• Home
  • Articles
  • [Jan 03, 2025] CISSP Ultimate Study Guide - PracticeVCE [Q499-Q519]

[Jan 03, 2025] CISSP Ultimate Study Guide - PracticeVCE [Q499-Q519]

Share

[Jan 03, 2025] CISSP Ultimate Study Guide - PracticeVCE

Ultimate Guide to Prepare CISSP Certification Exam for ISC Certification in 2025

NEW QUESTION # 499
A developer is creating an application that requires secure logging of all user activity. What is the BEST permission the developer should assign to the log file to ensure requirements are met?

  • A. Append
  • B. Write
  • C. Read
  • D. Execute

Answer: A

Explanation:
The best permission that the developer should assign to the log file to ensure requirements are met is append.
A log file is a type of file that records and stores the information or the data about the activities, events, or issues that occur on a system or a network, or on a software application, such as the user activity. A log file can provide various benefits, such as monitoring, auditing, reporting, or troubleshooting the system, the network, or the software application. A permission is a type of access right or privilege that grants or denies the user or the role the ability to perform certain actions or tasks on a system or a network, or on a file or a folder, such as the log file. A permission can be classified into four types, which are:
* Read: The user or the role can view or read the content or the information of the file or the folder.
* Write: The user or the role can modify or overwrite the content or the information of the file or the folder.
* Execute: The user or the role can run or execute the file or the folder, if it is an executable file or a folder.
* Append: The user or the role can add or append new content or information to the end of the file or the folder, but cannot modify or overwrite the existing content or information of the file or the folder.
Append is the best permission that the developer should assign to the log file to ensure requirements are met, as it can provide the user or the role with the necessary and sufficient access right or privilege to create and store the log entries or records of the user activity, without compromising the security or the integrity of the log file . References: [CISSP CBK, Fifth Edition, Chapter 6, page 581]; [100 CISSP Questions, Answers and Explanations, Question 14].


NEW QUESTION # 500
Which of the following Common Data Network Services is used to print documents to a shared printer or a print queue/spooler?

  • A. Print services.
  • B. Mail services.
  • C. Domain Name Service.
  • D. Client/Server services.

Answer: A

Explanation:
Explanation/Reference:
Explanation:
Print services, which are part of the Common Data Network Services, prints documents to a shared printer or a print queue/spooler.
Incorrect Answers:
A: Mail services only send and receive email internally or externally through an email gateway device.
C: Client/server services allocate computing power resources among workstations with some shared resources centralized in a file server.
D: Domain Name Service translates domain names into IP addresses.


NEW QUESTION # 501
Biometrics is used for identification in the physical controls and for
authentication in the:

  • A. Corrective controls.
  • B. Preventive controls.
  • C. Detective controls.
  • D. Logical controls.

Answer: D

Explanation:
The correct answer is "Logical controls". The other answers are different categories of controls where preventive controls attempt to eliminate or reduce vulnerabilities before an attack occurs; detective controls attempt to
determine that an attack is taking place or has taken place; and corrective controls involve taking action to restore the system to normal operation after a successful attack.


NEW QUESTION # 502
Of the various types of "Hackers" that exist, the ones who are not worried about being caught and spending time in jail and have a total disregard for the law or police force, are labeled as what type of hackers?

  • A. Black Hat Hackers
  • B. Suicide Hackers
  • C. White Hat Hackers
  • D. Gray Hat Hackers

Answer: B

Explanation:
Suicide Hackers are a type of hackers without fear, who disregard the authority, the police, or law. Suicide Hackers hack for a cause important to them and find the end goal more important than their individual freedom.
The term "Hacker" originally meant a Unix computer enthusiast but has been villainized in the media as a "Criminal Hacker" for a mass audience. A hacker used to be known as a good person who would add functionality within software or would make things work better. To most people today "Hacker" means criminal "Criminal Cracker", it is synonymous with Cracker or someone who get access to a system without the owner authorization.
As seen in news reports in 2011 and later hackers associated with the "Anonymous" movement have attacked finance and/or credit card companies, stolen enough information to make contributions to worthy charities on behalf of organizations they see as contrary to the public good. These sorts of attackers/hackers could be considered suicide hackers. Some did get caught and prosecuted while carrying out their cause. Nobody can know if they knew their activities would land them in court and/or prison but they had to have known of the risk and proceeded anyway.
The following answers are incorrect:
Black Hat hackers are also known as crackers and are merely hackers who "violates computer security for little reason beyond maliciousness or for personal gain". Black Hat Hackers are "the epitome of all that the public fears in a computer criminal". Black Hat Hackers break into secure networks to destroy data or make the network unusable for those who are authorized to use the network.
White Hat Hackers are law-abiding, reputable experts defending assets and not breaking laws. A white hat hacker breaks security for non-malicious reasons, for instance testing their own security system. The term "white hat" in Internet slang refers to an ethical hacker. This classification also includes individuals who perform penetration tests and vulnerability assessments within a contractual agreement. Often, this type of 'white hat' hacker is called an ethical hacker. The International Council of Electronic Commerce Consultants, also known as the EC-Council has developed certifications, courseware, classes, and online training covering the diverse arena of Ethical Hacking.
Note about White Hat: As reported by Adin Kerimov, a white hat would not be worried about going to jail as he is doing a test with authorization as well and he has a signed agreement. While this is a true point he BEST choice is Suicide Hackers for the purpose of the exam, a white hat hacker would not disregard law and the autority. . Gray Hat Hackers work both offensively and defensively and can cross the border between legal/ethical behavior and illegal/unethical behavior. A grey hat hacker is a combination of a Black Hat and a White Hat Hacker. A Grey Hat Hacker may surf the internet and hack into a computer system for the sole purpose of notifying the administrator that their system has been hacked, for example. Then they may offer to repair their system for a small fee.
OTHER TYPES OF HACKERS Elite hacker is a social status among hackers, elite is used to describe the most skilled. Newly discovered exploits will circulate among these hackers. Elite groups such as Masters of Deception conferred a kind of credibility on their members.
Script kiddie A script kiddie(or skiddie) is a non-expert who breaks into computer systems by using pre-packaged automated tools written by others, usually with little understanding of the underlying concept-hence the term script (i.e. a prearranged plan or set of activities) kiddie (i.e. kid, child-an individual lacking knowledge and experience, immature). Often time they do not even understand how they are taken advantage of the system, they do not underrstand the weakness being exploited, all they know is how to use a tool that somone else has built.
Neophyte A neophyte, "n00b", or "newbie" is someone who is new to hacking or phreaking and
has almost no knowledge or experience of the workings of technology, and hacking.
Hacktivist A hacktivist is a hacker who utilizes technology to announce a social, ideological,
religious, or political message. In general, most hacktivism involves website defacement or denial-
of-service attacks.
The following reference(s) were/was used to create this question:
2011. EC-COUNCIL Official Curriculum, Ethical Hacking and Countermeasures, v7.1, Module 1,
Page. 15.
and
https://en.wikipedia.org/wiki/Hacker_%28computer_security%29


NEW QUESTION # 503
Assume that a computer was powered off when an information security professional arrived at a crime scene. Which of the following actions should be performed after the crime scene is isolated?

  • A. Remove the hard drive, prepare it for transportation, and leave the hardware ta the scene.
  • B. Turn the computer on and collect volatile data.
  • C. Leave the computer off and prepare the computer for transportation to the laboratory
  • D. Turn the computer on and collect network information.

Answer: C

Explanation:
A crime scene is a location where a security incident or breach has occurred and where potential evidence can be found. A computer is a device that can store, process, or transmit digital data that can be used as evidence in a security investigation. When an information security professional arrives at a crime scene where a computer was powered off, the best action to perform after the crime scene is isolated is to leave the computer off and prepare the computer for transportation to the laboratory. Leaving the computer off can help to preserve the integrity and authenticity of the data on the computer, as well as to prevent any further damage or tampering. Preparing the computer for transportation can help to protect the computer from physical harm or environmental factors during the movement. Transporting the computer to the laboratory can help to perform a proper forensic analysis of the data on the computer in a controlled and secure environment. Turning the computer on and collecting volatile data or network information, or removing the hard drive and leaving the hardware at the scene are not the best actions to perform, as they can compromise the evidence, violate the chain of custody, or destroy the original state of the computer. References: CISSP All-in-One Exam Guide, Eighth Edition, Chapter 11: Security Operations, page 711; CISSP Official (ISC)2 Practice Tests, Third Edition, Domain 7: Security Operations, Question 7.13, page 276.


NEW QUESTION # 504
A DMZ is also known as a

  • A. screened subnet
  • B. three legged firewall
  • C. bastion host
  • D. a place to attract hackers

Answer: A

Explanation:
This is another name for the demilitarized zone (DMZ) of a network.
"Three legged firewall" is incorrect. While a DMZ can be implemented on one leg of such a device,
this is not the best answer.
"A place to attract hackers" is incorrect. The DMZ is a way to provide limited public access to an
organization's internal resources (DNS, EMAIL, public web, etc) not as an attractant for hackers.
"Bastion host" is incorrect. A bastion host serves as a gateway between trusted and untrusted network.
References: CBK, p. 434 AIO3, pp. 495 - 496


NEW QUESTION # 505
Which of the following is not a direct benefit of successful Disaster Recovery Planning?

  • A. Protection of Critical Data
  • B. Maintain Nance of Business Continuity
  • C. Increase in IS performance
  • D. Minimized Impact of a disaster

Answer: C


NEW QUESTION # 506
The defense strategy 'Never trust any input' is MOST effective against which of the following web-based system vulnerabilities?

  • A. Broken authentication
  • B. Sensitive data exposure
  • C. Man-in-the-browser attack
  • D. Injection vulnerabilities

Answer: D


NEW QUESTION # 507
What is Dumpster Diving?

  • A. Running through another person's garbage for discarded document, information and other various items that could be used against that person or company
  • B. Performing media analysis
  • C. performing forensics on the deleted items
  • D. Going through dust bin

Answer: A

Explanation:
The answer: Running
through another person's garbage for discarded document,
information and other various items that could be used against that person or company. Dumpster
diving is done with malicious intent. A synonym for Dumpster Diving is Data Scavenging.
The following answers are incorrect:
Going through dust bin will not give you access to sensitive information. It was not the best choice.
Performing forensics on the deleted items is related to data remanence which means files were
not destroyed properly and they can be recovered using specialized tools.
Performing media analysis is not related to going through rubbish in a dumpster.
The following reference(s) were/was used to create this question: CISSP Summary 2002 by John Wallhoff


NEW QUESTION # 508
A circuit level proxy is ___________________ when compared to an application level proxy.

  • A. more secure.
  • B. more difficult to maintain.
  • C. lower in processing overhead.
  • D. slower.

Answer: C

Explanation:
Since the circuit level proxy does not anayze the application content of the packet in making its decisions, it has lower overhead than an application level proxy.
"More difficult to maintain" is incorrect. Circuit level proxies are typicall easier to configure and simpler to maintain that an application level proxy.
"More secure" is incorrect. A circuit level proxy is not necessarily more secure than an application layer proxy.
"Slower" is incorrect. Because it is lower in overhead, a circuit level proxy is typically faster than an application level proxy.
References:
CBK,pp. 466 - 467
AIO3, pp.488 - 490


NEW QUESTION # 509
Which process compares its results against a standard to determine whether the results meet the standard?

  • A. Security assessment
  • B. Penetration test
  • C. Functional review
  • D. Security audit

Answer: D


NEW QUESTION # 510
At what stage of the Software Development Life Cycle (SDLC) does software vulnerability remediation MOST likely cost the least to implement?

  • A. Testing
  • B. Deployme
  • C. Design
  • D. Development

Answer: C

Explanation:
Software vulnerability remediation is the process of identifying and fixing the weaknesses or flaws in a software application or system that could be exploited by attackers. Software vulnerability remediation is most likely to cost the least to implement at the design stage of the Software Development Life Cycle (SDLC), which is the phase where the requirements and specifications of the software are defined and the architecture and components of the software are designed. At this stage, the software developers can apply security principles and best practices, such as secure by design, secure by default, and secure coding, to prevent or minimize the introduction of vulnerabilities in the software. Remediation at the design stage is also easier and cheaper than at later stages, such as development, testing, or deployment, because it does not require modifying or rewriting the existing code, which could introduce new errors or affect the functionality or performance of the software. References: CISSP All-in-One Exam Guide, Eighth Edition, Chapter 21:
Software Development Security, pp. 2021-2022; [Official (ISC)2 CISSP CBK Reference, Fifth Edition], Domain 8: Software Development Security, pp. 1395-1396.


NEW QUESTION # 511
Which of the following characteristics pertaining to databases is not true?

  • A. A data model should exist and all entities should have a significant name.
  • B. No NULLs should be allowed for primary keys.
  • C. All relations must have a specific cardinality.
  • D. Justifications must exist for normalized data.

Answer: D

Explanation:
Justifications should be provided when data is denormalized, not when it is normalized, because it introduces risk of data inconsistency. Denormalization is usually introduced for performance purposes.
Source: Information Systems Audit and Control Association, Certified Information Systems
Auditor 2002 review manual, Chapter 3: Technical Infrastructure and Operational Practices
(page 108).


NEW QUESTION # 512
In the CIA triad, what does the letter A stand for?

  • A. Availability
  • B. Auditability
  • C. Accountability
  • D. Authentication

Answer: A

Explanation:
Explanation/Reference:
Explanation:
Confidentiality, integrity and availability, also known as the CIA triad, is a model designed to guide policies for information security within an organization. The model is also sometimes referred to as the AIC triad (availability, integrity and confidentiality) to avoid confusion with the Central Intelligence Agency. The elements of the triad are considered the three most crucial components of security.
Incorrect Answers:
A: The letter A in the CIA/AIC triad stands for Availability, not Auditability.
B: The letter A in the CIA/AIC triad stands for Availability, not Accountability.
D: The letter A in the CIA/AIC triad stands for Availability, not Authentication.
References:
http://whatis.techtarget.com/definition/Confidentiality-integrity-and-availability-CIA


NEW QUESTION # 513
Which of the following addresses requirements of security assessments during software acquisition?

  • A. Continuous monitoring
  • B. Data loss prevention (DLP) policy
  • C. Software configuration management (SCM)
  • D. Software assurance policy

Answer: C


NEW QUESTION # 514
Which type of attack is based on the probability of two different messages using the same hash function producing a common message digest?

  • A. Differential linear cryptanalysis
  • B. Differential cryptanalysis
  • C. Statistical attack
  • D. Birthday attack

Answer: D

Explanation:
A Birthday attack is usually applied to the probability of two different messages using the same hash function producing a common message digest.
The term "birthday" comes from the fact that in a room with 23 people, the probability of two of more people having the same birthday is greater than 50%.
Linear cryptanalysis is a general form of cryptanalysis based on finding affine approximations to the action of a cipher. Attacks have been developed for block ciphers and stream ciphers. Linear cryptanalysis is one of the two most widely used attacks on block ciphers; the other being differential cryptanalysis.
Differential Cryptanalysis is a potent cryptanalytic technique introduced by Biham and Shamir. Differential cryptanalysis is designed for the study and attack of DES-like cryptosystems. A DES-like cryptosystem is an iterated cryptosystem which relies on conventional cryptographic techniques such as substitution and diffusion.
Differential cryptanalysis is a general form of cryptanalysis applicable primarily to block ciphers, but also to stream ciphers and cryptographic hash functions. In the broadest sense, it is the study of how differences in an input can affect the resultant difference at the output. In the case of a block cipher, it refers to a set of techniques for tracing differences through the network of transformations, discovering where the cipher exhibits non-random behaviour, and exploiting such properties to recover the secret key. Source:
KRUTZ, Ronald L. & VINES, Russel D., The CISSP Prep Guide: Mastering the Ten Domains of Computer Security, John Wiley & Sons, 2001, Chapter 4: Cryptography (page 163). and http://en.wikipedia.org/wiki/Differential_cryptanalysis


NEW QUESTION # 515
Which of the following is of GREATEST assistance to auditors when reviewing system configurations?

  • A. Change management processes
  • B. System backup documentation
  • C. Operating System (OS) baselines
  • D. User administration procedures

Answer: A

Explanation:
Section: Security Assessment and Testing


NEW QUESTION # 516
Controlling access to information systems and associated networks is necessary for the preservation of their:

  • A. Authenticity, confidentiality and availability
  • B. integrity and availability.
  • C. Confidentiality, integrity, and availability.
  • D. authenticity,confidentiality, integrity and availability.

Answer: C

Explanation:
Controlling access to information systems and associated networks is necessary for the preservation of their confidentiality, integrity and availability.
Source: KRUTZ, Ronald L. & VINES, Russel D., The CISSP Prep Guide: Mastering the
Ten Domains of Computer Security, 2001, John Wiley & Sons, Page 31


NEW QUESTION # 517
Why is planning in Disaster Recovery (DR) an interactive process?

  • A. It details off-site storage plans
  • B. It defines the objectives of the plan
  • C. It identifies omissions in the plan
  • D. It forms part of the awareness process

Answer: B


NEW QUESTION # 518
A goal of the information security policy is to

  • A. Provide security administrators with official operational procedures
  • B. Provides auditors with a reference benchmark
  • C. Satisfy senior management that security controls are in place
  • D. Guide or influence the behavior of many people

Answer: B


NEW QUESTION # 519
......

ISC Certification Fundamentals-CISSP Exam-Practice-Dumps: https://killexams.practicevce.com/ISC/CISSP-practice-exam-dumps.html

Related Articles

more
ISC CISSP Certification Practice Exam