CISSP Practice Test

The FIRST step in building a firewall is to

A.

assign the roles and responsibilities of the firewall administrators.

B.

define the intended audience who will read the firewall policy.

C.

identify mechanisms to encourage compliance with the policy.

D.

perform a risk analysis to identify issues to be addressed.

The birthday attack is MOST effective against which one of the following cipher
technologies?

A.

Chaining block encryption

B.

Asymmetric cryptography

C.

Cryptographic hash

D.

Streaming cryptograph

Checking routing information on e-mail to determine it is in a valid format and contains valid information is an example of which of the following anti-spam approaches?

A.

Simple Mail Transfer Protocol (SMTP) blacklist

B.

Reverse Domain Name System (DNS) lookup

C.

Hashing algorithm

D.

Header analysis

During an audit of system management, auditors find that the system administrator has not
been trained. What actions need to be taken at once to ensure the integrity of systems?

A.

A review of hiring policies and methods of verification of new employees

B.

A review of all departmental procedures

C.

A review of all training procedures to be undertaken

D.

A review of all systems by an experienced administrator

A practice that permits the owner of a data object to grant other users access to that object would usually provide

A.

Mandatory Access Control (MAC).

B.

owner-administered control.

C.

owner-dependent access control.

D.

Discretionary Access Control (DAC).