cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Highlighted
Newcomer II

Re: CISSP "sample" questions ((IS C)² Community Subscription Update)

I see this mistake often - if you know SMTP is Simple Mail Transport Protocol - the answers will fit.  MIC - see you real soon, KEY, why because we like you MOUSE - spells Mickey Mouse from an old television show. LOL

Highlighted
Community Champion

Re: CISSP questions

Expert systems use all of the following techniques for artificial intelligence
EXCEPT

a. automatic logical processing.
b. inference engine processing.
c. general methods of searching for problem solutions.
d. cyclic-based reasoning statements.

Answer: d.

(Reference: Summers, Rita, Secure Computing, McGraw Hill, 1997, pg 638)

I suppose I only like this because I know the answer. For this one you have to
know AI programming, and the types of languages used in different types of AI
programming. Expert systems are generally programmed using functional
programming languages, and functional programming languages are known for
creating straight drop-through systems, with no loops.

The point being, lots of technology does have security implications. I frequently
tell students that *anything* you learn can be used in security. So there is a good
possibility that, somewhere in the exam you face, there is going to be a question
on a topic that you know *nothing* about.

Two points to remember. The first is, answer every question. Even if you have
to guess, you have a 25% chance of getting the point for that question.

Second point: don't panic. Remember, you only have to get 70% to pass.

====================== (quote inserted randomly by Pegasus Mailer)
rslade@gmail.com rmslade@outlook.com rslade@computercrime.org
Education is the best defense against the media.
victoria.tc.ca/techrev/rms.htm http://twitter.com/rslade
http://blogs.securiteam.com/index.php/archives/author/p1/
https://community.isc2.org/t5/forums/recentpostspage/user-id/1324864413

............
This message may or may not be governed by the terms of
http://www.noticebored.com/html/cisspforumfaq.html#Friday or
https://blogs.securiteam.com/index.php/archives/1468
Highlighted
Community Champion

Re: CISSP questions

What is the name of a malicious computer program that replicates itself by attaching to other programs?

 

a. Virus.
b. Worm.
c. Trap door.
d. Trojan horse.

 

Answer: a.

 

OK, hopefully the answer is obvious, but it points out the importance of not getting too buried in the details.  First of all, we can discard trap door and trojan horse because neither of them has anything to do with replication.  That leaves us with two replicating options, virus and worm.  Now, some of you may know that not all viruses replicate by attaching to other programs.  (And, in fact, these days relatively few do.)  But worms definitely do not attach to other programs.  So, of the options given, virus is still the correct answer.


............
This message may or may not be governed by the terms of
http://www.noticebored.com/html/cisspforumfaq.html#Friday or
https://blogs.securiteam.com/index.php/archives/1468
Highlighted
Newcomer II

Re: CISSP questions

Isn't "replicates itself" the definition of a worm?

 


@rslade wrote:

What is the name of a malicious computer program that replicates itself by attaching to other programs?

 

a. Virus.
b. Worm.
c. Trap door.
d. Trojan horse.

 

Answer: a.

 

OK, hopefully the answer is obvious, but it points out the importance of not getting too buried in the details.  First of all, we can discard trap door and trojan horse because neither of them has anything to do with replication.  That leaves us with two replicating options, virus and worm.  Now, some of you may know that not all viruses replicate by attaching to other programs.  (And, in fact, these days relatively few do.)  But worms definitely do not attach to other programs.  So, of the options given, virus is still the correct answer.


 

Highlighted
Community Champion

Re: CISSP questions

Illegally accessing data, without recourse to malware, and then threatening to release it unless someone pays a ransom is called:

 

a) ransomware

b) extortion

c) breachstortion

d) I DON'T KNOW WHAT IT'S CALLED, BUT IT'S NOT RANSOMWARE!!!!

 

Answer: b or c, depending upon how "l33t" you want to sound.

 

Discussion:

 

IT'S NOT RANSOMWARE!  RANSOMWARE INVOLVES SOFTWARE!  RANSOMWARE INVOLVES MALWARE!  JUST DOING A BREACH AND STEALING FILES IS NOT RANSOMWARE!!!!

 

(I'm sorry.  I've go lie down, now ...)


............
This message may or may not be governed by the terms of
http://www.noticebored.com/html/cisspforumfaq.html#Friday or
https://blogs.securiteam.com/index.php/archives/1468
Highlighted
Community Champion

Re: CISSP questions

“I’ll have a ‘B’ Rob...”

Highlighted
Community Champion

Re: CISSP questions

A system file that has been patched numerous times becomes infected with a virus.
The anti-virus software warns that disinfecting the file may damage it. What
course of action should be taken?

a. Replace the file with the original version from master media
b. Proceed with automated disinfection
c. Research the virus to see if it is benign
d. Restore an uninfected version of the patched file from backup media

Answer: d.

OK, replace with original? We've been told it's been patched numerous times.
Repatching will be tedious. Automated disinfection? Doesn't always work.
Research benign? Even if benign, you can always get into trouble. So the correct
answer is restore uninfected from backup. (How do you *know* it's uninfected?
That's not part of the question.)

======================
rslade@gmail.com rmslade@outlook.com rslade@computercrime.org
"If you do buy a computer, don't turn it on." - Richards' 2nd Law
"Robert Slade's Guide to Computer Viruses" 0-387-94663-2
"Viruses Revealed" 0-07-213090-3
"Software Forensics" 0-07-142804-6
"Dictionary of Information Security" Syngress 1-59749-115-2
"Cybersecurity Lessons from CoVID-19" CRC Press 0367682699
============= for back issues:
[Base URL] site http://victoria.tc.ca/techrev/
CISSP refs: [Base URL]mnbksccd.htm
PC Security: [Base URL]mnvrrvsc.htm
Security Dict.: [Base URL]secgloss.htm
Security Educ.: [Base URL]comseced.htm
Book reviews: [Base URL]mnbk.htm
[Base URL]review.htm
Partial/recent: http://groups.yahoo.com/group/techbooks/
http://en.wikipedia.org/wiki/Robert_Slade
https://is.gd/RotlWB http://twitter.com/rslade
http://blogs.securiteam.com/index.php/archives/author/p1/

............
This message may or may not be governed by the terms of
http://www.noticebored.com/html/cisspforumfaq.html#Friday or
https://blogs.securiteam.com/index.php/archives/1468
Highlighted
Newcomer II

Re: CISSP questions

I would like to hope that everyone considers, virus, malware, ransomware questions this way.  1st course of action, restore from backup.  We breach backups almost in every chapter of the CBK