cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
rslade
Influencer II

Practice Questions

Right.

 

For (and from) all the newbies out there who want help for studying, there have been numerous questions about, well, questions.  As in, "what's the best set of practice questions to use while studying for the exam?"

 

The answer is, none of them.

 

I have looked at an awful lot of practice question sets, and they are uniformly awful.  Most try to be "hard" by bringing in trivia: that is not representative of the exam.  Most concentrate on a bunch of facts: that is not representative of the exam.

 

So, from my own stash, collected and developed over the decades, I'm going to give you some samples that do represent the types of questions that you will probably see on the exam.  Note that none of these questions will appear on the exam.  You can't pass the CISSP exam by memorizing a brain dump.  These will just give you a feel.

 

For each question I'll give the answer, what type of question this represents, and possibly ways to approach this type of question.

 

I'll be doing this over time, "replying" to this post to add questions.  Others are free to add sample questions if they wish, but be ready to be (possibly severely) critiqued.


............

Other posts: https://community.isc2.org/t5/forums/recentpostspage/user-id/1324864413

This message may or may not be governed by the terms of
http://www.noticebored.com/html/cisspforumfaq.html#Friday or
https://blogs.securiteam.com/index.php/archives/1468
322 Replies
PuettK
Newcomer III

I see this mistake often - if you know SMTP is Simple Mail Transport Protocol - the answers will fit.  MIC - see you real soon, KEY, why because we like you MOUSE - spells Mickey Mouse from an old television show. LOL

rslade
Influencer II

Expert systems use all of the following techniques for artificial intelligence
EXCEPT

a. automatic logical processing.
b. inference engine processing.
c. general methods of searching for problem solutions.
d. cyclic-based reasoning statements.

Answer: d.

(Reference: Summers, Rita, Secure Computing, McGraw Hill, 1997, pg 638)

I suppose I only like this because I know the answer. For this one you have to
know AI programming, and the types of languages used in different types of AI
programming. Expert systems are generally programmed using functional
programming languages, and functional programming languages are known for
creating straight drop-through systems, with no loops.

The point being, lots of technology does have security implications. I frequently
tell students that *anything* you learn can be used in security. So there is a good
possibility that, somewhere in the exam you face, there is going to be a question
on a topic that you know *nothing* about.

Two points to remember. The first is, answer every question. Even if you have
to guess, you have a 25% chance of getting the point for that question.

Second point: don't panic. Remember, you only have to get 70% to pass.

====================== (quote inserted randomly by Pegasus Mailer)
rslade@gmail.com rmslade@outlook.com rslade@computercrime.org
Education is the best defense against the media.
victoria.tc.ca/techrev/rms.htm http://twitter.com/rslade
http://blogs.securiteam.com/index.php/archives/author/p1/
https://community.isc2.org/t5/forums/recentpostspage/user-id/1324864413

............

Other posts: https://community.isc2.org/t5/forums/recentpostspage/user-id/1324864413

This message may or may not be governed by the terms of
http://www.noticebored.com/html/cisspforumfaq.html#Friday or
https://blogs.securiteam.com/index.php/archives/1468
rslade
Influencer II

What is the name of a malicious computer program that replicates itself by attaching to other programs?

 

a. Virus.
b. Worm.
c. Trap door.
d. Trojan horse.

 

Answer: a.

 

OK, hopefully the answer is obvious, but it points out the importance of not getting too buried in the details.  First of all, we can discard trap door and trojan horse because neither of them has anything to do with replication.  That leaves us with two replicating options, virus and worm.  Now, some of you may know that not all viruses replicate by attaching to other programs.  (And, in fact, these days relatively few do.)  But worms definitely do not attach to other programs.  So, of the options given, virus is still the correct answer.


............

Other posts: https://community.isc2.org/t5/forums/recentpostspage/user-id/1324864413

This message may or may not be governed by the terms of
http://www.noticebored.com/html/cisspforumfaq.html#Friday or
https://blogs.securiteam.com/index.php/archives/1468
gidyn
Contributor III

Isn't "replicates itself" the definition of a worm?

 


@rslade wrote:

What is the name of a malicious computer program that replicates itself by attaching to other programs?

 

a. Virus.
b. Worm.
c. Trap door.
d. Trojan horse.

 

Answer: a.

 

OK, hopefully the answer is obvious, but it points out the importance of not getting too buried in the details.  First of all, we can discard trap door and trojan horse because neither of them has anything to do with replication.  That leaves us with two replicating options, virus and worm.  Now, some of you may know that not all viruses replicate by attaching to other programs.  (And, in fact, these days relatively few do.)  But worms definitely do not attach to other programs.  So, of the options given, virus is still the correct answer.


 

rslade
Influencer II

Illegally accessing data, without recourse to malware, and then threatening to release it unless someone pays a ransom is called:

 

a) ransomware

b) extortion

c) breachstortion

d) I DON'T KNOW WHAT IT'S CALLED, BUT IT'S NOT RANSOMWARE!!!!

 

Answer: b or c, depending upon how "l33t" you want to sound.

 

Discussion:

 

IT'S NOT RANSOMWARE!  RANSOMWARE INVOLVES SOFTWARE!  RANSOMWARE INVOLVES MALWARE!  JUST DOING A BREACH AND STEALING FILES IS NOT RANSOMWARE!!!!

 

(I'm sorry.  I've go lie down, now ...)


............

Other posts: https://community.isc2.org/t5/forums/recentpostspage/user-id/1324864413

This message may or may not be governed by the terms of
http://www.noticebored.com/html/cisspforumfaq.html#Friday or
https://blogs.securiteam.com/index.php/archives/1468
Early_Adopter
Community Champion

“I’ll have a ‘B’ Rob...”

rslade
Influencer II

A system file that has been patched numerous times becomes infected with a virus.
The anti-virus software warns that disinfecting the file may damage it. What
course of action should be taken?

a. Replace the file with the original version from master media
b. Proceed with automated disinfection
c. Research the virus to see if it is benign
d. Restore an uninfected version of the patched file from backup media

Answer: d.

OK, replace with original? We've been told it's been patched numerous times.
Repatching will be tedious. Automated disinfection? Doesn't always work.
Research benign? Even if benign, you can always get into trouble. So the correct
answer is restore uninfected from backup. (How do you *know* it's uninfected?
That's not part of the question.)

======================
rslade@gmail.com rmslade@outlook.com rslade@computercrime.org
"If you do buy a computer, don't turn it on." - Richards' 2nd Law
"Robert Slade's Guide to Computer Viruses" 0-387-94663-2
"Viruses Revealed" 0-07-213090-3
"Software Forensics" 0-07-142804-6
"Dictionary of Information Security" Syngress 1-59749-115-2
"Cybersecurity Lessons from CoVID-19" CRC Press 0367682699
============= for back issues:
[Base URL] site http://victoria.tc.ca/techrev/
CISSP refs: [Base URL]mnbksccd.htm
PC Security: [Base URL]mnvrrvsc.htm
Security Dict.: [Base URL]secgloss.htm
Security Educ.: [Base URL]comseced.htm
Book reviews: [Base URL]mnbk.htm
[Base URL]review.htm
Partial/recent: http://groups.yahoo.com/group/techbooks/
http://en.wikipedia.org/wiki/Robert_Slade
https://is.gd/RotlWB http://twitter.com/rslade
http://blogs.securiteam.com/index.php/archives/author/p1/

............

Other posts: https://community.isc2.org/t5/forums/recentpostspage/user-id/1324864413

This message may or may not be governed by the terms of
http://www.noticebored.com/html/cisspforumfaq.html#Friday or
https://blogs.securiteam.com/index.php/archives/1468
PuettK
Newcomer III

I would like to hope that everyone considers, virus, malware, ransomware questions this way.  1st course of action, restore from backup.  We breach backups almost in every chapter of the CBK

rslade
Influencer II

What is the final step in the change control management process?

 

a. Inform the users of the change.
b. Test the functionality of the change.
c. Update the procedure manual.
d. Report the change to management.

 

Answer: d.

 

Reference: HISM, edited by Ruthberg & Tipton; Auerbach; 1993; pg 399-400.

 

Discussion:

 

Answer a - wrong - users often initiate the request for change.  OK, yes, you should tell them you've done it, but generally that's part of the process, and you tell management last.
Answer b - wrong - changes must be tested prior to implementation.
Answer c - wrong - the procedure manual is updated to show the change.
Answer d - correct - management is notified that the change has been implemented.  And they may want to accredit it.  (Probably should.)


............

Other posts: https://community.isc2.org/t5/forums/recentpostspage/user-id/1324864413

This message may or may not be governed by the terms of
http://www.noticebored.com/html/cisspforumfaq.html#Friday or
https://blogs.securiteam.com/index.php/archives/1468
rslade
Influencer II

One of the security issues associated with the use of Internet based fax services is:

 

a. Fax is stored in plaintext at the service.
b. Group 2 fax does not support encryption.
c. The services verify fax content.
d. Fax transmissions are usually blocked by a firewall.

 

Answer: a


............

Other posts: https://community.isc2.org/t5/forums/recentpostspage/user-id/1324864413

This message may or may not be governed by the terms of
http://www.noticebored.com/html/cisspforumfaq.html#Friday or
https://blogs.securiteam.com/index.php/archives/1468