CISSP Mock Exam

11 Questions | Total Attempts: 934

SettingsSettingsSettings
CISSP Mock Exam

CISSP Mock Exam


Questions and Answers
  • 1. 
    A high profile company has been receiving a high volume of attacks on their web site. The network administrator wants to be able to collect information on the attacker(s) so legal action can be taken. What should be implemented?
    • A. 

      DMZ (Demilitarized Zone)

    • B. 

      A honey pot

    • C. 

      A firewall

    • D. 

      A new subnet

  • 2. 
    You are running cabling for a network through a boiler room where the furnace and some other heavy machinery reside. You are concerned about interference from these sources. Which of the following types of cabling provides the best protection from interference in this area?
    • A. 

      STP

    • B. 

      UTP

    • C. 

      Coaxial

    • D. 

      Fiber-optic

  • 3. 
    In order for a user to obtain a certificate from a trusted CA Certificate Authority), the user must present proof of identity and a? A. Private key B. Public key C. Password D. Kerberos key  
    • A. 

      Private Key

    • B. 

      Public Key

    • C. 

      Password

    • D. 

      Kerberos Key

  • 4. 
    While performing a routing site audit of your wireless network, you discover an unauthorized Access Point placed on your network under the desk of Accounting department security. When questioned, she denies any knowledge of it, but informs you that her new boyfriend has been to visit her several times, including taking her to lunch one time. What type of attack have you just become a victim of?
    • A. 

      Piggybacking

    • B. 

      Masquerading

    • C. 

      Man-in-da-middle attack

    • D. 

      Social Engineering

  • 5. 
    When visiting an office adjacent to the server room, you discover the lock to the window is broken. Because it is not your office you tell the resident of the office to contact the maintenance person and have it fixed. After leaving, you fail to follow up on whether the windows was actually repaired. What affect will this have on the likelihood of a threat associated with the vulnerability actually occurring? If the window is repaired, the likelihood of the threat occurring will increase. B. If the window is repaired, the likelihood of the threat occurring will remain constant. C. If the window is not repaired the, the likelihood of the threat occurring will decrease. D. If the window is not repaired, the likelihood of the threat occurring will increase.
    • A. 

      If the window is repaired, the likelihood of the threat occurring will increase.

    • B. 

      If the window is repaired, the likelihood of the threat occurring will remain constant.

    • C. 

      If the window is not repaired the, the likelihood of the threat occurring will decrease.

    • D. 

      If the window is not repaired, the likelihood of the threat occurring will increase.

  • 6. 
    A company consists of a main building with two smaller branch offices at opposite ends of the city. The main building and branch offices are connected with fast links so that all employees have good connectivity to the network. Each of the buildings has security measures that require visitors to sign in, and all employees are required to wear identification badges at all times. You want to protect servers and other vital equipment so that the company has the best level of security at the lowest possible cost. Which of the following will you do to achieve this objective?
    • A. 

      Centralize servers and other vital components in a single room of the main building, and add security measures to this room so that they are well protected.

    • B. 

      Centralize most servers and other vital components in a single room of the main building, and place servers at each of the branch offices. Add security measures to areas where the servers and other components are located.

    • C. 

      Decentralize servers and other vital components, and add security measures to areas where the servers and other components are located.

    • D. 

      main building. Because the building prevents unauthorized access to visitors and other persons, there is no need to implement physical security in the server room.

  • 7. 
    You are explaining SSL to a junior administrator and come up to the topic of handshaking.How many steps are employed between the client and server in the SSL handshake process?
    • A. 

      Five

    • B. 

      Six

    • C. 

      Seven

    • D. 

      Eight

  • 8. 
    You have been alerted to the possibility of someone using an application to capture and manipulate packets as they are passing through your network. What type of threat does this represent?A. DDosB. Back Door C. SpoofingD. Man in the Middle
    • A. 

      DDos

    • B. 

      Trojan Horse

    • C. 

      Logic Bomb

    • D. 

      Man-in-the-middle

  • 9. 
    A problem with air conditioning is causing fluctuations in temperature in the server room. The temperature is rising to 90 degrees when the air conditioner stops working, and then drops to 60 degrees when it starts working again. The problem keeps occurring over the next two days. What problem may result from these fluctuations?
    • A. 

      Electrostatic discharge

    • B. 

      Power outages

    • C. 

      Chip creep

    • D. 

      Poor air quality

  • 10. 
    While connected from home to an ISP (Internet Service Provider), a network administrator performs a port scan against a corporate server and encounters four open TCP (Transmission Control Protocol) ports: 25, 110, 143 and 389. Corporate users in the organization must be able to connect from home, send and receive messages on the Internet, read e-mail by beams of the IMAPv.4 (Internet Message Access Protocol version 4) protocol, and search into a directory services database for user e-mail addresses, and digital certificates. All the e-mail relates services, as well as the directory server, run on the scanned server. Which of the above ports can be filtered out to decrease unnecessary exposure without affecting functionality?
    • A. 

      25

    • B. 

      110

    • C. 

      143

    • D. 

      389

  • 11. 
    A piece of malicious code that can replicate itself has no productive purpose and exist only to damage computer systems or create further vulnerabilities is called a?
    • A. 

      Logic Bomb

    • B. 

      Worm

    • C. 

      Trojan Horse

    • D. 

      Virus