CISSP exam

Which one of the following factors is NOT one on which Authentication is based?A .  Type 1 Something you know, such as a PIN or passwordB .  Type 2 Something you have, such as an ATM card or smart cardC .  Type 3 Something you are (based upon one or...

FOR THIS QUESTION, REFER TO THE FOLLOWING INFORMATION The security practitioner is charged with implementing e-mail security using a cryptographic standard of the security practitioner’s choice. The security practitioner chooses an open Pretty Good Privacy (PGP) implementation. Which set of cryptographic algorithms should the CISSP choose to create the e-mails'...

A Java program is being developed to read a file from computer A and write it to computer B, using a third computer C. The program is not working as expected. What is the MOST probable security feature of Java preventing the program from operating as intended?A . Least privilegeB...

Which of the following is an effective control in preventing electronic cloning of Radio Frequency Identification (RFID) based access cards?A . Personal Identity Verification (PIV)B . Cardholder Unique Identifier (CHUID) authenticationC . Physical Access Control System (PACS) repeated attempt detectionD . Asymmetric Card Authentication Key (CAK) challenge-responseView AnswerAnswer: C

An area of the Telecommunications and Network Security domain that directly affects the Information Systems Security tenet of Availability can be defined as:A . Netware availabilityB . Network availabilityC . Network acceptabilityD . Network accountabilityView AnswerAnswer: B

All of the following items should be included in a Business Impact Analysis (BIA) questionnaire EXCEPT questions thatA . determine the risk of a business interruption occurringB . determine the technological dependence of the business processesC . Identify the operational impacts of a business interruptionD . Identify the financial impacts...

Considerations of privacy, invasiveness, and psychological and physical comfort when using the system are important elements for which of the following?A .  Accountability of biometrics systemsB .  Acceptability of biometrics systemsC .  Availability of biometrics systemsD .  Adaptability of biometrics systemsView AnswerAnswer: B Explanation: Acceptability refers to considerations of privacy,...

There are parallels between the trust models in Kerberos and Public Key Infrastructure (PKI). When we compare them side by side, Kerberos tickets correspond most closely to which of the following?A .  public keysB .  private keysC .  public-key certificatesD .  private-key certificatesView AnswerAnswer: C Explanation: A Kerberos ticket is issued...

Which of the following is used to create and modify the structure of your tables and other objects in the database?A .  SQL Data Definition Language (DDL)B .  SQL Data Manipulation Language (DML)C .  SQL Data Relational Language (DRL)D .  SQL Data Identification Language (DIL)View AnswerAnswer: A Explanation: The SQL...

The use of private and public encryption keys is fundamental in the implementation of which of the following?A . Diffie-Hellman algorithmB . Secure Sockets Layer (SSL)C . Advanced Encryption Standard (AES)D . Message Digest 5 (MD5)View AnswerAnswer: A