ISC2 CISSP exam questions with answers
\| \| \| \| \|
TCP/IP session Hijacking is carried out in which OSI layer? -
\| \| \| \| \| \| \| \| \| \| \|
CORRECT ANSWERS ✔✔Transport \| \|
What type of attack is being used when an email that looks
\| \| \| \| \| \| \| \| \| \| \| \|
legitimate is sent to A VIP in an organization, aimed at gaining
\| \| \| \| \| \| \| \| \| \| \| \|
information, usually credentials? - CORRECT ANSWERS ✔✔Spear \| \| \| \| \| \| \|
Phishing
What ICMP message types are used by the ping command? -
\| \| \| \| \| \| \| \| \| \| \|
CORRECT ANSWERS ✔✔Echo request (8) and Echo reply(0)
\| \| \| \| \| \| \|
What are the initial two commands that an IRC client sends to
\| \| \| \| \| \| \| \| \| \| \| \|
join an IRC network? - CORRECT ANSWERS ✔✔User,Nick
\| \| \| \| \| \| \|
What is a NULL scan? - CORRECT ANSWERS ✔✔A scan in which
\| \| \| \| \| \| \| \| \| \| \| \|
all flags are turned off
\| \| \| \|
What does ICMP type 11, Code 0 denote? - CORRECT ANSWERS
\| \| \| \| \| \| \| \| \| \| \|
✔✔Time Exceeded \|
What is a null session? - CORRECT ANSWERS ✔✔A null session is
\| \| \| \| \| \| \| \| \| \| \| \|
an anonymous connection to a freely accessible network share
\| \| \| \| \| \| \| \| \|
called IPC$ on Windows-based servers. It allows immediate read
\| \| \| \| \| \| \| \| \|
and write access with Windows NT/2000 and reac-access with
\| \| \| \| \| \| \| \| \|
windows XP and 2003 \| \| \|
, Describe all three parts of the CIA Triad(The main Objectives of
\| \| \| \| \| \| \| \| \| \| \|
security) - CORRECT ANSWERS ✔✔Confidentiality - Preventing
\| \| \| \| \| \| \|
Disclosure, keeping information secret \| \| \|
Integrity - Preventing Alteration, Keeping information un-
\| \| \| \| \| \|
tampered with \|
Availability - Preventing Destruction, keeping data available to
\| \| \| \| \| \| \| \|
those who need it \| \| \|
List the three functions of AAA - CORRECT ANSWERS
\| \| \| \| \| \| \| \| \|
✔✔Authentication, Authorization, Accountability \| \|
What is the security benefit derived from Rotation of Duties? -
\| \| \| \| \| \| \| \| \| \| \|
CORRECT ANSWERS ✔✔Helps mitigate Fraud and Collusion
\| \| \| \| \| \|
What is a CIRT? - CORRECT ANSWERS ✔✔Computer Incident
\| \| \| \| \| \| \| \| \|
Response Team \|
Also Known as CERT
\| \| \|
Computer Emergency Response Team \| \| \|
Describe the process of how Challenge Response Tokens work -
\| \| \| \| \| \| \| \| \| \|
CORRECT ANSWERS ✔✔1 - Workstation Generates random
\| \| \| \| \| \| \|
challenge String \|
2 - Owner enters the string into the token along with a pin
\| \| \| \| \| \| \| \| \| \| \| \|
3 - The token generates a response
\| \| \| \| \| \|
\| \| \| \| \|
TCP/IP session Hijacking is carried out in which OSI layer? -
\| \| \| \| \| \| \| \| \| \| \|
CORRECT ANSWERS ✔✔Transport \| \|
What type of attack is being used when an email that looks
\| \| \| \| \| \| \| \| \| \| \| \|
legitimate is sent to A VIP in an organization, aimed at gaining
\| \| \| \| \| \| \| \| \| \| \| \|
information, usually credentials? - CORRECT ANSWERS ✔✔Spear \| \| \| \| \| \| \|
Phishing
What ICMP message types are used by the ping command? -
\| \| \| \| \| \| \| \| \| \| \|
CORRECT ANSWERS ✔✔Echo request (8) and Echo reply(0)
\| \| \| \| \| \| \|
What are the initial two commands that an IRC client sends to
\| \| \| \| \| \| \| \| \| \| \| \|
join an IRC network? - CORRECT ANSWERS ✔✔User,Nick
\| \| \| \| \| \| \|
What is a NULL scan? - CORRECT ANSWERS ✔✔A scan in which
\| \| \| \| \| \| \| \| \| \| \| \|
all flags are turned off
\| \| \| \|
What does ICMP type 11, Code 0 denote? - CORRECT ANSWERS
\| \| \| \| \| \| \| \| \| \| \|
✔✔Time Exceeded \|
What is a null session? - CORRECT ANSWERS ✔✔A null session is
\| \| \| \| \| \| \| \| \| \| \| \|
an anonymous connection to a freely accessible network share
\| \| \| \| \| \| \| \| \|
called IPC$ on Windows-based servers. It allows immediate read
\| \| \| \| \| \| \| \| \|
and write access with Windows NT/2000 and reac-access with
\| \| \| \| \| \| \| \| \|
windows XP and 2003 \| \| \|
, Describe all three parts of the CIA Triad(The main Objectives of
\| \| \| \| \| \| \| \| \| \| \|
security) - CORRECT ANSWERS ✔✔Confidentiality - Preventing
\| \| \| \| \| \| \|
Disclosure, keeping information secret \| \| \|
Integrity - Preventing Alteration, Keeping information un-
\| \| \| \| \| \|
tampered with \|
Availability - Preventing Destruction, keeping data available to
\| \| \| \| \| \| \| \|
those who need it \| \| \|
List the three functions of AAA - CORRECT ANSWERS
\| \| \| \| \| \| \| \| \|
✔✔Authentication, Authorization, Accountability \| \|
What is the security benefit derived from Rotation of Duties? -
\| \| \| \| \| \| \| \| \| \| \|
CORRECT ANSWERS ✔✔Helps mitigate Fraud and Collusion
\| \| \| \| \| \|
What is a CIRT? - CORRECT ANSWERS ✔✔Computer Incident
\| \| \| \| \| \| \| \| \|
Response Team \|
Also Known as CERT
\| \| \|
Computer Emergency Response Team \| \| \|
Describe the process of how Challenge Response Tokens work -
\| \| \| \| \| \| \| \| \| \|
CORRECT ANSWERS ✔✔1 - Workstation Generates random
\| \| \| \| \| \| \|
challenge String \|
2 - Owner enters the string into the token along with a pin
\| \| \| \| \| \| \| \| \| \| \| \|
3 - The token generates a response
\| \| \| \| \| \|
