many)
A. Hierarchical Storage Management (HSM).
B. Hierarchical Resource Management (HRM).
C. Hierarchical Access Management (HAM).
D. Hierarchical Instance Management (HIM).
问题 #34
Which of the following elements is not included in a Public Key Infrastructure (PKI)?
A. Timestamping
B. Lightweight Directory Access Protocol (LDAP)
C. Certificate revocation
D. Internet Key Exchange (IKE)
问题 #35
Which of the following best corresponds to the type of memory addressing where the address location that is specified in the program instruction contains the address of the final desired location?
A. Direct addressing
B. Indirect addressing
C. Indexed addressing
D. Program addressing
问题 #36
Creation and maintenance of intrusion detection systems and processes for the following is one of them identify it:
A. Event nonrepudiation
B. Event notification
C. Netware monitoring
D. Guest access
问题 #37
Which of the following is true related to network sniffing?
A. Sniffers allow an attacker to monitor data passing across a network.
B. Sniffers alter the source address of a computer to disguise and exploit weak authentication methods,
C. Sniffers take over network connections.
D. Sniffers send IP fragments to a system that overlap with each other.
问题 #38
Which of the following protocols is not implemented at the Internet layer of the TCP/IP protocol model?
A. User datagram protocol (UDP)
B. Internet protocol (IP)
C. Address resolution protocol (ARP)
D. Internet control message protocol (ICMP)
问题 #39
Which of the following is used to help business units understand the impact of a disruptive event?
A. A risk analysis.
B. A business impact assessment.
C. A vulnerability assessment.
D. A disaster recovery plan.
问题 #40
A contingency plan should address?
A. Potential risks
B. Residual risks
C. Identified risks
D. All of the above
问题 #41
In the OSI/ISO model, at what level is SET (SECURE ELECTRONIC TRANSACTION PROTOCOL) provided?
A. Application
B. Network
C. Presentation
D. Session
问题 #42
A packet filtering firewall looks at the data packet to get information about the source and destination addresses of an incoming packet, the session's communications protocol (TCP, UDP or ICMP), and the source destination application port for the?
A. Desired service
B. Dedicated service
C. Delayed service
D. Distributed service.
问题 #43
Packet Filtering Firewalls system is considered a?
A. First generation firewall.
B. Second generation firewall.
C. Third generation firewall.
D. Fourth generation firewall.
问题 #44
When should a post-mortem review meeting be held after an intrusion has been properly taken care of?
A. Within the first three months after the investigation of the intrusion is completed.
B. Within the first week after prosecution of intruders have taken place, whether successful or not.
C. Within the first month after the investigation of the intrusion is completed.
D. Within the first week of completing the investigation of the intrusion.
问题 #45
Which of the following can be used as a covert channel?
A. Storage and timing.
B. Storage and low bits.
C. Storage and permissions.
D. Storage and classification.
问题 #46
Which software development model is actually a meta-model that incorporates a number of the software development models?
A. The Waterfall model.
B. The modified Waterfall model.
C. The Spiral model.
D. The Critical Patch Model (CPM).
问题 #47
What is not true with pre-shared key authentication within IKE / IPsec protocol:
A. Pre-shared key authentication is normally based on simple passwords.
B. Needs a PKI to work.
C. Only one preshared key for all VPN connections is needed.
D. Costly key management on large user groups.
问题 #48
Which question is NOT true concerning Application Control?
A. It limits end users of applications in such a way that only particular screens are visible.
B. Only specific records can be requested choice.
C. Particular uses of the application can be recorded for audit purposes.
D. Is non-transparent to the endpoint applications so changes are needed to the applications involved.
问题 #49
In order to ensure the privacy and integrity of the data, connections between firewalls over public networks should use?
A. Screened subnets
B. Digital certificates
C. Encrypted Virtual Private Networks
D. Encryption
问题 #50
What is necessary for a subject to have write access to an object in a Multi-Level Security Policy?
A. The subject's sensitivity label must dominate the object's sensitivity label.
B. The subject's sensitivity label subordinates the object's sensitivity label.
C. The subject's sensitivity label is subordinated by the object's sensitivity label.
D. The subject's sensitivity label is dominated by the object's sensitivity label."}
问题 #51
What best describes a scenario when an employee has been shaving off pennies from multiple accounts and depositing the funds into his own ban account?
A. Data fiddling
B. Data diddling
C. Data hiding
D. Data masking
问题 #52
Which of the following is unlike the other three?
A. El Gamal
B. Teardrop
C. Buffer Overflow
D. Smurf
问题 #53
Phreakers are hackers who specialize in telephone fraud. What type of telephone fraud manipulates the line voltage to receive a tool-free call?
A. Red Boxes
B. Blue Boxes
C. White Boxes
D. Black Boxes
问题 #54
Which of the following groups represents the leading source of computer crime losses?
A. Hackers
B. Industrial saboteurs
C. Foreign intelligence officers
D. Employees
问题 #55
Which of the following steps should be performed first in a business impact analysis (BIA)?
A. Identify all business units within the organization.
B. Evaluate the impact of disruptive events.
C. Estimate the Recovery Time Objectives (RTO).
D. Evaluate the criticality of business functions.
问题 #56
Which of the following embodies all the detailed actions that personnel are required to follow?
A. Standards
B. Guidelines
C. Procedures
D. Baselines
问题 #57
Immune to the effects of electromagnetic interference (EMI) and therefore has a much longer effective usable length (up to two kilometers in some cases) is?
A. Coaxial cable
B. Twisted Pair cable
C. Axial cable
D. Fiber Optic cable
问题 #58
Which of the following is the most reliable, secure means of removing data from magnetic storage media such as a magnetic tape, or cassette?
A. Degaussing
B. Parity Bit Manipulation
C. Certification
D. Buffer overflow
问题 #59
Which of the following is an advantage of prototyping?
A. Prototype systems can provide significant time and cost savings.
B. Change control is often less complicated with prototype systems.
C. It ensures that functions or extras are not added to the intended system.
D. Strong internal controls are easier to implement.
问题 #60
The IS security analyst's participation in which of the following system development life cycle phases provides maximum benefit to the organization?
A. System requirements definition.
B. System design.
C. Program development.
D. Program testing.
问题 #61
Controls are implemented to?
A. Eliminate risk and reduce the potential for loss.
B. Mitigate risk and eliminate the potential for loss.
C. Mitigate risk and reduce the potential for loss.
D. Eliminate risk and eliminate the potential for loss.
问题 #62
A circuit level gateway is ________ when compared to an application level firewall.
A. Easier to maintain.
B. More difficult to maintain.
C. More secure.
D. Slower
问题 #63
In IPSec, if the communication mode is gateway-gateway or host-gateway:
A. Only tunnel mode can be used.
B. Only transport mode can be used.
C. Encapsulating Security Payload (ESP) authentication must be used.
D. Both tunnel and transport mode can be used.
问题 #64
Which integrity model defines a constrained data item, an integrity verification procedure and a transformation procedure?
A. The Take-Grant model
B. The Biba integrity model
C. The Clark Wilson integrity model
D. The Bell-LaPadula integrity model
问题 #65
Which of the following rules pertaining to a Business Continuity Plan/Disaster Recovery Plan is incorrect?
A. In order to facilitate recover, a single plan should cover all locations.
B. There should be requirements for to form a committee to decide a course of action. These decisions should be made ahead of time and incorporated into the plan.
C. In its procedures and tasks, the plan should refer to functions, not specific individuals.
D. Critical vendors should be contacted ahead of time to validate equipment can be obtained in a timely manner.
问题 #66
What are suitable protocols for securing VPN connections?
A. S/MIME and SSH
B. TLS and SSL
C. IPsec and L2TP
D. PKCS# and X.509
问题 #67
Which of the following questions is less likely to help in assessing identification and authentication controls?
A. Is a current list maintained and approved of authorized users and their access?
B. Are passwords changed at least every ninety days or earlier if needed?
C. Are inactive user identifications disabled after a specified period of time?
D. Is there a process for reporting incidents?
问题 #68
The primary purpose for using one-way encryption of user passwords within a system is which of the following?
A. It prevents an unauthorized person from trying multiple passwords in one logon attempt.
B. It prevents an unauthorized person from reading or modifying the password list.
C. It minimizes the amount of storage required for user passwords.
D. It minimizes the amount of processing time used for encrypting passwords.
问题 #69
The security of a computer application is most effective and economical in which of the following cases?
A. The system is optimized prior to the addition of security.
B. The system is procured off-the-shelf.
C. The system is customized to meet the specific security threat.
D. The system is designed originally to provide the necessary security.
问题 #70
In the following choices there is one that is a typical biometric characteristics that is not used to uniquely authenticate an individual's identity?
A. Retina scans
B. Iris scans
C. Palm scans
D. Skin scans
问题 #71
Which of the following proves or disproves a specific act though oral testimony based on information gathered through the witness's five senses?
A. Direct evidence
B. Circumstantial evidence
C. Conclusive evidence
D. Corroborative evidence
问题 #72
Which of the following would be defined as an absence of safeguard that could be exploited?
A. A threat
B. A vulnerability
C. A risk
D. An exposure
问题 #73
Which of the following is a LAN transmission protocol?
A. Ethernet
B. Ring topology
C. Unicast
D. Polling
问题 #74
Why would a database be denormalized?
A. To ensure data integrity.
B. To increase processing efficiency.
C. To prevent duplication of dat
A.
D. To save storage space.
问题 #75
Under "Named Perils" form of Property insurance
A. Burden of proof that particular loss is covered is on Insurer.
B. Burden of proof that particular loss is not covered is on Insurer.
C. Burden of proof that particular loss is covered is on Insured.
D. Burden of proof that particular loss is not covered is on Insured.
问题 #76
The following is not true:
A. Since the early days of mankind humans have struggled with the problems of protecting assets.
B. The addition of a PIN keypad to the card reader was a solution to unreported card or lost card problem.
C. There has never been of problem of lost keys.
D. Human guard is an inefficient and sometimes ineffective method of protecting resources.
问题 #77
Which of the following statements pertaining to software testing approaches is correct?
A. A bottom-up approach allows interface errors to be detected earlier.
B. A top-down approach allows errors in critical modules to be detected earlier.
C. The test plan and results should be retained as part of the system's permanent documentation.
D. Black box testing is predicted on a close examination of procedural detail.
问题 #78
Which Orange Book evaluation level is described as "Structured Protection"?
问题 #79
Which of the following questions should any user not be able to answer regarding their organization information security policy?
A. Who is involved in establishing the security policy?
B. Where is the organization security policy defined?
C. What are the actions that need to be performed in case of a disaster?
D. Who is responsible for monitoring compliance to the organization security policy?
问题 #80
RAID Level 1 mirrors the data from one disk to set of disks using which of the following techniques?
A. Copying the data onto another disk or set of disks.
B. Moving the data onto another disk or set of disks.
C. Establishing dual connectivity to another disk or set of disks.
D. Establishing dual addressing to another disk or set of disks.
问题 #81
Which type of firewall can be used to track connectionless protocols such as UDP and RPC?
A. Statefull inspection firewalls
B. Packet filtering firewalls
C. Application level firewalls
D. Circuit level firewalls
问题 #82
Which of the following items should not be retained in an E-mail directory?
A. Drafts of documents.
B. Copies of documents.
C. Permanent records.
D. Temporary documents.
问题 #83
Which of the following department managers would be best suited to oversee the development of an information security policy?
A. Information systems
B. Human resources
C. Business operations
D. Security administration
问题 #84
Which of the following countermeasures is not appropriate for war dialing attacks?
A. Monitoring and auditing for such activity.
B. Disabling call forwarding.
C. Making sure only necessary phone numbers are made public.
D. Using completely different numbers for voice and data accesses.
问题 #85
Which of the following tools is less likely to be used by a hacker?
A. I0phtcrack
B. Tripwire
C. Crack
D. John the Ripper
问题 #86
Which of the following logical access exposures involves changing data before, or as it is entered into the computer?
A. Data diddling
B. Salami techniques
C. Trojan horses
D. Viruses
问题 #87
Which of the following computer aided software engineering (CASE) products is used for developing detailed designs, such as screen and report layouts?
A. Lower CASE
B. Middle CASE
C. Upper CASE
D. I-CASE
问题 #88
What is called the number of columns in a table?
A. Schema
B. Relation
C. Degree
D. Cardinality
问题 #89
Which of the following is the most reliable authentication device?
A. Variable callback system
B. Smart Card system
C. Fixed callback system
D. Combination of variable and fixed callback system.
问题 #90
Which of the following firewall rules is less likely to be found on a firewall installed between and organization internal network and the Internet?
A. Permit all traffic to and from local host.
B. Permit all inbound ssh traffic
C. Permit all inbound tcp connections.
D. Permit all syslog traffic to log-server.abc.org.
问题 #91
The Internet can be utilized by either?
A. Public or private networks (with a Virtual Private Networks).
B. Private or public networks (with a Virtual Private Networks).
C. Home or private networks (with a Virtual Private Networks).
D. Public or home networks (with a Virtual Private Networks).
问题 #92
This backup method must be made regardless of whether Differential or Incremental methods are used.
A. Full Backup Method
B. Incremental backup method
C. Differential backup method
D. Tape backup method
问题 #93
Why do buffer overflows happen?
A. Because buffers can only hold so much dat
A.
B. Because input data is not checked for appropriate length at time of input.
C. Because they are an easy weakness to exploit.
D. Because of insufficient system memory.
问题 #94
Which of the following should not be performed by an operator?
A. Mounting disk or tape
B. Backup and recovery
C. Data entry
D. Handling hardware
问题 #95
What security model is dependant on security labels?
A. Discretionary access control
B. Label-based access control
C. Mandatory access control
D. Non-discretionary access control
问题 #96
Detection capabilities of Host-based ID systems are limited by the incompleteness of which of the following?
A. Audit log capabilities
B. Event capture capabilities
C. Event triage capabilities
D. Audit notification capabilities
问题 #97
Computer crime is generally made possible by which of the following?
A. The perpetrator obtaining training & special knowledge.
B. Victim carelessness.
C. Collusion with others in information processing
D. System design flaws.
问题 #98
The structures, transmission methods, transport formats, and security measures that are used to provide integrity, availability, authentication, and confidentiality for transmissions over private and public communications networks and media includes?
A. The Telecommunications and Network Security domain.
B. The Telecommunications and Netware Security domain.
C. The Technical communications and Network Security domain.
D. The Telnet and Network Security domain.
问题 #99
Which of the following is the lowest TCSEC class where in the system must protected against covert storage channels (but not necessarily covert timing channels)?
问题 #100
Which type of control is concerned with avoiding occurrences of risks?
A. Deterrent controls
B. Detective controls
C. Preventive controls
D. Compensating controls
闽公网安备 35012102500533号
|
闽ICP备18010967号-7