156-110 Check Point Certified Security Principles Associate Set 2

#NAME?


Options are :

  • Biometrics
  • Authorization
  • Identification
  • Authentication
  • Validation

Answer : Identification

The items listed below are examples of ___________ controls. *Smart cards *Access control lists *Authentication servers *Auditing


Options are :

  • Technical
  • Administrative
  • Physical
  • Mandatory
  • Role-based

Answer : Technical

What is single sign-on? An authentication method:


Options are :

  • requiring the use of one-time passwords, so users authenticate only once, with a given set of credentials.
  • that allows users to authenticate once, and then uses tokens or other credentials to manage subsequent authentication attempts
  • that stores user credentials locally, so that users need only authenticate the first time, a local machine is used
  • that uses smart cards, hardware tokens, and biometrics to authenticate users; also known as three-factor authentication
  • that requires users to re-authenticate for every resource accessed

Answer : that allows users to authenticate once, and then uses tokens or other credentials to manage subsequent authentication attempts

156-110 Check Point Certified Security Principles Associate Set 3

When should procedures be evaluated?


Options are :

  • On the anniversary of the procedures' implementation
  • Each time procedures are used
  • Whenever business processes are modified
  • When new functional users join an organization
  • When new exploits and attacks are discovered

Answer : Whenever business processes are modified

Why should the number of services on a server be limited to required services?


Options are :

  • Closed systems require special connectivity services.
  • All services are inherently stable and secure.
  • Running extra services makes machines more efficient.
  • Every open service represents a potential vulnerability.
  • Additional services make machines more secure.

Answer : Every open service represents a potential vulnerability.

Which principle of secure design states that a security mechanism's methods must be testable?


Options are :

  • Separation of privilege
  • Economy of mechanism
  • Least common mechanism
  • Open design
  • Complete mediation

Answer : Open design

156-110 Check Point Certified Security Principles Associate Set 4

#NAME?


Options are :

  • Burst traffic
  • ICMPtraffic
  • Fragmented packets
  • Peak traffic
  • Insufficient bandwidth

Answer : Insufficient bandwidth

Which of the following are appropriate uses of asymmetric encryption? (Choose THREE.)


Options are :

  • Data-integrity checking
  • Sneaker net
  • Public Web site access
  • Secure key-exchange mechanisms
  • Authentication

Answer : Data-integrity checking Secure key-exchange mechanisms Authentication

Which of the following represents a valid reason for testing a patch on a non-production system, before applying it to a production system?


Options are :

  • Patches are a kind of virus.
  • Patches usually break important system functionality.
  • Patches always overwrite user data.
  • Only patches on vendor-pressed CDs can be trusted.
  • Patches may re-enable services previously disabled

Answer : Patches may re-enable services previously disabled

156-110 Check Point Certified Security Principles Associate Set 5

Which of the following entities review partner-extranet requirements?


Options are :

  • Marketing
  • Requesting department
  • Shipping and receiving
  • Chief Information Officer
  • Information systems

Answer : Requesting department

Which of the following equations results in the Single Loss Expectancy for an asset?


Options are :

  • Asset Value x % Of Loss From Realized Vulnerability
  • Annualized Rate of Occurrence x Annualized Loss Expectancy
  • Asset Value x % Of Loss From Realized Exposure
  • Annualized Rate of Occurrence / Annualized Loss Expectancy
  • Asset Value x % Of Loss From Realized Threat

Answer : Asset Value x % Of Loss From Realized Threat

156-110 Check Point Certified Security Principles Associate Set 6

Which of the following is NOT an auditing function that should be performed regularly?


Options are :

  • Reviewing IDS logs
  • Reviewing audit logs
  • Reviewing performance logs
  • Reviewing system logs
  • Reviewing IDS alerts

Answer : Reviewing performance logs

How is bogus information disseminated?


Options are :

  • Seemingly, unimportant pieces of data may yield enough information to an adversary, for him to disseminate incorrect information and sound authoritative.
  • Adversaries take advantage of a person's trust and goodwill.
  • Adversaries use movement patterns as indicators of activity.
  • Adversaries sort through trash to find information.
  • Adversaries use anomalous traffic patterns as indicators of unusual activity. They will employ other methods, such as social engineering, to discover the cause of the noise.

Answer : Seemingly, unimportant pieces of data may yield enough information to an adversary, for him to disseminate incorrect information and sound authoritative.

Which type of Business Continuity Plan (BCP) test involves shutting down z on-line, and moving all operations to the alternate site?


Options are :

  • Full interruption
  • Simulation
  • Parallel
  • Checklist
  • Structured walkthrough

Answer : Full interruption

156-110 Check Point Certified Security Principles Associate Set 7

Organizations____________ risk, when they convince another entity to assume the risk for them.


Options are :

  • Mitigate
  • Assume
  • Deny
  • Transfer
  • Elevate

Answer : Transfer

Which type of Business Continuity Plan (BCP) test involves practicing aspects of the BCP, without actually interrupting operations or bringing an alternate site on-line?


Options are :

  • Simulation
  • Checklist
  • Full interruption
  • Structured walkthrough
  • Parallel

Answer : Simulation

What must system administrators do when they cannot access a complete i testing?


Options are :

  • Extrapolate results from a limited subset.
  • Request additional hardware and software.
  • Eliminate the testing phase of change control.
  • Refuse to implement change requests.
  • Deploy directly to the production environment.

Answer : Extrapolate results from a limited subset.

156-115 Check Point Certified Security Master - Final Exam Set 1

Which encryption algorithm has the highest bit strength?


Options are :

  • Triple DES
  • DES
  • AES
  • CAST
  • Blowfish

Answer : AES

Why should each system user and administrator have individual accounts? (Choose TWO.)


Options are :

  • Using separate accounts for each user reduces resource consumption, particularly disk space
  • By using individual login names and passwords, user actions can be traced
  • A generic user name and password for users and security administrators provides anonymity, which prevents useful logging and auditing.
  • Using generic user names and passwords increases system security and reliability.
  • If users do not have individual login names, processes can automatically run with root/administrator access.

Answer : By using individual login names and passwords, user actions can be traced A generic user name and password for users and security administrators provides anonymity, which prevents useful logging and auditing.

Which of the following is NOT a restriction, for partners accessing internal corporate resources through an extranet?


Options are :

  • Viewing inventory levels for partner products only
  • Preventing access to any network resource, other than those explicitly permitted
  • Using restricted programs, to access databases and other information resources
  • Allowing access from any location
  • Preventing modification of restricted information

Answer : Allowing access from any location

156-115 Check Point Certified Security Master - Final Exam Set 2

_______ occurs when an individual or process acquires a higher level of privilege. Or access, than originally intended.


Options are :

  • Privilege aggregation
  • Security Triad
  • Least privilege
  • Need-to-know
  • Privilege escalation

Answer : Privilege escalation

To protect its information assets, ABC Company purchases a safeguard that costs $60,000. The annual cost to maintain the safeguard is estimated to be $40,000. The aggregate Annualized Loss Expectancy for the risks the safeguard is expected to mitigate is $50,000. At this rate of return, how long will it take ABC Company to recoup the cost of the safeguard?


Options are :

  • Less than 7 years
  • Less than 1 year
  • Less than 5 years
  • ABC Company will never recoup the cost of this safeguard.
  • Less than 3 years

Answer : Less than 7 years

Which of the following is likely in a small-business environment?


Options are :

  • Small businesses have security personnel on staff.
  • Resources are available as needed.
  • Most employees have experience with information security.
  • Security budgets are very small.
  • Most small businesses employ a full-time information-technology staff.

Answer : Security budgets are very small.

156-115 Check Point Certified Security Master - Final Exam Set 3

When attempting to identify OPSEC indicators, information-security professionals must: (Choose THREE.)


Options are :

  • Perform business impact analysis surveys.
  • Scrutinize their organizations' daily activities.
  • Meet with adversaries.
  • Discover the information daily activities yield.
  • Analyze indicators, to determine the information an adversary can glean both from routine and nonroutine activities.

Answer : Scrutinize their organizations' daily activities. Discover the information daily activities yield. Analyze indicators, to determine the information an adversary can glean both from routine and nonroutine activities.

Which TWO of the following items should be accomplished, when interviewing candidates for a position within an organization?


Options are :

  • Run criminal-background checks.
  • Contact personal and professional references.
  • question candidates, using polygraphs, n
  • Hire an investigation agency to run background checks.
  • Verify all dates of previous employment.

Answer : Contact personal and professional references. Verify all dates of previous employment.

Internal intrusions are loosely divided into which categories? (Choose TWO.)


Options are :

  • Attempts by insiders to access resources, without proper access rights
  • Attempts by insiders to access external resources, without proper access rights.
  • Attempts by insiders to perform inappropriate acts, on external information assets to which they have been given rights or permissions.
  • Attempts by insiders to perform appropriate acts, on information assets to which they have been given rights or permissions.
  • Attempts by insiders to perform inappropriate acts, on information assets to which they have been given rights or permissions.

Answer : Attempts by insiders to access resources, without proper access rights Attempts by insiders to perform inappropriate acts, on information assets to which they have been given rights or permissions.

156-115 Check Point Certified Security Master - Final Exam Set 4

A new U.S. Federal Information Processing Standard specifies a cryptographic algorithm. This algorithm is used by U.S. government organizations to protect sensitive, but unclassified, information. What is the name of this Standard?


Options are :

  • AES
  • RSA
  • Blowfish
  • Triple DES
  • CAST

Answer : AES

Operating-svstem fingerprinting uses all of the following, EXCEPT ______, to identify a target operating system.


Options are :

  • IP ID field
  • Initial sequence number
  • Sequence Verifier
  • Time to Live
  • Address spoofing

Answer : Address spoofing

Which of the following is an integrity requirement for Remote Offices/Branch Offices (ROBOs)?


Options are :

  • Data must be consistent between ROBO sites and headquarters.
  • Data must remain available to all remote offices.
  • Improvised solutions must provide the level of protection required.
  • Users must be educated about appropriate security policies
  • Private data must remain internal to an organization.

Answer : Data must be consistent between ROBO sites and headquarters.

156-115 Check Point Certified Security Master - Final Exam Set 5

Which of these metrics measure how a biometric device performs, when attempting to authenticate subjects? (Choose THREE.)


Options are :

  • Enrollment Failure Rate
  • User Acceptance Rate
  • False Acceptance Rate
  • False Rejection Rate
  • Crossover Error Rate

Answer : False Acceptance Rate False Rejection Rate Crossover Error Rate

Comment / Suggestion Section
Point our Mistakes and Post Your Suggestions

Subscribe to See Videos

Subscribe to my Youtube channel for new videos : Subscribe Now