CISSP Official Practice Tests by Mike Chapple, David Seidl

Chapter 5: Identity and Access Management (Domain 5) 365 D. Kerberos is an authentication protocol that uses tickets and provid ...

366 Appendix ■ Answers 70. C. An access control matrix is a table that lists objects, subjects, and their privileges. Access con ...

Chapter 5: Identity and Access Management (Domain 5) 367 C. In a mandatory access control system, classifications do not have t ...

368 Appendix ■ Answers 8 8. B. The Simple Authentication and Security Layer (SASL) for LDAP provides support for a range of auth ...

Chapter 6: Security Assessment and Testing (Domain 6) 369 B. Locks can be preventative access controls by stopping unwanted acc ...

370 Appendix ■ Answers B. An IPS is an example of a mechanism like a hardware-, software-, or firmware-based control or system. ...

Chapter 6: Security Assessment and Testing (Domain 6) 371 C. Generational fuzzing relies on models for application input and co ...

372 Appendix ■ Answers 2 5. A. A test coverage analysis is often used to provide insight into how well testing covered the set o ...

Chapter 6: Security Assessment and Testing (Domain 6) 373 or banner information and may flag patched versions if the software pr ...

374 Appendix ■ Answers 4 0. C. Passive monitoring only works after issues have occurred because it requires actual traffic. Synt ...

Chapter 6: Security Assessment and Testing (Domain 6) 375 B. Security vulnerabilities can be created by misconfiguration, logic ...

376 Appendix ■ Answers 5 8. C. The audit finding indicates that the backup administrator may not be monitoring backup logs and t ...

Chapter 6: Security Assessment and Testing (Domain 6) 377 6 7. B. Fagan testing is a detailed code review that steps through pla ...

378 Appendix ■ Answers 7 4. B. Not having enough log sources is not a key consideration in log management system design, althoug ...

Chapter 6: Security Assessment and Testing (Domain 6) 379 D. Since a shared symmetric key could be used by any of the servers, ...

380 Appendix ■ Answers 8 8. C. Static analysis is the process of reviewing code without running it. It relies on techniques like ...

Chapter 7: Security Operations (Domain 7)  381 B. Once additional tools have been installed, penetration testers will typically ...

382 Appendix ■ Answers B. A pseudoflaw is a false vulnerability in a system that may attract an attacker. A honeynet is a netwo ...

Chapter 7: Security Operations (Domain 7)  383 D. Hotfixes, updates, and security fixes are all synonyms for single patches des ...

384 Appendix ■ Answers 2 5. D. A disaster is any event that can disrupt normal IT operations and can be either natural or manmad ...