Certified Information Systems Security Professional v1.0

Page:    1 / 26   
Exam contains 386 questions
Expand All

An organization recently conducted a review of the security of its network applications. One of the vulnerabilities found was that the session key used in encrypting sensitive information to a third party server had been hard-coded in the client and server applications. Which of the following would be MOST effective in mitigating this vulnerability?

  • A. Diffle-Hellman (DH) algorithm
  • B. Elliptic Curve Cryptography (ECC) algorithm
  • C. Digital Signature algorithm (DSA)
  • D. Rivest-Shamir-Adleman (RSA) algorithm


Answer : A

Which of the following methods of suppressing a fire is environmentally friendly and the MOST appropriate for a data center?

  • A. Inert gas fire suppression system
  • B. Halon gas fire suppression system
  • C. Dry-pipe sprinklers
  • D. Wet-pipe sprinklers


Answer : C

Unused space in a disk cluster is important in media analysis because it may contain which of the following?

  • A. Residual data that has not been overwritten
  • B. Hidden viruses and Trojan horses
  • C. Information about the File Allocation table (FAT)
  • D. Information about patches and upgrades to the system


Answer : A

A company seizes a mobile device suspected of being used in committing fraud. What would be the BEST method used by a forensic examiner to isolate the powered-on device from the network and preserve the evidence?

  • A. Put the device in airplane mode
  • B. Suspend the account with the telecommunication provider
  • C. Remove the SIM card
  • D. Turn the device off


Answer : A

Which of the following is MOST appropriate for protecting confidentially of data stored on a hard drive?

  • A. Triple Data Encryption Standard (3DES)
  • B. Advanced Encryption Standard (AES)
  • C. Message Digest 5 (MD5)
  • D. Secure Hash Algorithm 2(SHA-2)


Answer : B

Which of the following is the MOST effective method to mitigate Cross-Site Scripting (XSS) attacks?

  • A. Use Software as a Service (SaaS)
  • B. Whitelist input validation
  • C. Require client certificates
  • D. Validate data output


Answer : B

What is the MOST significant benefit of an application upgrade that replaces randomly generated session keys with certificate based encryption for communications with backend servers?

  • A. Non-repudiation
  • B. Efficiency
  • C. Confidentially
  • D. Privacy


Answer : A

A user has infected a computer with malware by connecting a Universal Serial Bus (USB) storage device.
Which of the following is MOST effective to mitigate future infections?

  • A. Develop a written organizational policy prohibiting unauthorized USB devices
  • B. Train users on the dangers of transferring data in USB devices
  • C. Implement centralized technical control of USB port connections
  • D. Encrypt removable USB devices containing data at rest


Answer : C

Which security service is served by the process of encryption plaintext with the sender"™s private key and decrypting cipher text with the sender"™s public key?

  • A. Confidentiality
  • B. Integrity
  • C. Identification
  • D. Availability


Answer : A

Which of the following mobile code security models relies only on trust?

  • A. Code signing
  • B. Class authentication
  • C. Sandboxing
  • D. Type safety


Answer : A

Reference:
https://csrc.nist.gov/csrc/media/publications/conference-paper/1999/10/21/proceedings-of-the-22nd-nissc-1999/documents/papers/t09.pdf
(11)

Which technique can be used to make an encryption scheme more resistant to a known plaintext attack?

  • A. Hashing the data before encryption
  • B. Hashing the data after encryption
  • C. Compressing the data after encryption
  • D. Compressing the data before encryption


Answer : A

What is the second phase of Public Key Infrastructure (PKI) key/certificate life-cycle management?

  • A. Implementation Phase
  • B. Initialization Phase
  • C. Cancellation Phase
  • D. Issued Phase


Answer : D

Which component of the Security Content Automation Protocol (SCAP) specification contains the data required to estimate the severity of vulnerabilities identified automated vulnerability assessments?

  • A. Common Vulnerabilities and Exposures (CVE)
  • B. Common Vulnerability Scoring System (CVSS)
  • C. Asset Reporting Format (ARF)
  • D. Open Vulnerability and Assessment Language (OVAL)


Answer : B

Who in the organization is accountable for classification of data information assets?

  • A. Data owner
  • B. Data architect
  • C. Chief Information Security Officer (CISO)
  • D. Chief Information Officer (CIO)


Answer : A

The use of private and public encryption keys is fundamental in the implementation of which of the following?

  • A. Diffie-Hellman algorithm
  • B. Secure Sockets Layer (SSL)
  • C. Advanced Encryption Standard (AES)
  • D. Message Digest 5 (MD5)


Answer : A

Page:    1 / 26   
Exam contains 386 questions
Expand All

Talk to us!

Have any questions or issues ? Please dont hesitate to contact us

[email protected]

Certlibrary doesn't offer Real Microsoft Exam Questions.
Certlibrary Materials do not contain actual questions and answers from Cisco's Certification Exams.
CFA Institute does not endorse, promote or warrant the accuracy or quality of Certlibrary. CFA® and Chartered Financial Analyst® are registered trademarks owned by CFA Institute.