1. 156-110 Check Point Certified Security Principles Associate Set 6

156-110 Check Point Certified Security Principles Associate Set 6

You are a system administrator for a pool of Web servers. The vendor who sells your Web server posts a patch and sample exploit for a newly discovered vulnerability. You will take all of the actions listed below. Which of the following actions should you take first?


Options are :

  • Run the sample exploit against a production server.
  • Run the sample exploit against a test server. (Correct)
  • Test the patch on a production server
  • Apply the patch to all production servers.
  • Test the patch on a non-production server.

Answer : Run the sample exploit against a test server.

#NAME?


Options are :

  • Exploitation
  • Baselining
  • A vulnerability
  • Penetration testing (Correct)
  • A countermeasure

Answer : Penetration testing

Which of the following is the MOST important consideration, when developing securityawareness training materials?


Options are :

  • Training material should be accessible and attractive
  • Appropriate language should be used to facilitate localization, should training materials require translation.
  • Security-awareness training materials should never contradict an organizational security policy. (Correct)
  • Delivery mechanisms should allow easy development of additional materials, to complement core material.
  • Written documentation should be archived, in case of disaster.

Answer : Security-awareness training materials should never contradict an organizational security policy.

156-315.71 Check Point Security Expert R71 Practical Exam Set 5

----------- is issued by senior management, and defines an organization's security goals.


Options are :

  • Security policy mission statement (Correct)
  • Records-retention procedure
  • Acceptable-use policy
  • Service level agreement
  • Organizational security policy

Answer : Security policy mission statement

#NAME?


Options are :

  • Biometrics
  • Authorization
  • Authentication
  • Identification (Correct)
  • Validation

Answer : Identification

Embedding symbols in images or common items, such as pictures or quilts, is an example of __________.


Options are :

  • Espionage
  • Key exchange
  • Transposition cipher
  • Arithmancy
  • Steganography (Correct)

Answer : Steganography

156-315.71 Check Point Security Expert R71 Practice Exam Set 4

Which of the following entities review partner-extranet requirements?


Options are :

  • Information systems
  • Requesting department (Correct)
  • Marketing
  • Chief Information Officer
  • Shipping and receiving

Answer : Requesting department

#NAME?


Options are :

  • ICMPtraffic
  • Peak traffic
  • Fragmented packets
  • Insufficient bandwidth (Correct)
  • Burst traffic

Answer : Insufficient bandwidth

The items listed below are examples of ___________ controls. *Smart cards *Access control lists *Authentication servers *Auditing


Options are :

  • Technical (Correct)
  • Role-based
  • Physical
  • Mandatory
  • Administrative

Answer : Technical

156-315.71 Check Point Security Expert R71 Practice Exam Set 2

A security administrator implements Secure Configuration Verification (SCV), because SCV: (Choose THREE.)


Options are :

  • Does not enable the administrator to monitor the configuration of remote computers
  • Confirms that a remote configuration complies with the organization's security policy. (Correct)
  • Enables the administrator to monitor the configuration of remote computers. (Correct)
  • Prevents attackers from penetrating headquarters' Security Gateway
  • Can block connectivity for machines that do not comply with the organization's security policy (Correct)

Answer : Confirms that a remote configuration complies with the organization's security policy. Enables the administrator to monitor the configuration of remote computers. Can block connectivity for machines that do not comply with the organization's security policy

Which of these metrics measure how a biometric device performs, when attempting to authenticate subjects? (Choose THREE.)


Options are :

  • False Acceptance Rate (Correct)
  • Enrollment Failure Rate
  • False Rejection Rate (Correct)
  • User Acceptance Rate
  • Crossover Error Rate (Correct)

Answer : False Acceptance Rate False Rejection Rate Crossover Error Rate

156-315.77 Check Point Certified Security Expert Exam Set 16

How is bogus information disseminated?


Options are :

  • Adversaries take advantage of a person's trust and goodwill.
  • Seemingly, unimportant pieces of data may yield enough information to an adversary, for him to disseminate incorrect information and sound authoritative. (Correct)
  • Adversaries use anomalous traffic patterns as indicators of unusual activity. They will employ other methods, such as social engineering, to discover the cause of the noise.
  • Adversaries use movement patterns as indicators of activity.
  • Adversaries sort through trash to find information.

Answer : Seemingly, unimportant pieces of data may yield enough information to an adversary, for him to disseminate incorrect information and sound authoritative.

A new U.S. Federal Information Processing Standard specifies a cryptographic algorithm. This algorithm is used by U.S. government organizations to protect sensitive, but unclassified, information. What is the name of this Standard?


Options are :

  • CAST
  • Blowfish
  • Triple DES
  • RSA
  • AES (Correct)

Answer : AES

To protect its information assets, ABC Company purchases a safeguard that costs $60,000. The annual cost to maintain the safeguard is estimated to be $40,000. The aggregate Annualized Loss Expectancy for the risks the safeguard is expected to mitigate is $50,000. At this rate of return, how long will it take ABC Company to recoup the cost of the safeguard?


Options are :

  • Less than 5 years
  • Less than 7 years (Correct)
  • Less than 1 year
  • Less than 3 years
  • ABC Company will never recoup the cost of this safeguard.

Answer : Less than 7 years

156-215.77 Check Point Certified Security Administrator Exam Set 3

Why should each system user and administrator have individual accounts? (Choose TWO.)


Options are :

  • If users do not have individual login names, processes can automatically run with root/administrator access.
  • A generic user name and password for users and security administrators provides anonymity, which prevents useful logging and auditing. (Correct)
  • By using individual login names and passwords, user actions can be traced (Correct)
  • Using separate accounts for each user reduces resource consumption, particularly disk space
  • Using generic user names and passwords increases system security and reliability.

Answer : A generic user name and password for users and security administrators provides anonymity, which prevents useful logging and auditing. By using individual login names and passwords, user actions can be traced

Which TWO of the following items should be accomplished, when interviewing candidates for a position within an organization?


Options are :

  • question candidates, using polygraphs, n
  • Run criminal-background checks.
  • Contact personal and professional references. (Correct)
  • Verify all dates of previous employment. (Correct)
  • Hire an investigation agency to run background checks.

Answer : Contact personal and professional references. Verify all dates of previous employment.

Organizations____________ risk, when they convince another entity to assume the risk for them.


Options are :

  • Transfer (Correct)
  • Elevate
  • Deny
  • Assume
  • Mitigate

Answer : Transfer

Check Point Certified Security Expert Exam Set 6

Which of the following equations results in the Single Loss Expectancy for an asset?


Options are :

  • Asset Value x % Of Loss From Realized Threat (Correct)
  • Annualized Rate of Occurrence x Annualized Loss Expectancy
  • Asset Value x % Of Loss From Realized Exposure
  • Asset Value x % Of Loss From Realized Vulnerability
  • Annualized Rate of Occurrence / Annualized Loss Expectancy

Answer : Asset Value x % Of Loss From Realized Threat

Which of the following is likely in a small-business environment?


Options are :

  • Resources are available as needed.
  • Small businesses have security personnel on staff.
  • Most employees have experience with information security.
  • Security budgets are very small. (Correct)
  • Most small businesses employ a full-time information-technology staff.

Answer : Security budgets are very small.

What must system administrators do when they cannot access a complete i testing?


Options are :

  • Extrapolate results from a limited subset. (Correct)
  • Refuse to implement change requests.
  • Eliminate the testing phase of change control.
  • Deploy directly to the production environment.
  • Request additional hardware and software.

Answer : Extrapolate results from a limited subset.

156-315.77 Check Point Certified Security Expert Exam Set 21

Which encryption algorithm has the highest bit strength?


Options are :

  • CAST
  • DES
  • AES (Correct)
  • Blowfish
  • Triple DES

Answer : AES

Which type of Business Continuity Plan (BCP) test involves shutting down z on-line, & moving all operations to the alternate site?


Options are :

  • Checklist
  • Parallel
  • Simulation
  • Structured walkthrough
  • Full interruption (Correct)

Answer : Full interruption

Which of the following is NOT a restriction, for partners accessing internal corporate resources through an extranet?


Options are :

  • Using restricted programs, to access databases and other information resources
  • Preventing access to any network resource, other than those explicitly permitted
  • Preventing modification of restricted information
  • Allowing access from any location (Correct)
  • Viewing inventory levels for partner products only

Answer : Allowing access from any location

156-315.13 Check Point Security Expert R76(GAiA) Exam Set 7

Which of the following is an integrity requirement for Remote Offices/Branch Offices (ROBOs)?


Options are :

  • Improvised solutions must provide the level of protection required.
  • Data must remain available to all remote offices.
  • Data must be consistent between ROBO sites and headquarters. (Correct)
  • Private data must remain internal to an organization.
  • Users must be educated about appropriate security policies

Answer : Data must be consistent between ROBO sites and headquarters.

Which of the following is NOT an auditing function that should be performed regularly?


Options are :

  • Reviewing IDS alerts
  • Reviewing system logs
  • Reviewing performance logs (Correct)
  • Reviewing audit logs
  • Reviewing IDS logs

Answer : Reviewing performance logs

Which type of Business Continuity Plan (BCP) test involves practicing aspects of the BCP, without actually interrupting operations or bringing an alternate site on-line?


Options are :

  • Checklist
  • Structured walkthrough
  • Simulation (Correct)
  • Parallel
  • Full interruption

Answer : Simulation

Check Point Certified Security Administrator Set 2

_______ occurs when an individual or process acquires a higher level of privilege. Or access, than originally intended.


Options are :

  • Privilege escalation (Correct)
  • Least privilege
  • Need-to-know
  • Security Triad
  • Privilege aggregation

Answer : Privilege escalation

When attempting to identify OPSEC indicators, information-security professionals must: (Choose THREE.)


Options are :

  • Perform business impact analysis surveys.
  • Meet with adversaries.
  • Discover the information daily activities yield. (Correct)
  • Analyze indicators, to determine the information an adversary can glean both from routine and nonroutine activities. (Correct)
  • Scrutinize their organizations' daily activities. (Correct)

Answer : Discover the information daily activities yield. Analyze indicators, to determine the information an adversary can glean both from routine and nonroutine activities. Scrutinize their organizations' daily activities.

Operating-svstem fingerprinting uses all of the following, EXCEPT ______, to identify a target operating system.


Options are :

  • Time to Live
  • Address spoofing (Correct)
  • Sequence Verifier
  • Initial sequence number
  • IP ID field

Answer : Address spoofing

Check Point Certified Security Expert Exam Set 11

Internal intrusions are loosely divided into which categories? (Choose TWO.)


Options are :

  • Attempts by insiders to perform inappropriate acts, on external information assets to which they have been given rights or permissions.
  • Attempts by insiders to perform appropriate acts, on information assets to which they have been given rights or permissions.
  • Attempts by insiders to perform inappropriate acts, on information assets to which they have been given rights or permissions. (Correct)
  • Attempts by insiders to access resources, without proper access rights (Correct)
  • Attempts by insiders to access external resources, without proper access rights.

Answer : Attempts by insiders to perform inappropriate acts, on information assets to which they have been given rights or permissions. Attempts by insiders to access resources, without proper access rights

Recommended Readings

Comment / Suggestion Section
Point our Mistakes and Post Your Suggestions