CISSP TEST PREP FINAL QUESTIONS
AND ANSWERS WITH COMPLETE
SOLUTIONS 100% CORRECT!!!
Question 1 Which standard TCP ports are universally utilized by Microsoft
SQL Server for network communication and database management?
ANSWER: 1433 and 1434 TCP ✔✔
Question 2 Which comprehensive European Union privacy law was officially
created in 2016 and went into full effect in May 2018?
ANSWER: The General Data Protection Regulation (GDPR) ✔✔
Question 3 What security framework acronym stands for a centralized
technology system that aggregates log data, provides real-time analysis, and
tracks security alerts?
ANSWER: SIEM (Security Information and Event Management) ✔✔
Question 4 Which federal law explicitly requires financial institutions to
provide customers with clear explanations of how their private data is shared
and protected?
ANSWER: The Gramm-Leach-Bliley Act (GLBA) ✔✔
Question 5 In which security mode can you be assured that all users have the
appropriate security clearances and access permissions for all information
processed by the system, but do not necessarily possess a validated "need-to-
know" for all of that information?
ANSWER: System High Mode ✔✔
How many major categories do the TCSEC criteria define? -ANSWER ✔✔Four
, layer 2 connection mechanism that uses packet-switching technology to establish
virtual circuits between the communication endpoints. -ANSWER ✔✔Frame Relay
ISDN -ANSWER ✔✔Integrated Services Digital Network, was the integration of
sending voice, video, and data across the traditional circuits of PSTN networks.
______________ is the logical and practical investigation of business processes and
organizational policies. This process/policy review ensures that the stated and
implemented business tasks, systems, and methodologies are practical, efficient,
and cost-effective, but most of all (at least in relation to security governance) that
they support security through the reduction of vulnerabilities and the avoidance,
reduction, or mitigation of risk. -ANSWER ✔✔Documentation review
802.15 standard -ANSWER ✔✔Bluetooth
What type of federal government computing system requires that all individuals
accessing the system have a need to know all of the information processed by that
system? -ANSWER ✔✔Dedicated
Key sizes used by AES -ANSWER ✔✔128, 192, and 256 bits
What is the function of the network access server within a RADIUS architecture? -
ANSWER ✔✔Client
What represents accidental or intentional exploitations of vulnerabilities? -
ANSWER ✔✔Threat events
AND ANSWERS WITH COMPLETE
SOLUTIONS 100% CORRECT!!!
Question 1 Which standard TCP ports are universally utilized by Microsoft
SQL Server for network communication and database management?
ANSWER: 1433 and 1434 TCP ✔✔
Question 2 Which comprehensive European Union privacy law was officially
created in 2016 and went into full effect in May 2018?
ANSWER: The General Data Protection Regulation (GDPR) ✔✔
Question 3 What security framework acronym stands for a centralized
technology system that aggregates log data, provides real-time analysis, and
tracks security alerts?
ANSWER: SIEM (Security Information and Event Management) ✔✔
Question 4 Which federal law explicitly requires financial institutions to
provide customers with clear explanations of how their private data is shared
and protected?
ANSWER: The Gramm-Leach-Bliley Act (GLBA) ✔✔
Question 5 In which security mode can you be assured that all users have the
appropriate security clearances and access permissions for all information
processed by the system, but do not necessarily possess a validated "need-to-
know" for all of that information?
ANSWER: System High Mode ✔✔
How many major categories do the TCSEC criteria define? -ANSWER ✔✔Four
, layer 2 connection mechanism that uses packet-switching technology to establish
virtual circuits between the communication endpoints. -ANSWER ✔✔Frame Relay
ISDN -ANSWER ✔✔Integrated Services Digital Network, was the integration of
sending voice, video, and data across the traditional circuits of PSTN networks.
______________ is the logical and practical investigation of business processes and
organizational policies. This process/policy review ensures that the stated and
implemented business tasks, systems, and methodologies are practical, efficient,
and cost-effective, but most of all (at least in relation to security governance) that
they support security through the reduction of vulnerabilities and the avoidance,
reduction, or mitigation of risk. -ANSWER ✔✔Documentation review
802.15 standard -ANSWER ✔✔Bluetooth
What type of federal government computing system requires that all individuals
accessing the system have a need to know all of the information processed by that
system? -ANSWER ✔✔Dedicated
Key sizes used by AES -ANSWER ✔✔128, 192, and 256 bits
What is the function of the network access server within a RADIUS architecture? -
ANSWER ✔✔Client
What represents accidental or intentional exploitations of vulnerabilities? -
ANSWER ✔✔Threat events
