CISSP 2021 SYBEX TEST PREP 475
QUESTIONS AND ANSWERS
NIST SP800-53 discusses a set of security controls as what type of security tool?
A. A configuration list
B. A threat management strategy
C. A baseline
D. The CIS standard Correct answer- C
Ed has been tasked with identifying a service that will provide a low-latency,
highperformance, and high-availability way to host content for his employer. What type
of solution should he seek out to ensure that his employer's customers around the world
can access their content quickly, easily, and reliably?
A. A hot site
B. A CDN
C. Redundant servers
D. A P2P CDN Correct answer- B
Which one of the following is not a function of a forensic disk controller?
A. Preventing the modification of data on a storage device
B. Returning data requested from the device
C. Reporting errors sent by the device to the forensic host
D. Blocking read commands sent to the device Correct answer- D
Mike is building a fault-tolerant server and wishes to implement RAID 1. How many
physical disks are required to build this solution? A. 1
B. 2
C. 3
D. 5 Correct answer- B
Which Kerberos service generates a new ticket and session keys and sends them to the
client?
A. KDC
B. TGT
C. AS
D. TGS Correct answer- D
Communication systems that rely on start and stop flags or bits to manage data
transmission are known as what type of communication?
A. Analog
B. Digital
,C. Synchronous
D. Asynchronous Correct answer- D
What type of motion detector uses high microwave frequency signal transmissions to
identify potential intruders?
A. Infrared
B. Heat-based
C. Wave pattern
D. Capacitance Correct answer- C
Susan sets up a firewall that keeps track of the status of the communication between
two systems and allows a remote system to respond to a local system after the local
system starts communication. What type of firewall is Susan using?
A. A static packet filtering firewall
B. An application-level gateway firewall
C. A stateful packet inspection firewall
D. A circuit-level gateway firewall Correct answer- C
Ben owns a coffeehouse and wants to provide wireless Internet service for his
customers. Ben's network is simple and uses a single consumer-grade wireless router
and a cable modem connected via a commercial cable data contract.
How can Ben provide access control for his customers without having to provision user
IDs before they connect while also gathering useful contact information for his business
purposes?
A. WPA2 PSK
B. A captive portal
C. Require customers to use a publicly posted password like "BensCoffee."
D. Port security Correct answer- B
Ben owns a coffeehouse and wants to provide wireless Internet service for his
customers. Ben's network is simple and uses a single consumer-grade wireless router
and a cable modem connected via a commercial cable data contract.
Ben intends to run an open (unencrypted) wireless network. How should he connect his
business devices?
A. Run WPA2 on the same SSID.
B. Set up a separate SSID using WPA2.
C. Run the open network in Enterprise mode.
D. Set up a separate wireless network using WEP. Correct answer- B
,Ben owns a coffeehouse and wants to provide wireless Internet service for his
customers. Ben's network is simple and uses a single consumer-grade wireless router
and a cable modem connected via a commercial cable data contract.
After implementing the solution from the first question, Ben receives a complaint about
users in his cafe hijacking other customers' web traffic, including using their usernames
and passwords. How is this possible?
A. The password is shared by all users, making traffic vulnerable.
B. A malicious user has installed a Trojan on the router.
C. A user has ARP spoofed the router, making all traffic broadcast to all users.
D. Open networks are unencrypted, making traffic easily sniffable. Correct answer- D
Which one of the following is not a mode of operation for the Data Encryption Standard?
A. CBC
B. CFB
C. OFB
D. AES Correct answer- D
Tom is tuning his security monitoring tools in an attempt to reduce the number of alerts
received by administrators without missing important security events. He decides to
configure the system to only report failed login attempts if there are five failed attempts
to access the same account within a one-hour period of time. What term best describes
the technique that Tom is using?
A. Thresholding
B. Sampling
C. Account lockout
D. Clipping Correct answer- D
Sally has been tasked with deploying an authentication, authorization, and accounting
server for wireless network services in her organization and needs to avoid using
proprietary technology.
What technology should she select?
A. OAuth
B. RADIUS
C. XTACACS
D. TACACS+ Correct answer- B
An accounting clerk for Christopher's Cheesecakes does not have access to the salary
information for individual employees but wanted to know the salary of a new hire. He
pulled total payroll expenses for the pay period before the new person was hired and
then pulled the same expenses for the following pay period. He computed the difference
between those two amounts to determine the individual's salary.
, What type of attack occurred?
A. Aggregation
B. Data diddling
C. Inference
D. Social engineering Correct answer- C
Alice would like to have read permissions on an object and knows that Bob already has
those rights and would like to give them to herself. Which one of the rules in the
TakeGrant protection model would allow her to complete this operation if the
relationship exists between Alice and Bob?
A. Take rule
B. Grant rule
C. Create rule
D. Remote rule Correct answer- A
During a log review, Danielle discovers a series of logs that show login failures:
Jan 31 11:39:12 ip-10-0-0-2 sshd[29092]: Invalid user admin from remotehost
passwd=aaaaaaaa
Jan 31 11:39:20 ip-10-0-0-2 sshd[29098]: Invalid user admin from remotehost
passwd=aaaaaaab
Jan 31 11:39:23 ip-10-0-0-2 sshd[29100]: Invalid user admin from remotehost
passwd=aaaaaaac
Jan 31 11:39:31 ip-10-0-0-2 sshd[29106]: Invalid user admin from remotehost
passwd=aaaaaaad
Jan 31 20:40:53 ip-10-0-0-254 sshd[30520]: Invalid user admin from remotehost
passwd=aaaaaaae
What type of attack has Danielle discovered?
A. A pass-the-hash attack
B. A brute-force attack
C. A man-in-the-middle attack
D. A dictionary attack Correct answer- B
What property of a relational database ensures that two executing transactions do not
affect each other by storing interim results in the database?
A. Atomicity
B. Isolation
C. Consistency
D. Durability Correct answer- B
QUESTIONS AND ANSWERS
NIST SP800-53 discusses a set of security controls as what type of security tool?
A. A configuration list
B. A threat management strategy
C. A baseline
D. The CIS standard Correct answer- C
Ed has been tasked with identifying a service that will provide a low-latency,
highperformance, and high-availability way to host content for his employer. What type
of solution should he seek out to ensure that his employer's customers around the world
can access their content quickly, easily, and reliably?
A. A hot site
B. A CDN
C. Redundant servers
D. A P2P CDN Correct answer- B
Which one of the following is not a function of a forensic disk controller?
A. Preventing the modification of data on a storage device
B. Returning data requested from the device
C. Reporting errors sent by the device to the forensic host
D. Blocking read commands sent to the device Correct answer- D
Mike is building a fault-tolerant server and wishes to implement RAID 1. How many
physical disks are required to build this solution? A. 1
B. 2
C. 3
D. 5 Correct answer- B
Which Kerberos service generates a new ticket and session keys and sends them to the
client?
A. KDC
B. TGT
C. AS
D. TGS Correct answer- D
Communication systems that rely on start and stop flags or bits to manage data
transmission are known as what type of communication?
A. Analog
B. Digital
,C. Synchronous
D. Asynchronous Correct answer- D
What type of motion detector uses high microwave frequency signal transmissions to
identify potential intruders?
A. Infrared
B. Heat-based
C. Wave pattern
D. Capacitance Correct answer- C
Susan sets up a firewall that keeps track of the status of the communication between
two systems and allows a remote system to respond to a local system after the local
system starts communication. What type of firewall is Susan using?
A. A static packet filtering firewall
B. An application-level gateway firewall
C. A stateful packet inspection firewall
D. A circuit-level gateway firewall Correct answer- C
Ben owns a coffeehouse and wants to provide wireless Internet service for his
customers. Ben's network is simple and uses a single consumer-grade wireless router
and a cable modem connected via a commercial cable data contract.
How can Ben provide access control for his customers without having to provision user
IDs before they connect while also gathering useful contact information for his business
purposes?
A. WPA2 PSK
B. A captive portal
C. Require customers to use a publicly posted password like "BensCoffee."
D. Port security Correct answer- B
Ben owns a coffeehouse and wants to provide wireless Internet service for his
customers. Ben's network is simple and uses a single consumer-grade wireless router
and a cable modem connected via a commercial cable data contract.
Ben intends to run an open (unencrypted) wireless network. How should he connect his
business devices?
A. Run WPA2 on the same SSID.
B. Set up a separate SSID using WPA2.
C. Run the open network in Enterprise mode.
D. Set up a separate wireless network using WEP. Correct answer- B
,Ben owns a coffeehouse and wants to provide wireless Internet service for his
customers. Ben's network is simple and uses a single consumer-grade wireless router
and a cable modem connected via a commercial cable data contract.
After implementing the solution from the first question, Ben receives a complaint about
users in his cafe hijacking other customers' web traffic, including using their usernames
and passwords. How is this possible?
A. The password is shared by all users, making traffic vulnerable.
B. A malicious user has installed a Trojan on the router.
C. A user has ARP spoofed the router, making all traffic broadcast to all users.
D. Open networks are unencrypted, making traffic easily sniffable. Correct answer- D
Which one of the following is not a mode of operation for the Data Encryption Standard?
A. CBC
B. CFB
C. OFB
D. AES Correct answer- D
Tom is tuning his security monitoring tools in an attempt to reduce the number of alerts
received by administrators without missing important security events. He decides to
configure the system to only report failed login attempts if there are five failed attempts
to access the same account within a one-hour period of time. What term best describes
the technique that Tom is using?
A. Thresholding
B. Sampling
C. Account lockout
D. Clipping Correct answer- D
Sally has been tasked with deploying an authentication, authorization, and accounting
server for wireless network services in her organization and needs to avoid using
proprietary technology.
What technology should she select?
A. OAuth
B. RADIUS
C. XTACACS
D. TACACS+ Correct answer- B
An accounting clerk for Christopher's Cheesecakes does not have access to the salary
information for individual employees but wanted to know the salary of a new hire. He
pulled total payroll expenses for the pay period before the new person was hired and
then pulled the same expenses for the following pay period. He computed the difference
between those two amounts to determine the individual's salary.
, What type of attack occurred?
A. Aggregation
B. Data diddling
C. Inference
D. Social engineering Correct answer- C
Alice would like to have read permissions on an object and knows that Bob already has
those rights and would like to give them to herself. Which one of the rules in the
TakeGrant protection model would allow her to complete this operation if the
relationship exists between Alice and Bob?
A. Take rule
B. Grant rule
C. Create rule
D. Remote rule Correct answer- A
During a log review, Danielle discovers a series of logs that show login failures:
Jan 31 11:39:12 ip-10-0-0-2 sshd[29092]: Invalid user admin from remotehost
passwd=aaaaaaaa
Jan 31 11:39:20 ip-10-0-0-2 sshd[29098]: Invalid user admin from remotehost
passwd=aaaaaaab
Jan 31 11:39:23 ip-10-0-0-2 sshd[29100]: Invalid user admin from remotehost
passwd=aaaaaaac
Jan 31 11:39:31 ip-10-0-0-2 sshd[29106]: Invalid user admin from remotehost
passwd=aaaaaaad
Jan 31 20:40:53 ip-10-0-0-254 sshd[30520]: Invalid user admin from remotehost
passwd=aaaaaaae
What type of attack has Danielle discovered?
A. A pass-the-hash attack
B. A brute-force attack
C. A man-in-the-middle attack
D. A dictionary attack Correct answer- B
What property of a relational database ensures that two executing transactions do not
affect each other by storing interim results in the database?
A. Atomicity
B. Isolation
C. Consistency
D. Durability Correct answer- B
