CISSP Official Practice Tests by Mike Chapple, David Seidl

Chapter 3 ■ Security Architecture and Engineering (Domain 3) 75 C. Typing with the rhythm of Morse code D. Writing data to a sha ...

Chapter 8: Software Development Security (Domain 8) 397 B. Web application firewalls (WAFs) sit in front of web applications an ...

76 Chapter 3 ■ Security Architecture and Engineering (Domain 3) During a system audit, Casey notices that the private key for h ...

398 Appendix ■ Answers 4 7. B. Chris is in an Agile sprint phase and is likely developing code based on user stories. Planning i ...

Chapter 3 ■ Security Architecture and Engineering (Domain 3) 77 Match the following numbered security models with the appropria ...

Chapter 8: Software Development Security (Domain 8) 399 B. Client-side input validation is not an effective control against any ...

...

400 Appendix ■ Answers 6 4. C. The Agile Manifesto includes 12 principles for software development. Three of those are listed as ...

Communication and Network Security (Domain 4) Chapter 4 ...

Chapter 8: Software Development Security (Domain 8) 401 D. The Time of Check to Time of Use (TOCTOU) attack exploits timing dif ...

80 Chapter 4 ■ Communication and Network Security (Domain 4) What important factor differentiates Frame Relay from X.25? A. Fra ...

Chapter 4 ■ Communication and Network Security (Domain 4) 81 Gary is deploying a wireless network and wants to deploy the faste ...

402 Appendix ■ Answers 8 2. C. In the Establishing phase of the IDEAL model, the organization takes the general recommendations ...

82 Chapter 4 ■ Communication and Network Security (Domain 4) Brian is selecting an authentication protocol for a PPP connection ...

Chapter 8: Software Development Security (Domain 8) 403 threats (APTs) that does not exploit vulnerabilities identified in secur ...

Chapter 4 ■ Communication and Network Security (Domain 4) 83 Chris is designing layered network security for his organization. U ...

404 Appendix ■ Answers 9 9. B. A master boot record (MBR) virus redirects the boot process to load malware during the operating ...

84 Chapter 4 ■ Communication and Network Security (Domain 4) If Chris wants to stop cross-site scripting attacks against the we ...

Chapter 9: Practice Test 1 405 D. The TGS, or Ticket-Granting Service (which is usually on the same server as the KDC), receive ...

Chapter 4 ■ Communication and Network Security (Domain 4) 85 C. ARP spoofing D. A Cain attack A remote access tool that copies ...