CISSP Practice Test

When implementing controls in a heterogeneous end-point network for an organization, it is critical that

A.

hosts are able to establish network communications.

B.

users can make modifications to their security software configurations.

C.

common software security components be implemented across all hosts.

D.

firewalls running on each host are fully customizable by the user

To prevent inadvertent disclosure of restricted information, which of the following would be the LEAST effective process for eliminating data prior to the media being discarded?

A.

Multiple-pass overwriting

B.

Degaussing

C.

High-level formatting

D.

Physical destruction

Which of the following statements is TRUE of black box testing?

A.

Only the functional specifications are known to the test planner.

B.

Only the source code and the design documents are known to the test planner.

C.

Only the source code and functional specifications are known to the test planner.

D.

Only the design documents and the functional specifications are known to the test planner.

Which layer of the Open Systems Interconnections (OSI) model implementation adds information concerning the logical connection between the sender and receiver?

A.

Physical

B.

Session

C.

Transport

D.

Data-Link

Which of the following is a security limitation of File Transfer Protocol (FTP)?

A.

Passive FTP is not compatible with web browsers.

B.

Anonymous access is allowed.

C.

FTP uses Transmission Control Protocol (TCP) ports 20 and 21.

D.

Authentication is not encrypted.