CISSP Official Practice Tests by Mike Chapple, David Seidl

Chapter 3: Security Architecture and Engineering (Domain 3) 345 A. The information flow model applies state machines to the flo ...

346 Appendix ■ Answers 9 6. B. Abstraction uses a black box approach to hide the implementation details of an object from the us ...

Chapter 4: Communication and Network Security (Domain 4) 347 C. The most reasonable choice presented is to move the devices to ...

348 Appendix ■ Answers 3. C. Ben is using ad hoc mode, which directly connects two clients. It can be easy to confuse this with ...

Chapter 4: Communication and Network Security (Domain 4) 349 B. The Remote Access Dial In User Service (RADIUS) protocol was or ...

350 Appendix ■ Answers 2 1. A. S/MIME supports both signed messages and a secure envelope method. While the functionality of S/M ...

Chapter 4: Communication and Network Security (Domain 4) 351 B. If a business need requires messaging, using a local messaging ...

352 Appendix ■ Answers 41. D. Ping uses ICMP, the Internet Control Message Protocol, to determine whether a system responds and ...

Chapter 4: Communication and Network Security (Domain 4) 353 A. WPA2, the replacement for WPA, does not suffer from the securit ...

354 Appendix ■ Answers 6 2. B. All stateful inspection firewalls enforce an implicit deny rule as the final rule of the rulebase ...

Chapter 4: Communication and Network Security (Domain 4) 355 C. ICMP, RIP, and network address translation all occur at layer 3 ...

356 Appendix ■ Answers 8 1. D. The IP address 127.0.0.1 is a loopback address and will resolve to the local machine. Public addr ...

Chapter 4: Communication and Network Security (Domain 4) 357 because they may have to be passed without any inspection. Christma ...

358 Appendix ■ Answers 9 9. D. MAC addresses and their organizationally unique identifiers are used at the Data Link layer to id ...

Chapter 5: Identity and Access Management (Domain 5) 359 man-in-the-middle attack would not be visible in the authentication log ...

360 Appendix ■ Answers 16. D. Need to know is applied when subjects like Alex have access to only the data they need to accompli ...

Chapter 5: Identity and Access Management (Domain 5) 361 A. Resource-based access controls match permissions to resources like ...

362 Appendix ■ Answers 3 7. D. Dogs, guards, and fences are all examples of physical controls. While dogs and guards might detec ...

Chapter 5: Identity and Access Management (Domain 5) 363 organization is online. Using encrypted and signed communication does n ...

364 Appendix ■ Answers 5 2. B. Registration is the process of adding a user to an identity management system. This includes crea ...