Checkpoint Certification Exam Questions Dumps
1. Which type of Business Continuity Plan (BCP) test involves practicing aspects of the BCP, without actually interrupting operations or bringing an alternate site on-line?
A. Structured walkthrough
B. Checklist
C. Simulation
D. Full interruption
E. Parallel
Ans- C. Simulation
2. Which of the following can be stored on a workstation? (Choose TWO.)
A. Payroll information
B. Data objects used by many employees
C. Databases
D. Interoffice memo
E. Customer correspondence
Ans- D. Interoffice memo
E. Customer correspondence
3. A(n) ______________________________ is a quantitative review of risks, to determine how an organization will continue to function, in the event a risk is realized.
A. Monitored risk process
B. Disaster-recovery plan
C. Business impact analysis
D. Full interruption test
E. Information security audit
Ans- C. Business impact analysis
4. Who should have physical access to network-connectivity devices and corporate servers?
A. Customers and clients
B. Accounting, information-technology, and auditing staff
C. Managers and C-level executives
D. Only appropriate information-technology personnel
Ans- D. Only appropriate information-technology personnel
5. _______ is a method of tricking users into revealing passwords, or other sensitive information.
A. Dumpster diving
B. Means testing
C. Social engineering
D. Risk
E. Exposure
Ans- C. Social engineering
6. Which of the following are enterprise administrative controls? (Choose TWO.)
A. Network access control
B. Facility access control
C. Password authentication
D. Background checks
E. Employee handbooks
Ans- D. Background checks
E. Employee handbooks
7. A new U.S. Federal Information Processing Standard specifies a cryptographic algorithm. This algorithm is used by U.S. government organizations to protect sensitive, but unclassified, information. What is the name of this Standard?
A. Triple DES
B. Blowfish
C. AES
D. CAST
E. RSA
Ans- C. AES
8. Which of the following tests provides testing teams some information about hosts or networks?
A. Partial-knowledge test
B. Full-knowledge test
C. Zero-knowledge test
Ans- A. Partial-knowledge test
9. (n) ________________ is a one-way mathematical function that maps variable values into smaller values of a fixed length.
A. Symmetric key
B. Algorithm
C. Back door
D. Hash function
E. Integrity
Ans- D. Hash function
10. _______ intrusion-detection systems learn the behavior of a machine or network, and create a baseline.
A. Behavioral analysis
B. Statistical anomaly
C. Network
D. Pattern matching
E. Host
Ans- B. Statistical anomaly
11. Which principle of secure design states that a security mechanisms methods must be testable?
A. Separation of privilege
B. Least common mechanism
C. Complete mediation
D. Open design
E. Economy of mechanism
Ans- D. Open design
12. Which of the following should be included in an enterprise Business Continuity Plan (BCP)? (Choose THREE.)
A. Accidental or intentional data deletion
B. Severe weather disasters
C. Employee terminations
D. Employee administrative leave
E. Minor power outages
Ans- A. Accidental or intentional data deletion
B. Severe weather disasters
E. Minor power outages
13. Which of the following is the BEST method for managing users in an enterprise?
A. Enter user data in a spreadsheet.
B. Implement centralized access control.
C. Deploy Kerberos.
D. Place them in a centralized Lightweight Directory Access Protocol.
E. Use a Domain Name System.
Ans- D. Place them in a centralized Lightweight Directory Access Protocol.
14. A(n) _______ is the first step for determining which technical information assets should be protected.
A. Network diagram
B. Business Impact Analysis
C. Office floor plan
D. Firewall
E. Intrusion detection system?
Ans- A. Network diagram
15. What type of document contains information on alternative business locations, IT resources, and personnel?
A. End-user license agreement
B. Nondisclosure agreement
C. Acceptable use policy
D. Security policy
E. Business continuity plan?
Ans- E. Business continuity plan
16. Organizations _______ risk, when they convince another entity to assume the risk for them.
A. Elevate
B. Assume
C. Deny
D. Transfer
E. Mitigate?
Ans- D. Transfer
17. How do virtual corporations maintain confidentiality?
A. Encryption
B. Checksum
C. Data hashes
D. Redundant servers
E. Security by obscurity?
Ans- A. Encryption
18. _______ can mimic the symptoms of a denial-of-service attack, and the resulting loss in productivity can be no less devastating to an organization.
A. ICMP traffic
B. Peak traffic
C. Fragmented packets
D. Insufficient bandwidth
E. Burst traffic?
Ans- D. Insufficient bandwidth
19. Which of the following is NOT an auditing function that should be performed regularly?
A. Reviewing IDS alerts
B. Reviewing performance logs
C. Reviewing IDS logs
D. Reviewing audit logs
E. Reviewing system logs?
Ans- B. Reviewing performance logs
20. Which of the following is an example of a simple, physical-access control?
A. Lock
B. Access control list
C. Background check
D. Token
E. Firewall?
Ans- A. Lock
21. Virtual corporations typically use a(n) _______ for maintaining centralized information assets.
A. Off-line repository
B. Floppy disk
C. Data warehouse
D. CD-ROM burner
E. Colocation?
Ans- E. Colocation
22. A _______ attack uses multiple systems to launch a coordinated attack.
A. Distributed denial-of-service
B. Teardrop
C. Birthday
D. FTP Bounce
E. Salami?
Ans- A. Distributed denial-of-service
23. A(n) _______________ is an unintended communication path that can be used to violate a system security policy.
A. Covert channel
B. Integrity axiom
C. Simple rule violation
D. Inferred fact?
Ans- A. Covert channel
24. Which type of Business Continuity Plan (BCP) test involves shutting down a primary site, bringing an alternate site on-line, and moving all operations to the alternate site?
A. Parallel
B. Full interruption
C. Checklist
D. Structured walkthrough
E. Simulation?
Ans- B. Full interruption
25. Which encryption algorithm has the highest bit strength?
A. AES
B. Blowfish
C. DES
D. CAST
E. Triple DES?
Ans- A. AES
26. Operating-system fingerprinting uses all of the following, EXCEPT ________, to identify a target operating system.
A. Sequence Verifier
B. Initial sequence number
C. Address spoofing
D. Time to Live
E. IP ID field?
Ans- C. Address spoofing
27. ____________________ educate(s) security administrators and end users about organizations security policies.
A. Security-awareness training
B. Information Security (INFOSEC) briefings
C. Acceptable-use policies
D. Continuing education
E. Nondisclosure agreements?
Ans- A. Security-awareness training
28. Embedding symbols in images or common items, such as pictures or quilts, is an example of __________.
A. Espionage
B. Transposition cipher
C. Key exchange
D. Arithmancy
E. Steganography?
Ans- E. Steganography
29. Maintenance of the Business Continuity Plan (BCP) must be integrated with an organizations _______________ process.
A. Change-control
B. Disaster-recovery
C. Inventory-maintenance
D. Discretionary-budget
E. Compensation-review?
Ans- A. Change-control
30. ____________________ is the state of being correct, or the degree of certainty a person or process can have, that the data in an information asset is correct.
A. Confidentiality
B. Integrity
C. Authenticity
D. Privacy
E. Availability?
Ans- B. Integrity
31. Which types of security solutions should a home user deploy? (Choose TWO.)
A. Managed Security Gateway
B. Access control lists on a router
C. Personal firewall
D. Network intrusion-detection system
E. Anti-virus software?
Ans- C. Personal firewall
E. Anti-virus software
32. _________ is a smaller, enhanced version of the X.500 protocol. It is used to provide directory- service information. (Choose the BEST answer.)
A. Lightweight Directory Access Protocol
B. X.400 Directory Access Protocol
C. Access control list
D. Lightweight Host Configuration Protocol
E. Role-based access control?
Ans- A. Lightweight Directory Access Protocol
33. A(n) _______________ is an abstract machine, which mediates all access subjects have to objects.
A. ACL
B. Reference monitor
C. State machine
D. TCB
E. Router?
Ans- B. Reference monitor
34. Which of these metrics measure how a biometric device performs, when attempting to authenticate subjects? (Choose THREE.)
A. False Rejection Rate
B. User Acceptance Rate
C. Crossover Error Rate
D. False Acceptance Rate
E. Enrollment Failure Rate?
Ans- A. False Rejection Rate
C. Crossover Error Rate
D. False Acceptance Rate
35. Suppose A (n) __________________________ is issued by senior management, and defines an organizations security goals.
A. Records-retention procedure
B. Acceptable-use policy
C. Organizational security policy
D. Security policy mission statement
E. Service level agreement?
Ans- D. Security policy mission statement