最新 [2023年04月16日] ISC CISSPリアル試験問題集PDF [Q844-Q869]

Share

最新 [2023年04月16日] ISC CISSPリアル試験問題集PDF

CISSP練習テスト問題は更新された1481問題あります


ISC CISSP 認定試験の出題範囲:

トピック出題範囲
トピック 1
  • セキュリティとリスク管理
  • 資産セキュリティ
トピック 2
  • IDおよびアクセス管理(IAM)
トピック 3
  • セキュリティの評価とテスト
トピック 4
  • セキュリティアーキテクチャおよび
  • セキュリティ運用
トピック 5
  • ソフトウェア開発セキュリティ

 

質問 844
What does the protocol ARP do?

  • A. Sends messages to the devices regarding the health of the network
  • B. Takes an IP address and finds out the MAC address to which it
    belongs
  • C. Facilitates file transfers
  • D. Takes a MAC address and finds an IP address to match

正解: B

解説:
The correct answer is "Takes an IP address and finds out the MAC address to which it belongs". ARP starts with an IP address, then queries the network to find the MAC or hardware address of the workstation
to which it belongs.
ICMP performs "Sends messages to the devices regarding the health of the network".
RARP performs "Takes a MAC address and finds an IP address to match".
FTP performs "Facilitates file transfers".

 

質問 845
Which of the following would be the first step in establishing an information security program?

  • A. Purchase of security access control software
  • B. Development of a security awareness-training program
  • C. Development and implementation of an information security standards manual
  • D. Adoption of a corporate information security policy statement

正解: D

 

質問 846
Of the multiple methods of handling risks which we must undertake to carry out business operations, which one involves using controls to reduce the risk?

  • A. Mitigation
  • B. Avoidance
  • C. Acceptance
  • D. Transference

正解: A

解説:
Risk mitigation is the practice of the elimination of, or the significant decrease in the level of risk presented. Mitigating risk means you work around the risk with measures to reduce the risk. A good example could be a locked down web server or firewall. You benefit from the service they provide but mitigate risks involved by technical measures.
Another example of risk mitigation can be seen in everyday life and are readily apparent in the information technology world. For example, to lessen the risk of exposing personal and financial information that is highly sensitive and confidential organizations put countermeasures in place, such as firewalls, intrusion detection/prevention systems, and other mechanisms, to deter malicious outsiders from accessing this highly sensitive information.
Understand that conducting business in a computing world means assumption of risk. You have to make a management decision on whether to avoid, mitigate, transfer or simply accept it as a risk of doing business.
The following answers are incorrect:
Avoid: Risk with avoidance is when we eliminate the risk by avoiding it altogether. No surprise there but this answer is distinct from the others because you simply don't undertake the risky process. It is incorrect here because you're not reducing the risk with controls as with mitigation.
Acceptance: This means that the risk is identified and understand and evaluated to be acceptable in order to conduct business operations. It is incorrect because you are accepting that the risk is present and conducting business anyhow but don't mitigate risk with controls like in the question here.
Transference: When we transfer risk, we pay someone else to undertake the risk on our behalf so that we may conduct operations and benefit from the risk but don't undertake the risky operation ourselves. This is not the same as mitigation so it is incorrect.
The following reference(s) was used to create this question:
Gregg, Michael; Haines, Billy (2012-02-16). CASP: CompTIA Advanced Security
Practitioner Study Guide Authorized Courseware: Exam CAS-001 (p. 217-218). Wiley.
Kindle Edition.
and
Hernandez CISSP, Steven (2012-12-21). Official (ISC)2 Guide to the CISSP CBK, Third
Edition ((ISC)2 Press) (Kindle Locations 10183-10195). Auerbach Publications. Kindle
Edition.

 

質問 847
A financial company has decided to move its main business application to the Cloud. The legal department objects, arguing that the move of the platform should comply with several regulatory obligations such as the General Data Protection (GDPR) and ensure data confidentiality. The Chief Information Security Officer (CISO) says that the cloud provider has met all regulations requirements and even provides its own encryption solution with internally-managed encryption keys to address data confidentiality. Did the CISO address all the legal requirements in this situation?

  • A. No, because the encryption solution is internal to the cloud provider.
  • B. Yes, because the cloud provider is GDPR compliant.
  • C. Yes, because the cloud provider meets all regulations requirements.
  • D. No, because the cloud provider is not certified to host government data.

正解: C

解説:
Section: Mixed questions

 

質問 848
The environment that must be protected includes all personnel, equipment, data, communication devices, power supply and wiring. The necessary level of protection depends on the value of the data, the computer systems, and the company assets within the facility. The value of these items can be determined by what type of analysis?

  • A. Covert channel analysis
  • B. Critical-channel analysis
  • C. Critical-path analysis
  • D. Critical-conduit analysis

正解: C

解説:
The effectiveness of security controls is measured by the probability of detection at the point where there is enough time for a response team to interrupt an adversary. The critical path is the adversary path with the lowest probability of interruption.
An adversary path is an ordered sequence of actions against an asset that could result in it being compromised. Adversaries could normally be expected to take the easiest and most direct route. Early detection of unauthorised access enables a quicker response. Ideally interception should occur before access to the asset, but this depends on the asset and the security objectives. Interruption may not be required if tamper evidence is the objective for protecting the asset. See example below:

Critical Path Analysis Physical Security
THE CISSP EXAM AND PHYSICAL SECURITY
Information security depends on the security and management of the physical space in which computer systems operate. The CISSP exam's Common Body of Knowledge addresses the challenges of securing the physical space, its systems and the people who work within it by use of administrative, technical and physical controls.
The following topics are covered:
Facilities management: The administrative processes that govern the maintenance and protection of the physical operations space, from site selection through emergency response.
Risks, issues and protection strategies: Risk identification and the selection of security protection components.
Perimeter security: Typical physical protection controls.
Facilities management
Facilities management is a complex component of corporate security that ranges from the planning of a secure physical site to the management of the physical information system environment. Facilities management responsibilities include site selection and physical security planning (i.e. facility construction, design and layout, fire and water damage protection, antitheft mechanisms, intrusion detection and security procedures.) Protections must extend to both people and assets. The necessary level of protection depends on the value of the assets and data.
As an exam candidate your must learn the concept of critical-path analysis as a means of determining a component's business function criticality relative to the cost of operation and replacement. Furthermore, students need to gain an understanding of the optimal location and physical attributes of a secure facility. Among the topics covered in this domain are site inspection, location, accessibility and obscurity, considering the area crime rate, and the likelihood of natural hazards such as floods or earthquakes.
EXAM TIP:
This topic could be either from a Physical Security perspective or from a Logical Security
Perspective.
From a logical perspective it is define as: An analysis that defines relationships between mission critical applications. This type of analysis is performed to show what must happen to stay in business.
Reference(s) used for this question:
HARRIS, Shon, All-In-One CISSP Certification Exam Guide, McGraw-Hill/Osborne, 2001,
Page 281.
and
http://www.protectivesecurity.gov.au/physicalsecurity/Documents/Security-zones-and-risk- mitigation-control-measures.pdf and
http://www.onlineexpert.com/elearning/user/SampleFiles/SECURITY/CISSP_PS_Glossary.
html

 

質問 849
A 'Pseudo flaw' is which of the following?

  • A. An apparent loophole deliberately implanted in an operating system program as a trap for intruders.
  • B. Used for testing for bounds violations in application programming.
  • C. An omission when generating Psuedo-code.
  • D. A normally generated page fault causing the system to halt.

正解: A

解説:
A Pseudo flaw is something that looks like it is vulnerable to attack, but really acts as an alarm or triggers automatic actions when an intruder attempts to exploit the flaw.
The following answers are incorrect:
An omission when generating Psuedo-code. Is incorrect because it is a distractor.
Used for testing for bounds violations in application programming. Is incorrect, this is a testing methodology.
A normally generated page fault causing the system to halt. This is incorrect because it is distractor.

 

質問 850
At which layer of ISO/OSI does the fiber optics work?

  • A. Transport layer
  • B. Physical layer
  • C. Data link layer
  • D. Network layer

正解: B

解説:
The answer: Physical
layer The Physical layer is responsible for the transmission of
the data through the physical medium. This includes such things as cables. Fiber optics is a
cabling mechanism which works at Physical layer of OSI model
All of the other answers are incorrect.
The following reference(s) were/was used to create this question:
Shon Harris all in one - Chapter 7 (Cabling)

 

質問 851
Which of the following is the PRIMARY risk associated with Extensible Markup Language (XML) applications?

  • A. Potential sensitive data leakage.
  • B. Users can manipulate the code.
  • C. The stack data structure is repetitive.
  • D. The stack data structure cannot be replicated.

正解: B

 

質問 852
A control to protect from a Denial-of-Service (DoS) attach has been determined to stop 50% of attacks, and additionally reduces the impact of an attack by 50%. What is the residual risk?

  • A. 75%
  • B. 100%
  • C. 50%
  • D. 25%

正解: C

 

質問 853
The Physical Security domain focuses on three areas that are the basis to physically protecting enterprise's resources and sensitive information. Which of the following is NOT one of these areas?

  • A. Vulnerabilities
  • B. Threats
  • C. Countermeasures
  • D. Risks

正解: D

解説:
Explanation/Reference:
Explanation:
"Risks" is not one of the three areas that the Physical Security domain focuses on.
The Physical Security domain addresses the threats, vulnerabilities, and countermeasures that can be utilized to physically protect an enterprise's resources and sensitive information. These resources include personnel, the facility in which they work, and the data, equipment, support systems, and media with which they work. Physical security often refers to the measures taken to protect systems, buildings, and their related supporting infrastructure against threats that are associated with the physical environment.
Incorrect Answers:
A: Threats is one of the three areas that the Physical Security domain focuses on. Therefore, this answer is incorrect.
B: Countermeasures is one of the three areas that the Physical Security domain focuses on. Therefore, this answer is incorrect.
C: Vulnerabilities is one of the three areas that the Physical Security domain focuses on. Therefore, this answer is incorrect.
References:
Krutz, Ronald L. and Russell Dean Vines, The CISSP and CAP Prep Guide: Mastering CISSP and CAP, Wiley Publishing, Indianapolis, 2007, p. 451

 

質問 854
Which of the following actions MUST be performed when using secure multipurpose internet mail Extension (S/MIME) before sending an encrypted message to a recipient?

  • A. Encrypt attachments.
  • B. Obtain the recipients private key.
  • C. Digitally sign foe message.
  • D. Obtain the recipient's digital certificate.

正解: C

 

質問 855
Which is the BEST control to meet the Statement on Standards for Attestation Engagements 18 (SSAE-18) confidentiality category?

  • A. Data processing
  • B. Data retention policy
  • C. Storage encryption
  • D. File hashing

正解: D

 

質問 856
In which order, from MOST to LEAST impacted, does user awareness training reduce the occurrence of the events below?

正解:

解説:

Explanation

 

質問 857
Which LAN topology below is MOST vulnerable to a single point of
failure?

  • A. Ethernet Bus
  • B. FDDI
  • C. Logical Ring
  • D. Physical Star

正解: A

解説:
Ethernet bus topology was the first commercially viable network
topology, and consists of all workstations connected to a single coaxial cable. Since the cable must be properly terminated on both ends, a break in the cable stops all communications on the bus.
* the physical star topology acts like a logical bus, but provides better fault tolerance, as a cable break only disconnects the workstation or hub directly affected.
* logical ring topology, is used by Token Ring and FDDI and is highly resilient. Token Ring employs a beacon frame, which, in case of a cable break, initiates auto reconfiguration and attempts to reroute the network around the failed mode. Also, the Token Ring active monitor station performs ring maintenance
functions, like removing continuously circulating frames from the
ring. FDDI employs a second ring to provide redundancy. Sources:
Virtual LANs by Mariana Smith (McGraw-Hill, 1998) and Internetworking
Technologies Handbook, Second Edition (Cisco Press, 1998).

 

質問 858
Which of the following refers to the data left on the media after the media has been erased?

  • A. semi-hidden
  • B. remanence
  • C. recovery
  • D. sticky bits

正解: B

 

質問 859
When testing password strength, which of the following is the BEST method for brute forcing passwords?

  • A. Conduct an online password attack until the account being used is locked.
  • B. Conduct an offline attack on the hashed password information.
  • C. Use social engineering methods to attempt to obtain the password.
  • D. Use a comprehensive list of words to attempt to guess the password.

正解: D

 

質問 860
Place the following information classification steps in sequential order.

正解:

解説:

Explanation

 

質問 861
Refer to the information below to answer the question.
A large, multinational organization has decided to outsource a portion of their Information Technology (IT) organization to a third-party provider's facility. This provider will be responsible for the design, development, testing, and support of several critical, customer-based applications used by the organization.
The organization should ensure that the third party's physical security controls are in place so that they

  • A. are able to limit access to sensitive information.
  • B. allow access by the organization staff at any time.
  • C. are more rigorous than the original controls.
  • D. cannot be accessed by subcontractors of the third party.

正解: A

 

質問 862
What is a common problem when using vibration detection devices for perimeter control?

  • A. They can be defeated by electronic means.
  • B. They are vulnerable to non-adversarial disturbances.
  • C. They must be buried below the frost line.
  • D. Signal amplitude is affected by weather conditions.

正解: B

解説:
Vibration sensors are similar and are also implemented to detect forced entry. Financial institutions may choose to implement these types of sensors on exterior walls, where bank robbers may attempt to drive a vehicle through. They are also commonly used around the ceiling and flooring of vaults to detect someone trying to make an unauthorized bank withdrawal.
Such sensors are proned to false positive. If there is a large truck with heavy equipment driving by it may trigger the sensor. The same with a storm with thunder and lighting, it may trigger the alarm
even thou there are no adversarial threat or disturbance.
The following are incorrect answers:
All of the other choices are incorrect.
Reference used for this question:
Harris, Shon (2012-10-18). CISSP All-in-One Exam Guide, 6th Edition (pp. 495-496). McGraw-Hill
. Kindle Edition.

 

質問 863
The type of authorized interactions a subject can have with an object is

  • A. protocol.
  • B. control.
  • C. permission.
  • D. procedure.

正解: C

 

質問 864
Which of the following is required in order to provide accountability?

  • A. Authentication
  • B. Audit trails
  • C. Integrity
  • D. Confidentiality

正解: B

解説:
Accountability can actually be seen in two different ways:
1) Although audit trails are also needed for accountability, no user can be accountable for their actions unless properly authenticated.
2) Accountability is another facet of access control. Individuals on a system are responsible for their actions. This accountability property enables system activities to be traced to the proper individuals. Accountability is supported by audit trails that record events on the system and network. Audit trails can be used for intrusion detection and for the reconstruction of past events. Monitoring individual activities, such as keystroke monitoring, should be accomplished in accordance with the company policy and appropriate laws.
Banners at the log-on time should notify the user of any monitoring that is being conducted.
The point is that unless you employ an appropriate auditing mechanism, you don't have accountability. Authorization only gives a user certain permissions on the network.
Accountability is far more complex because it also includes intrusion detection, unauthorized actions by both unauthorized users and authorized users, and system faults.
The audit trail provides the proof that unauthorized modifications by both authorized and unauthorized users took place. No proof, No accountability.
Source: KRUTZ, Ronald L. & VINES, Russel D., The CISSP Prep Guide: Mastering the
Ten Domains of Computer Security, John Wiley & Sons, 2001, Page 50
The Shon Harris AIO book, 4th Edition, on Page 243 also states:
Auditing Capabilities ensures users are accountable for their actions, verify that the secutiy policies are enforced, and can be used as investigation tools. Accountability is tracked by recording user, system, and application activities.
This recording is done through auditing functions and mechanisms within an operating sytem or application.
Audit trail contain information about operating System activities, application events, and user actions.

 

質問 865
During the risk assessment phase of the project the CISO discovered that a college within the University is collecting Protected Health Information (PHI) data via an application that was developed in-house. The college collecting this data is fully aware of the regulations for Health Insurance Portability and Accountability Act (HIPAA) and is fully compliant.
What is the best approach for the CISO?
Below are the common phases to creating a Business Continuity/Disaster Recovery (BC/DR) plan. Drag the remaining BC\DR phases to the appropriate corresponding location.

正解:

解説:

Explanation

 

質問 866
In the physical security context, a security door equipped with an electronic lock configured to ignore the unlock signals sent from the building emergency access control system in the event of an issue (fire, intrusion, power failure) would be in which of the following configuration?

  • A. Fail Safe
  • B. Fail Secure
  • C. Fail Open
  • D. Fail Soft

正解: B

解説:
Explanation/Reference:
Explanation:
Doorways with automatic locks can be configured to be fail-safe or fail-secure. A fail-safe setting means that if a power disruption occurs that affects the automated locking system, the doors default to being unlocked. Fail-safe deals directly with protecting people. If people work in an area and there is a fire or the power is lost, it is not a good idea to lock them in.
A fail-secure configuration means that the doors default to being locked if there are any problems with the power. If people do not need to use specific doors for escape during an emergency, then these doors can most likely default to fail-secure settings.
Incorrect Answers:
A: Doorways with automatic locks can be configured to be fail-safe or fail-secure. "Fail-soft" is not a valid term when talking about doorways with automatic locks. Therefore, this answer is incorrect.
B: A fail-safe setting means that if a power disruption occurs that affects the automated locking system, the doors default to being unlocked. "Fail-open" is essentially the same as fail-safe although fail-safe is the more commonly used terminology. In a fail-safe or fail-open system, the doors do not remain locked.
Therefore, this answer is incorrect.
C: A fail-safe setting means that if a power disruption occurs that affects the automated locking system, the doors default to being unlocked; the doors do not remain locked. Therefore, this answer is incorrect.
References:
Harris, Shon, All In One CISSP Exam Guide, 6th Edition, McGraw-Hill, 2013, p. 451

 

質問 867
Which type of fire detectors sends an alarm when the temperature of the room rises dramatically?

  • A. Flame-actuated
  • B. Odor-sensing
  • C. Smoke-actuated
  • D. Heat-sensing

正解: D

解説:
A rate-of-rise detector triggers an alarm when the ambient temperature of a room increases rapidly. Another type of heat-sensing detector, a fixed temperature device, sends an alarm when the temperature passes a predetermined level.

 

質問 868
Which must bear the primary responsibility for determining the level of protection needed for information systems resources?

  • A. IS security specialists
  • B. system auditors
  • C. Senior Management
  • D. Seniors security analysts

正解: C

 

質問 869
......

ISC CISSP問題集で一発合格できる問題を試そう!:https://jp.fast2test.com/CISSP-premium-file.html

CISSP問題集を掴み取れ![最新2023]ISC試験問題を提供しています:https://drive.google.com/open?id=1qmSXO7pGryad-fQDps-4Uo_I10yaqSI_


弊社を連絡する

我々は12時間以内ですべてのお問い合わせを答えます。

我々の働いている時間: ( GMT 0:00-15:00 )
月曜日から土曜日まで

サポート: 現在連絡 

English Deutsch 繁体中文 한국어