Free Sharing CertBus Updated ISC CISSP VCE and PDF Exam Practice Materials

CertBus 2021 Newest ISC CISSP ISC Certification Exam VCE and PDF Dumps for Free Download!

CISSP ISC Certification Exam PDF and VCE Dumps : 1094QAs Instant Download: https://www.certbus.com/CISSP.html [100% CISSP Exam Pass Guaranteed or Money Refund!!]
☆ Free view online pdf on CertBus free test CISSP PDF: https://www.certbus.com/online-pdf/CISSP.pdf
☆ CertBus 2021 Newest CISSP ISC Certification exam Question PDF Free Download from Google Drive Share: https://drive.google.com/file/d/0B_3QX8HGRR1mVXBDYy0tYmNFSHM/view?usp=sharing

Following CISSP 1094QAs are all new published by ISC Official Exam Center

As a leading IT exam study material provider, CertBus not only provides you the Oct 08,2021 Latest CISSP vce exam questions and answers but also the most comprehensive knowledge of the whole ISC Certification Hotest CISSP pdf Certified Information Systems Security Professional certifications. We provide our users with the most accurate Newest CISSP practice Certified Information Systems Security Professional study material about the ISC Certification Hotest CISSP practice exam and the guarantee of pass. We assist you to get well prepared for ISC Certification Latest CISSP vce dumps certification which is regarded valuable the IT sector.

CertBus | pass your CertBus certification exam easily now! free CISSP exam sample questions, CISSP exam practice online, CISSP exam practice on mobile phone, CISSP pdf, CISSP books, CISSP pdf file download! CISSP certification. the CertBus CISSPexam | pass the CISSP exam on your first try! CertBus – leading source of CISSP certification exam learning/practice.

We CertBus has our own expert team. They selected and published the latest CISSP preparation materials from ISC Official Exam-Center: https://www.certbus.com/CISSP.html

Question 1:

What kind of certificate is used to validate a user identity?

A. Public key certificate

B. Attribute certificate

C. Root certificate

D. Code signing certificate

Correct Answer: A

Explanation: In cryptography, a public key certificate (or identity certificate) is an electronic document which incorporates a digital signature to bind together a public key with an identity — information such as the name of a person or an

organization, their address, and so forth. The certificate can be used to verify that a public key belongs to an individual.

In a typical public key infrastructure (PKI) scheme, the signature will be of a certificate authority (CA). In a web of trust scheme, the signature is of either the user (a self-signed certificate) or other users (“endorsements”). In either case, the

signatures on a certificate are attestations by the certificate signer that the identity information and the public key belong together.

In computer security, an authorization certificate (also known as an attribute certificate) is a digital document that describes a written permission from the issuer to use a service or a resource that the issuer controls or has access to use. The

permission can be delegated.

Some people constantly confuse PKCs and ACs. An analogy may make the distinction clear. A PKC can be considered to be like a passport: it identifies the holder, tends to last for a long time, and should not be trivial to obtain. An AC is more

like an entry visa: it is typically issued by a different authority and does not last for as long a time. As acquiring an entry visa typically requires presenting a passport, getting a visa can be a simpler process.

A real life example of this can be found in the mobile software deployments by large service providers and are typically applied to platforms such as Microsoft Smartphone (and related), Symbian OS, J2ME, and others.

In each of these systems a mobile communications service provider may customize the mobile terminal client distribution (ie. the mobile phone operating system or application environment) to include one or more root certificates each

associated with a set of capabilities or permissions such as “update firmware”, “access address book”, “use radio interface”, and the most basic one, “install and execute”. When a developer wishes to enable distribution and execution in one

of these controlled environments they must acquire a certificate from an appropriate CA, typically a large commercial CA, and in the process they usually have their identity verified using out-of-band mechanisms such as a combination of

phone call, validation of their legal entity through government and commercial databases, etc., similar to the high assurance SSL certificate vetting process, though often there are additional specific requirements imposed on would-be

developers/publishers.

Once the identity has been validated they are issued an identity certificate they can use to sign their software; generally the software signed by the developer or publisher\’s identity certificate is not distributed but rather it is submitted to

processor to possibly test or profile the content before generating an authorization certificate which is unique to the particular software release. That certificate is then used with an ephemeral asymmetric key-pair to sign the software as the

last step of preparation for distribution. There are many advantages to separating the identity and authorization certificates especially relating to risk mitigation of new content being accepted into the system and key management as well as

recovery from errant software which can be used as attack vectors.

HARRIS, Shon, All-In-One CISSP Certification Exam Guide, 2001, McGraw-Hill/Osborne, page 540

http://en.wikipedia.org/wiki/Attribute_certificate

http://en.wikipedia.org/wiki/Public_key_certificate


Question 2:

A smart Card that has two chips with the Capability of utilizing both Contact and Contactless formats is called:

A. Contact Smart Cards

B. Contactless Smart Cards

C. Hybrid Cards

D. Combi Cards

Correct Answer: C

Explanation: This is a contactless smart card that has two chips with the capability of utilizing both contact and contactless formats.

Two additional categories of cards are dual-interface cards and hybrid cards which is mentioned above.

Hybrid Card

A hybrid card has two chips, one with a contact interface and one with a contactless interface. The two chips are not interconnected.

Dual-Interface card

Do not confuse this card with the Hybrid Card. This one has only one chip. A dual-interface card has a single chip with both contact and contactless interfaces. With dual-interface cards, it is possible to access the same chip using either a

contact or contactless interface with a very high level of security.

Inner working of the cards

The chips used in all of these cards fall into two categories as well: microcontroller chips and memory chips. A memory chip is like a small floppy disk with optional security. Memory chips are less expensive than microcontrollers but with a

corresponding decrease in data management security. Cards that use memory chips depend on the security of the card reader for processing and are ideal for situations that require low or medium security. A microcontroller chip can add,

delete, and otherwise manipulate information in its memory. A microcontroller is like a miniature computer, with an input/output port, operating system, and hard disk. Smart cards with an embedded microcontroller have the unique ability to

store large amounts of data, carry out their own on-card functions (e.g., encryption and digital signatures) and interact intelligently with a smart card reader.

The selection of a particular card technology is driven by a variety of issues, including:

Application dynamics

Prevailing market infrastructure

Economics of the business model

Strategy for shared application cards

Smart cards are used in many applications worldwide, including:

Secure identity applications – employee ID badges, citizen ID documents, electronic passports, driver\’s licenses, online authentication devices Healthcare applications – citizen health ID cards, physician ID cards, portable medical records

cards

Payment applications – contact and contactless credit/debit cards, transit payment cards Telecommunications applications – GSM Subscriber Identity Modules, pay telephone payment cards

The following answers are incorrect:

Contact Smart Cards

A contact smart card must be inserted into a smart card reader with a direct connection to a conductive contact plate on the surface of the card (typically gold plated). Transmission of commands, data, and card status takes place over these

physical contact points.

Contactless Smart Cards

A contactless card requires only close proximity to a reader. Both the reader and the card have antennae, and the two communicate using radio frequencies (RF) over this contactless link. Most contactless cards also derive power for the

internal chip from this electromagnetic signal. The range is typically one-half to three inches for non-battery- powered cards, ideal for applications such as building entry and payment that require a very fast card interface.

Combi Card

Are similar to Hybrid cards only they contain only one set of circuitry as apposed to two.

The following reference(s) were/was used to create this question:

Smart Card Primer at: http://www.smartcardalliance.org/pages/smart-cards-intro-primer


Question 3:

Which of the following statements pertaining to biometrics is false?

A. Increased system sensitivity can cause a higher false rejection rate

B. The crossover error rate is the point at which false rejection rate equals the false acceptance rate.

C. False acceptance rate is also known as Type II error.

D. Biometrics are based on the Type 2 authentication mechanism.

Correct Answer: D

Explanation: Authentication is based on three factor types: type 1 is something you know, type 2 is something you have and type 3 is something you are. Biometrics are based on the Type 3 authentication mechanism. Source: KRUTZ, Ronald L. and VINES, Russel D., The CISSP Prep Guide: Mastering the Ten Domains of Computer Security, John Wiley and Sons, 2001, Chapter 2: Access control systems (page 37).


Question 4:

The act of requiring two of the three factors to be used in the authentication process refers to:

A. Two-Factor Authentication

B. One-Factor Authentication

C. Bi-Factor Authentication

D. Double Authentication

Correct Answer: A

Explanation: Two-Factor Authentication refers to the act of requiring two of the three factors to be used in the authentication process.

Source: KRUTZ, Ronald L. and VINES, Russel D., The CISSP Prep Guide: Mastering the Ten Domains of Computer Security, 2001, John Wiley and Sons, Page 36


Question 5:

An employee ensures all cables are shielded, builds concrete walls that extend from the true floor to the true ceiling and installs a white noise generator. What attack is the employee trying to protect against?

A. Emanation Attacks

B. Social Engineering

C. Object reuse

D. Wiretaping

Correct Answer: A

Explanation: :

Emanation attacks are the act of intercepting electrical signals that radiate from computing equipment. There are several countermeasures including shielding cabling, white noise, control zones, and TEMPEST equipment (this is a Faraday

cage around the equipment)

The following answers were incorrect:

Social Engineering: Social Engineering does not involve hardware. A person make use of his/her social skills in order to trick someone into revealing information they should not disclose.

Object Reuse: It is related to the reuse of storage medias. One must ensure that the storage media has been sanitized properly before it would be reuse for other usage. This is very important when computer equipment is discarded or given

to a local charity organization. Ensure there is no sensitive data left by degaussing the device or overwriting it multiple times.

Wiretapping: It consist of legally or illegally taping into someone else phone line to eavesdrop on their communication.

The following reference(s) were/was used to create this question:

Shon Harris AIO 4th Edition


Latest CISSP DumpsCISSP VCE DumpsCISSP Braindumps

Question 6:

Which of the following is NOT part of user provisioning?

A. Creation and deactivation of user accounts

B. Business process implementation

C. Maintenance and deactivation of user objects and attributes

D. Delegating user administration

Correct Answer: B

Explanation: User provisioning refers to the creation, maintenance, and deactivation of user objects and attributes as they exist in one or more systems, directories, or applications, in response to business processes.

User provisioning software may include one or more of the following components: change propagation, self-service workflow, consolidated user administration, delegated user administration, and federated change control.

User objects may represent employees, contractors, vendors, partners, customers, or other recipients of a service.

Services may include electronic mail, access to a database, access to a file server or mainframe, and so on

The following answers are all incorrect answers:

Creation and deactivation of user accounts

Maintenance and deactivation of user objects and attributes Delegating user administration

The following reference(s) were/was used to create this question:

Harris, Shon (2012-10-18). CISSP All-in-One Exam Guide, 6th Edition (p. 179). McGraw- Hill . Kindle Edition.


Question 7:

Behavioral-based systems are also known as?

A. Profile-based systems

B. Pattern matching systems

C. Misuse detective systems

D. Rule-based IDS

Correct Answer: A

Explanation: There are two complementary approaches to detecting intrusions, knowledge-based approaches and behavior-based approaches. This entry describes the second approach. It must be noted that very few tools today implement

such an approach, even if the founding Denning paper {D. Denning, An Intrusion Detection Model, IEEE transactions on software engineering} recognizes this as a requirement for IDS systems.

Behavior-based intrusion detection techniques assume that an intrusion can be detected by observing a deviation from normal or expected behavior of the system or the users. The model of normal or valid behavior is extracted from reference

information collected by various means. The intrusion detection system later compares this model with the current activity. When a deviation is observed, an alarm is generated. In other words, anything that does not correspond to a

previously learned behavior is considered intrusive. Therefore, the intrusion detection system might be complete (i.e. all attacks should be caught), but its accuracy is a difficult issue (i.e. you get a lot of false alarms).

Advantages of behavior-based approaches are that they can detect attempts to exploit new and unforeseen vulnerabilities. They can even contribute to the (partially) automatic discovery of these new attacks. They are less dependent on

operating system-specific mechanisms. They also help detect \’abuse of privileges\’ types of attacks that do not actually involve exploiting any security vulnerability. In short, this is the paranoid approach:

Everything which has not been seen previously is dangerous.

The high false alarm rate is generally cited as the main drawback of behavior-based techniques because the entire scope of the behavior of an information system may not be covered during the learning phase. Also, behavior can change

over time, introducing the need for periodic online retraining of the behavior profile, resulting either in unavailability of the intrusion detection system or in additional false alarms. The information system can undergo attacks at the same time

the intrusion detection system is learning the behavior. As a result, the behavior profile contains intrusive behavior, which is not detected as anomalous.

Herve Debar

IBM Zurich Research Laboratory

The following answers are incorrect:

Pattern matching systems are signature-based (e.g. Anti-virus). Misuse detection systems is another name for signature-based IDSs.

Rule-based IDS is a distractor.

The following reference(s) were/was used to create this question:

Shon Harris AIO – 4th edition, Page 254

and http://www.sans.org/security-resources/idfaq/

behavior_based.php


Question 8:

Which of the following is a drawback of fiber optic cables?

A. It is affected by electromagnetic interference (EMI).

B. It can easily be tapped.

C. The expertise needed to install it.

D. The limited distance at high speeds.

Correct Answer: C

Explanation: Fiber optic is immune to the effects of electromagnetic interference, is very hard to tap and has a much longer effective usable length than any other cable type. The primary drawbacks of this cable type are its cost of installation

and the high level of expertise needed to have it properly terminated.

Source: KRUTZ, Ronald L. and VINES, Russel D., The CISSP Prep Guide: Mastering the Ten Domains of Computer Security, John Wiley and Sons, 2001, Chapter 3:

Telecommunications and Network Security (page 72).


Question 9:

Which one of the following is usually not a benefit resulting from the use of firewalls?

A. reduces the risks of external threats from malicious hackers.

B. prevents the spread of viruses.

C. reduces the threat level on internal system.

D. allows centralized management and control of services.

Correct Answer: B

Explanation: This is not a benefit of a firewall. Most firewalls are limited when it comes to preventing the spread of viruses.

This question is testing your knowledge of Malware and Firewalls. The keywords within the questions are “usually” and “virus”. Once again to come up with the correct answer, you must stay within the context of the question and really ask

yourself which of the 4 choices is NOT usually done by a firewall.

Some of the latest Appliances such as Unified Threat Management (UTM) devices does have the ability to do virus scanning but most first and second generation firewalls would not have such ability. Remember, the questions is not asking

about all possible scenarios that could exist but only about which of the 4 choices presented is the BEST.

For the exam you must know your general classes of Malware. There are generally four major classes of malicious code that fall under the general definition of malware:

1.

Virus: Parasitic code that requires human action or insertion, or which attaches itself to another program to facilitate replication and distribution. Virus-infected containers can range from e-mail, documents, and data file macros to boot sectors, partitions, and memory fobs. Viruses were the first iteration of malware and were typically transferred by floppy disks (also known as “sneakernet”) and injected into memory when the disk was accessed or infected files were transferred from system to system.

2.

Worm: Self-propagating code that exploits system or application vulnerabilities to replicate. Once on a system, it may execute embedded routines to alter, destroy, or monitor the system on which it is running, then move on to the next system. A worm is effectively a virus that does not require human interaction or other programs to infect systems.

3.

Trojan Horse: Named after the Trojan horse of Greek mythology (and serving a very similar function), a Trojan horse is a general term referring to programs that appear desirable, but actually contain something harmful. A Trojan horse purports to do one thing that the user wants while secretly performing other potentially malicious actions. For example, a user may download a game file, install it, and begin playing the game. Unbeknownst to the user, the application may also install a virus, launch a worm, or install a utility allowing an attacker to gain unauthorized access to the system remotely, all without the user\’s knowledge.

4.

Spyware: Prior to its use in malicious activity, spyware was typically a hidden application injected through poor browser security by companies seeking to gain more information about a user\’s Internet activity. Today, those methods are used to deploy other malware, collect private data, send advertising or commercial messages to a system, or monitor system input, such as keystrokes or mouse clicks.

The following answers are incorrect:

reduces the risks of external threats from malicious hackers. This is incorrect because a firewall can reduce the risks of external threats from malicious hackers. reduces the threat level on internal system. This is incorrect because a firewall

can reduce the threat level on internal system.

allows centralized management and control of services. This is incorrect because a firewall can allow centralize management and control of services.

Reference(s) used for this question:

Hernandez CISSP, Steven (2012-12-21). Official (ISC)2 Guide to the CISSP CBK, Third Edition ((ISC)2 Press) (Kindle Locations 3989-4009). Auerbach Publications. Kindle Edition.


Question 10:

View the image below and identify the attack

A. DDoS

B. DOS

C. TFN

D. Reflection Attack

Correct Answer: A

Explanation: The easiest attack to carry out against a network, or so it may seem, is to overload it through excessive traffic or traffic which has been “crafted” to confuse the network into shutting down or slowing to the point of uselessness.

The image depicts a distributed denial of service attack where many computers attack the victim with any type of traffic and render it unable to communicate on the network or provide services.

Computers on networks can provide services to other computers. The servers listen on specific TCP or UDP ports and software opens the ports on the server to accept traffic from visitors.

Most users of the services on that server behave normally but at times attackers try to attack and take down the server by attacking its services or the operating system via the protocol stack itself.

In the case of this question, the victim is being bounded with service requests from the zombies. Commonly it\’s UDP but more often it can be TCP traffic and unfortunately it is nearly impossible to defeat such an attack.

You might compare this attack to calling someone over and over on their phone that they can\’t use their own phone but you\’re not doing anything specifically destructive to the phone. You\’re just exhausting its resources rendering it useless to

the owner.

The following answers are incorrect:

DOS – Denial of Service: This is almost correct but it is wrong because a simple DOS attack is one computer flooding another computer, not the many to one attack you see with a DDoS.

TFN – Tribe Flood Network attack: This isn\’t the correct answer because it isn\’t specifically what\’s depicted in the image. TFN is actually software used to conduct DDoS attacks and NOT an attack itself. More here.

Reflection Attack: This isn\’t the correct answer because a reflection attack is an attack on authentication systems which use the same protocol in both directions and doesn\’t ordinarily involve zombies.

The following reference(s) was used to create this question:

2013. Official Security Curriculum.

and

Hernandez CISSP, Steven (2012-12-21). Official (ISC)2 Guide to the CISSP CBK, Third Edition ((ISC)2 Press) (Kindle Locations 8494-8495). Auerbach Publications. Kindle Edition.


CertBus exam braindumps are pass guaranteed. We guarantee your pass for the CISSP exam successfully with our ISC materials. CertBus Certified Information Systems Security Professional exam PDF and VCE are the latest and most accurate. We have the best ISC in our team to make sure CertBus Certified Information Systems Security Professional exam questions and answers are the most valid. CertBus exam Certified Information Systems Security Professional exam dumps will help you to be the ISC specialist, clear your CISSP exam and get the final success.

CISSP Latest questions and answers on Google Drive(100% Free Download): https://drive.google.com/file/d/0B_3QX8HGRR1mVXBDYy0tYmNFSHM/view?usp=sharing

CISSP ISC exam dumps (100% Pass Guaranteed) from CertBus: https://www.certbus.com/CISSP.html [100% Exam Pass Guaranteed]

Why select/choose CertBus?

Millions of interested professionals can touch the destination of success in exams by certbus.com. products which would be available, affordable, updated and of really best quality to overcome the difficulties of any course outlines. Questions and Answers material is updated in highly outclass manner on regular basis and material is released periodically and is available in testing centers with whom we are maintaining our relationship to get latest material.

Brand Certbus Testking Pass4sure Actualtests Others
Price $45.99 $124.99 $125.99 $189 $69.99-99.99
Up-to-Date Dumps
Free 365 Days Update
Real Questions
Printable PDF
Test Engine
One Time Purchase
Instant Download
Unlimited Install
100% Pass Guarantee
100% Money Back
Secure Payment
Privacy Protection

Author: CertBus