CISSP Official Practice Tests by Mike Chapple, David Seidl

Chapter 9: Practice Test 1 405 D. The TGS, or Ticket-Granting Service (which is usually on the same server as the KDC), receive ...

406 Appendix ■ Answers 13. D. Clipping is an analysis technique that only reports alerts after they exceed a set threshold. It i ...

Chapter 9: Practice Test 1 407 A. Identity as a service (IDaaS) provides an identity platform as a third-party service. This ca ...

408 Appendix ■ Answers 3 3. A. Encrypting the files reduces the probability that the data will be successfully stolen, so it is ...

Chapter 9: Practice Test 1 409 A. The modulo function is the remainder value left over after an integer division operation take ...

410 Appendix ■ Answers 4 9. C. Steganography is the art of using cryptographic techniques to embed secret messages within other ...

Chapter 9: Practice Test 1 411 B. Proactive monitoring, aka synthetic monitoring, uses recorded or generated traffic to test sy ...

412 Appendix ■ Answers 6 8. C. Masquerading (or impersonation) attacks use stolen or falsified credentials to bypass authenticat ...

Chapter 9: Practice Test 1 413 7 7. B. Class B fire extinguishers use carbon dioxide, halon, or soda acid as their suppression m ...

414 Appendix ■ Answers 8 7. B. During the preservation phase, the organization ensures that information related to the matter at ...

Chapter 9: Practice Test 1 415 D. Smurf attacks use a distributed attack approach to send ICMP echo replies at a targeted syste ...

416 Appendix ■ Answers 1 07. D. Patents and trade secrets can both protect intellectual property in the form of a process. Paten ...

Chapter 9: Practice Test 1 417 C. Test directories often include scripts that may have poor protections or may have other data ...

418 Appendix ■ Answers Chapter 10: Practice Test D. The recovery point objective (RPO) identifies the maximum amount of data, m ...

Chapter 10: Practice Test 2 419 C. Software-defined networking (SDN) is a converged protocol that allows virtualization concept ...

420 Appendix ■ Answers 2 0. C. The blacklist approach to application control blocks certain prohibited packages but allows the i ...

Chapter 10: Practice Test 2 421 B. Application programming interfaces (APIs), user interfaces (UIs), and physical interfaces ar ...

422 Appendix ■ Answers 3 8. B. SOC 2 reports are released under NDA to select partners or customers and can provide detail on th ...

Chapter 10: Practice Test 2 423 C. Interviews, surveys, and audits are all useful for assessing awareness. Code quality is best ...

424 Appendix ■ Answers 5 9. A. Rainbow tables rely on being able to use databases of precomputed hashes to quickly search for ma ...