156-110 Check Point Certified Security Principles Associate Set 3

Why does the (ISC)2 access-control systems and methodology functional domain address both the confidentiality and integrity aspects of the Information Security Triad? Accesscontrol systems and methodologies:


Options are :

  • control who is allowed to view and modify information (Correct)
  • set standards for acceptable media-storage devices.
  • are required standards in health care and banking.
  • are academic models not suitable for implementation.
  • provide redundant systems and data backups.

Answer : control who is allowed to view and modify information

156-315.71 Check Point Security Expert R71 Practical Exam Set 7

A(n) ___________ is the first step for determining which technical information assets should be protected.


Options are :

  • Business Impact Analysis
  • Intrusion detection system
  • Firewall
  • Office floor plan
  • Network diagram (Correct)

Answer : Network diagram

Which of the following statements about the maintenance and review of information security policies is NOT true?


Options are :

  • Functional users and information custodians are ultimately responsible for the accuracy and relevance of information security policies (Correct)
  • Review requirements should be included in the security policies themselves
  • The review and maintenance of security policies should be tied to the performance evaluations of accountable individuals.
  • In the absence of changes to business requirements and processes, informationsecurity policy reviews should be annual.
  • When business requirements change, security policies should be reviewed to confirm that policies reflect the new business requirements.

Answer : Functional users and information custodians are ultimately responsible for the accuracy and relevance of information security policies

Which of the following best describes the largest security challenge for Remote Offices/Branch Offices?


Options are :

  • Distributed denial-of-service attacks
  • Secure access to remote organizational resources (Correct)
  • Unauthorized network connectivity
  • Salami attacks
  • Leased-line security

Answer : Secure access to remote organizational resources

156-315.71 Check Point Security Expert R71 Practical Exam Set 5

Virtual corporations typically use a(n) ___________ for maintaining centralized information assets.


Options are :

  • CD-ROM burner
  • Colocation (Correct)
  • Floppy disk
  • Data warehouse
  • Off-line repository

Answer : Colocation

A(n) __________ is an abstract machine, which mediates all access subjects have to objects.


Options are :

  • ACL
  • State machine
  • TCB
  • Reference monitor (Correct)
  • Router

Answer : Reference monitor

A(n) __________ occurs when intrusion-detection measures fail to recognize suspicious traffic or activity.


Options are :

  • CIFS pop-up
  • False positive
  • Threshold
  • False negative (Correct)
  • Alarm

Answer : False negative

156-215.75 Check Point Certified Security Administrator Exam Set 5

ABC Corporation's network is configured such that a user must log in individually at each server and access control. Which type of authentication is in use?


Options are :

  • Role-based access control
  • Three-factor authentication
  • Single sign-on
  • Hybrid access control
  • Mandatory sign-on (Correct)

Answer : Mandatory sign-on

Which of the following is NOT a Business Continuity Plan (BCP) recovery strategy?


Options are :

  • Reciprocal agreements with another organization
  • Manual procedures; alternative solution to technology available
  • Doing nothing; no action taken to recover the technology
  • Deferring action; action waiting until a later date
  • Delegating risk to another entity, such as an insurer (Correct)

Answer : Delegating risk to another entity, such as an insurer

A(n) ___________ is an unintended communication path that can be used to violate a system security policy.


Options are :

  • Simple rule violation
  • Inferred fact
  • Aggregated data set
  • Integrity axiom
  • Covert channel (Correct)

Answer : Covert channel

156-215.13 Check Point Certified Security Administrator Exam Set 11

__________ is the state of being correct, or the degree of certainty a person or process can have, that the data in an information asset is correct.


Options are :

  • Privacy
  • Confidentiality
  • Availability
  • Integrity (Correct)
  • Authenticity

Answer : Integrity

INFOSEC professionals are concerned about providing due care and due diligence. With whom should they consult, when protecting information assets?


Options are :

  • Their organizations' legal experts (Correct)
  • Senior management, particularly business-unit owners
  • Law enforcement in their region
  • IETF enforcement officials
  • Other INFOSEC professionals

Answer : Their organizations' legal experts

________ is a type of cryptography, where letters of an original message are systematically rearranged into another sequence.


Options are :

  • Steganography
  • Symmetric-key exchange
  • Transposition cipher (Correct)
  • Asymmetric-key encryption
  • Simple substitution cipher

Answer : Transposition cipher

Check Point Certified Security Administrator Set 1

A __________ posture provides many levels of security possibilities, for access control.


Options are :

  • Flat defensive
  • Reactive defensive
  • Multiple offensive
  • Layered defensive (Correct)
  • Proactive offensive

Answer : Layered defensive

All of the following are possible configurations for a corporate intranet, EXCEPT:


Options are :

  • Metropolitan-area network
  • Wide-area network
  • Campus-area network
  • Value-added network (Correct)
  • Local-area network

Answer : Value-added network

What is mandatory sign-on? An authentication method that:


Options are :

  • stores user credentials locally, so that users need only authenticate the first time a local machine is used
  • requires users to re-authenticate at each server and access control (Correct)
  • requires the use of one-time passwords, so users authenticate only once, with a given set of credentials
  • allows users to authenticate once, and then uses tokens or other credentials to manage subsequent authentication attempts
  • uses smart cards, hardware tokens, and biometrics to authenticate users; also known as three-factor authentication

Answer : requires users to re-authenticate at each server and access control

156-315.77 Check Point Certified Security Expert Exam Set 4

________ involves gathering pieces of information and drawing a conclusion, whose sensitivity exceeds any of the Individual pieces of Information.


Options are :

  • Aggregation (Correct)
  • Movement analysis
  • Communication-pattern analysis
  • Inference
  • Social engineering

Answer : Aggregation

ABC Corporation's network requires users to authenticate to cross the border firewall, and before entering restricted segments. Servers containing sensitive information require separate authentication. This is an example of which type of access-control method?


Options are :

  • Decentralized access control
  • Mandatory access control
  • Hybrid access control
  • Single sign-on
  • Layered access control (Correct)

Answer : Layered access control

Enterprise employees working remotely require access to data at an organization's headquarters. Which of the following is the BEST method to transfer this data?


Options are :

  • Standard e-mail
  • Dial-in access behind the enterprise firewall
  • Faxed information
  • CD-ROMs shipped with updated versions of the data
  • Virtual private network (Correct)

Answer : Virtual private network

156-315.77 Check Point Certified Security Expert Exam Set 1

The items listed below are examples of ___________ controls. *Procedures and policies *Employee security-awareness training *Employee background checks *Increasing management security awareness


Options are :

  • Role-based
  • Technical
  • Administrative (Correct)
  • Physical
  • Mandatory

Answer : Administrative

ABC Corporation's network is configured such that a user must log in individually at each server and access control. Which type of authentication is in use?


Options are :

  • Mandatory sign-on (Correct)
  • Hybrid access control
  • Three-factor authentication
  • Single sign-on
  • Role-based access control

Answer : Mandatory sign-on

Check Point Certified Security Expert Exam Set 3

________ is a type of cryptography, where letters of an original message are systematically rearranged into another sequence.


Options are :

  • Steganography
  • Symmetric-key exchange
  • Asymmetric-key encryption
  • Simple substitution cipher
  • Transposition cipher (Correct)

Answer : Transposition cipher

A(n) __________ occurs when intrusion-detection measures fail to recognize suspicious traffic or activity.


Options are :

  • Alarm
  • False positive
  • False negative (Correct)
  • Threshold
  • CIFS pop-up

Answer : False negative

Why does the (ISC)2 access-control systems and methodology functional domain address both the confidentiality and integrity aspects of the Information Security Triad? Accesscontrol systems and methodologies:


Options are :

  • control who is allowed to view and modify information (Correct)
  • provide redundant systems and data backups.
  • are required standards in health care and banking.
  • are academic models not suitable for implementation.
  • set standards for acceptable media-storage devices.

Answer : control who is allowed to view and modify information

156-315.77 Check Point Certified Security Expert Exam Set 11

ABC Corporation's network requires users to authenticate to cross the border firewall, and before entering restricted segments. Servers containing sensitive information require separate authentication. This is an example of which type of access-control method?


Options are :

  • Decentralized access control
  • Hybrid access control
  • Layered access control (Correct)
  • Single sign-on
  • Mandatory access control

Answer : Layered access control

__________ is the state of being correct, or the degree of certainty a person or process can have, that the data in an information asset is correct.


Options are :

  • Authenticity
  • Availability
  • Privacy
  • Integrity (Correct)
  • Confidentiality

Answer : Integrity

All of the following are possible configurations for a corporate intranet, EXCEPT:


Options are :

  • Campus-area network
  • Metropolitan-area network
  • Value-added network (Correct)
  • Local-area network
  • Wide-area network

Answer : Value-added network

Check Point Certified Security Expert Exam Set 4

INFOSEC professionals are concerned about providing due care and due diligence. With whom should they consult, when protecting information assets?


Options are :

  • Law enforcement in their region
  • Other INFOSEC professionals
  • IETF enforcement officials
  • Senior management, particularly business-unit owners
  • Their organizations' legal experts (Correct)

Answer : Their organizations' legal experts

The items listed below are examples of ___________ controls. *Procedures and policies *Employee security-awareness training *Employee background checks *Increasing management security awareness


Options are :

  • Technical
  • Role-based
  • Mandatory
  • Physical
  • Administrative (Correct)

Answer : Administrative

A(n) __________ is an abstract machine, which mediates all access subjects have to objects.


Options are :

  • TCB
  • Reference monitor (Correct)
  • Router
  • ACL
  • State machine

Answer : Reference monitor

156-215.75 Check Point Certified Security Administrator Exam Set 5

Comment / Suggestion Section
Point our Mistakes and Post Your Suggestions

Subscribe to See Videos

Subscribe to my Youtube channel for new videos : Subscribe Now