click below
click below
Normal Size Small Size show me how
CISSPY Wiley FC
CISSPY Wiley FC 1
Question | Answer |
---|---|
What type of virus modifies itself each time it infects a new system in an attempt to avoid detection? | Polymorphic Virus |
What is the importance of accountability? | Security can be maintained only if subjects are held accountable for their actions. Effect accountability relies on the capability to proves a subject's identity and track their activities. |
What is a security boundary? | Security boundary is the line of intersecrtion between any two area,s subnets, or environments that have different security requirements or needs |
What defines the hardware and software requirements of cryptographic modules in use by the federal government? | Federal Information Processing Standards (FISP-140-2) |
Define the aspect of confidentiality known as discretion. | Discretion is an act of decision whereby an operator can influence or control disclosure in order to minimize harm or damage. |
Define Sensitive But Unclassified (SBU)? | Sensitive But Unclassified (SBU) is used for data that is for internal use or office use only. Often SBU is used to protect information that could violate the privacy rights of individuals. |
What is the primary weakness of satellite communications? | Large Terrestrial Footprint |
What are the elements of a termination procedure policy? | Have at least one witness; escort terminated employees off the premises immediately; collect identification, access, or security devices; perform exit interview; disable network account |
While containing an incident, what is the next important consideration? | Protection of Evidence |
Name three wireless frequency access technologies. | FHSS, DSSS, and OFDM |
What is the term for exercising reasonable care in protecting organization assets and interests, including development of a formalized security structure consisting of policies, procedures and protocols? | Due Care |
In the Clark-Wilson security model, what is a procedure that scans data items and confirms their integrity? | Integrity Verification Procesure (IVP) |
Define PAP | Password Authentication Protocol (PAP) transmits usernames and passwords in cleartext. |
Define CHAP | Challenge Handshake Authentication Protocol (CHAP) performs authentication using a chlallenge-response dialogue that cannot be replayed. |
Define EAP | Extensible Authentication Protocol (EAP) allows customized authentication security solutions. |
Why is antivirus protection important? | Malware is the most common form of security breach in the IT world. Any communications pathway can be and is being exploited as a delivery mechanism for a virus or other malicious code |
A group of attackers is sponsored by the government. They are highly motivated, skilled, and patient and focused on a single target to gain and retain access over long periods of time. What is this group called? | Advanced Persistent Threat (APT) |
What is the proper term for ensuring that information is accessible only to authorized parties? | Confidentiality |
What is a VPN? | A Virtual Private Network (VPN) is a comunciation tunnele that provides point-to-point transmission of both authentication and data traffic over an intermediary network |
What is the purpose of security monitoring and measurement? | Security controls should provide benefits that can be monitored and measured. If a security control's benefits cannot be quantified, evaluated, or compared, then it does not actually provide any security |
What is MSSP? | Managed security service providers (MSSPs) can provide centrally controlled and managed XDR solutions deployed fully on-premise, fully in the cloud, or in a hybrid structure. MSSP solutions can be overseen through a local or remote SOC. EDR, MDR, EPP, XDR |