CISSP Official Practice Tests by Mike Chapple, David Seidl

470 ICMP (Internet Control Message Protocol) – IP addresses

insider attacks, 387

insurance, 274, 279, 441

integration testing, 400

integrity controls, 321, 417

*-Integrity Property, 341

intellectual property, 5, 9, 10, 163, 224, 244,

319

intelligent fuzzing, 223

interface testing, 237, 377

interfaces

constrained, 218, 358, 412

programmatic, 421

restricted, 104, 359

testing and, 139, 370

interference, 456

internal auditors, 424

internal networks, firewall architecture and,

95

internet, connection speed, 86

Internet of Things, 346

interviews, 241, 386, 423

intrusion detection systems, 5, 6, 165–166,

277–278, 440

anomaly-based, 444

decoy environments, 288

HIDS, 387

NIDS, 387

physical, 69

SYN flood attack, 170

intrusion protection system, 349

inventions, patents, 13

inventory control, 161

investigations, 162–163, 293, 447

evidence, 153, 217, 435

interviews, 386, 423

legal issues, 167

operational, 438

regulatory, 381

searches, 170

testimonies, 171

virtualization and, 54

IoT (Internet of Things), 440

IP addresses, 398, 432

127.0.0.1, 356

ICMP (Internet Control Message Protocol),

96, 352, 355

IDaaS (Identity as a Service), 104, 206, 358,

368, 407, 450

IDEAL model, 194, 402

identification, 361, 432

usernames, 439

identification cards, 215

identities, 111

accountability, 108

authentication and, 116

unique identifiers, 114

validation, 115

X.500 standards, 115

identity and access management, answers,

358–369

identity information sharing, 211, 409

identity integration, 114

identity management, 220, 244, 248

identity platforms, 211

identity proofing, 118, 364, 408

Identity Theft and Assumption Deterrence

Act, 442

IDS, FTP traffic monitoring, 81

IMAP (Internet Message Access Protocol),

348

impact, risk assessment and, 222

implicit denial, 453

incident response, 159, 161, 167, 277–278,

388, 440

Mitigation phase, 388

phases, 168

remediation phase, 443

incidents, 389

incremental backups, 263, 295, 448

industry standards, 21

inference attacks, 193, 396, 406

information disclosure attacks, 326

information flow model, 345

Information Security Continuous

Monitoring program, 142

infrastructure, physical hardening, 6

input validation, 249, 342, 397, 399, 401,

403, 417, 428