CISSP Official Practice Tests by Mike Chapple, David Seidl
196 Chapter 8 ■ Software Development Security (Domain 8) What technique do API developers most commonly use to limit access to ...
Chapter 8 ■ Software Development Security (Domain 8) 197 Cross-site request forgery SQL injection A. An attack that injects a m ...
198 Chapter 8 ■ Software Development Security (Domain 8) Which one of the following tools might an attacker use to best identif ...
Chapter 8 ■ Software Development Security (Domain 8) 199 What application development method uses the cycle shown here? Requir ...
...
Chapter 9 Practice Test 9 ...
202 Chapter 9 ■ Practice Test 1 NIST SP800-53 discusses a set of security controls as what type of security tool? A. A configur ...
Chapter 9 ■ Practice Test 1 203 What type of motion detector uses high microwave frequency signal transmissions to identify pot ...
204 Chapter 9 ■ Practice Test 1 Which one of the following is not a mode of operation for the Data Encryption Standard? A. CBC ...
Chapter 9 ■ Practice Test 1 205 During a log review, Danielle discovers a series of logs that show login failures: Jan 31 11:3 ...
206 Chapter 9 ■ Practice Test 1 Which of the following sequences properly describes the TCP three-way handshake? A. SY N, ACK, ...
Chapter 9 ■ Practice Test 1 207 Frank is the security administrator for a web server that provides news and information to peop ...
208 Chapter 9 ■ Practice Test 1 What problem drives the recommendation to physically destroy SSD drives to prevent data leaks w ...
Chapter 9 ■ Practice Test 1 209 What type of log is shown in the figure? A. Firewall log B. Change log C. Application log D. S ...
210 Chapter 9 ■ Practice Test 1 What mathematical operation, when substituted for the blank lines shown here, would make the eq ...
Chapter 9 ■ Practice Test 1 211 If availability of authentication services is the organization’s biggest priority, what type of ...
212 Chapter 9 ■ Practice Test 1 Match the following lettered factors to their numbered type: Factors A. A PIN B. A token C. A ...
Chapter 9 ■ Practice Test 1 213 Roger is concerned that a third-party firm hired to develop code for an internal applica- tion ...
214 Chapter 9 ■ Practice Test 1 What penetration testing technique can best help assess training and awareness issues? A. Port ...
Chapter 9 ■ Practice Test 1 215 Alan is considering the use of new identification cards in his organization that will be used f ...
«
7
8
9
10
11
12
13
14
15
16
»
Free download pdf