A(n) ___________ is an unintended communication path that can be used to violate a system security policy.
Options are :
- Integrity axiom
- Aggregated data set
- Covert channel
(Correct)
- Inferred fact
- Simple rule violation
Answer : Covert channel
Check Point Certified Security Expert Exam Set 6
Virtual corporations typically use a(n) ___________ for maintaining centralized information assets.
Options are :
- Off-line repository
- Floppy disk
- CD-ROM burner
- Colocation
(Correct)
- Data warehouse
Answer : Colocation
What is mandatory sign-on? An authentication method that:
Options are :
- requires the use of one-time passwords, so users authenticate only once, with a given set of credentials
- requires users to re-authenticate at each server and access control
(Correct)
- allows users to authenticate once, and then uses tokens or other credentials to manage subsequent authentication attempts
- uses smart cards, hardware tokens, and biometrics to authenticate users; also known as three-factor authentication
- stores user credentials locally, so that users need only authenticate the first time a local machine is used
Answer : requires users to re-authenticate at each server and access control
INFOSEC
professionals are concerned about providing due care and due diligence.
With whom should they consult, when protecting information assets?
Options are :
- Senior management, particularly business-unit owners
- IETF enforcement officials
- Other INFOSEC professionals
- Law enforcement in their region
- Their organizations' legal experts
(Correct)
Answer : Their organizations' legal experts
156-215.77 Check Point Certified Security Administrator Test Set 6
A(n) __________ is an abstract machine, which mediates all access subjects have to objects.
Options are :
- ACL
- Reference monitor
(Correct)
- Router
- TCB
- State machine
Answer : Reference monitor
ABC
Corporation's network requires users to authenticate to cross the
border firewall, and before entering restricted segments. Servers
containing sensitive information require separate authentication. This
is an example of which type of access-control method?
Options are :
- Decentralized access control
- Mandatory access control
- Single sign-on
- Hybrid access control
- Layered access control
(Correct)
Answer : Layered access control
________
involves gathering pieces of information and drawing a conclusion,
whose sensitivity exceeds any of the Individual pieces of Information.
Options are :
- Inference
- Movement analysis
- Communication-pattern analysis
- Social engineering
- Aggregation
(Correct)
Answer : Aggregation
Check Point Certified Security Expert Exam Set 3
Which of the following statements about the maintenance and review of information security policies is NOT true?
Options are :
- Functional users and information custodians are ultimately responsible for the accuracy and relevance of information security policies
(Correct)
- Review requirements should be included in the security policies themselves
- When business requirements change, security policies should be reviewed to confirm that policies reflect the new business requirements.
- The review and maintenance of security policies should be tied to the performance evaluations of accountable individuals.
- In the absence of changes to business requirements and processes, informationsecurity policy reviews should be annual.
Answer : Functional users and information custodians are ultimately responsible for the accuracy and relevance of information security policies
________ is a type of cryptography, where letters of an original message are systematically rearranged into another sequence.
Options are :
- Symmetric-key exchange
- Asymmetric-key encryption
- Simple substitution cipher
- Steganography
- Transposition cipher
(Correct)
Answer : Transposition cipher
Why
does the (ISC)2 access-control systems and methodology functional
domain address both the confidentiality and integrity aspects of the
Information Security Triad? Accesscontrol systems and methodologies:
Options are :
- are required standards in health care and banking.
- provide redundant systems and data backups.
- are academic models not suitable for implementation.
- control who is allowed to view and modify information
(Correct)
- set standards for acceptable media-storage devices.
Answer : control who is allowed to view and modify information
156-315.77 Check Point Certified Security Specialist Exam Set 5
A(n) __________ occurs when intrusion-detection measures fail to recognize suspicious traffic or activity.
Options are :
- Alarm
- Threshold
- CIFS pop-up
- False positive
- False negative
(Correct)
Answer : False negative
A(n)___________ is a one-way mathematical function that maps variable values into smaller values of a fixed length.
Options are :
- Algorithm
- Integrity
- Back door
- Symmetric key
- Hash function
(Correct)
Answer : Hash function
If a firewall receives traffic not explicitly permitted by its security policy, what should the firewall do?
Options are :
- Log and pass the traffic.
- Log and drop the traffic.
(Correct)
- Do not log and pass the traffic.
- Do not log and drop the traffic.
- Nothing
Answer : Log and drop the traffic.
Distinguish
between the role of the data owner and the role of the data custodian.
Complete the following sentence. The data owner is the:
Options are :
- Person or entity responsible for imposing and enforcing policies and restrictions, dictated by the functional user. The data custodian is a person or process who accesses and/or manipulates the information.
- Person or process that originally creates the information. The data custodian is a role that shifts to any person or process currently accessing the data, and passes to the next person or process to access the data.
- Person or entity who accesses/and or manipulates data or information, in the course of assigned duties. The data custodian is a person or process with the appropriate level of privilege to access the data.
- Person or entity ultimately responsible for the security of an information asset. The data custodian is the person or entity responsible for imposing and enforcing policies and restrictions, dictated by the data owner.
(Correct)
- Department in the organization responsible for the data's physical storage location. The data custodian is anyone who has access the data for any reason.
Answer : Person or entity ultimately responsible for the security of an information asset. The data custodian is the person or entity responsible for imposing and enforcing policies and restrictions, dictated by the data owner.
156-315.77 Check Point Certified Security Specialist Exam Set 2
At
ABC Corporation, access to critical information resources, such as
database and e-mail servers, is controlled by the information-technology
(IT) department. The supervisor in the department grants access to
printers where the printer is located. Managers grant and revoke rights
to files within their departments' directories on the file server, but
the IT department controls who has access to the directories. Which type
of access-management system is in use at ABC Corporation?
Options are :
- Centralized access management
- Role-based access management
- Privileged access management
- Hybrid access management
(Correct)
- Decentralized access management
Answer : Hybrid access management
Which of the following is a cost-effective solution for securely transmitting data between remote offices?
Options are :
- Standard e-mail
- Telephone
- Bonded courier
- Fax machine
- Virtual private network
(Correct)
Answer : Virtual private network
Which of the following is an example of a simple, physical-access control?
Options are :
- Access control list
- Lock
(Correct)
- Background check
- Firewall
- Token
Answer : Lock
156-315.71 Check Point Security Expert R71 Practical Exam Set 2
Which of the following best describes an external intrusion attempt on a local-area network (LAN)?
Options are :
- External users attempt to access public resources.
- Internal users perform inappropriate acts on assets to which they have been given rights or permissions.
- Internal users try to gain unauthorized access to information assets outside the organizational perimeter.
- External-intrusion attempts from sources outside the LAN are not granted permissions or rights to an organization's information assets
(Correct)
- External intruders attempt exploitation of vulnerabilities, to remove their own access.
Answer : External-intrusion attempts from sources outside the LAN are not granted permissions or rights to an organization's information assets
Which type of access management uses information about job duties and positions, to indicate subjects' clearance levels?
Options are :
- Hybrid
- Discretionary
- Role-based
(Correct)
- Nondiscretionary
- Mandatory
Answer : Role-based
Which of the following statements about encryption's benefits is false? Encryption can: (Choose TWO.)
Options are :
- prevent information from being destroyed by malicious entities, while in transit
(Correct)
- allow private information to be sent over public networks, in relative safety.
- significantly reduce the chance information will be viewed by unauthorized entities
- only be used to protect data in transit. Encryption provides no protection to stored data
(Correct)
- significantly reduce the chance information will be modified by unauthorized entities.
Answer : prevent information from being destroyed by malicious entities, while in transit
only be used to protect data in transit. Encryption provides no protection to stored data
Check Point Certified Security Expert Exam Set 8
What type of document contains information on alternative business locations, IT resources, and personnel?
Options are :
- Acceptable use policy
- Business continuity plan
(Correct)
- End-user license agreement
- Security policy
- Nondisclosure agreement
Answer : Business continuity plan
A __________ posture provides many levels of security possibilities, for access control.
Options are :
- Multiple offensive
- Layered defensive
(Correct)
- Flat defensive
- Reactive defensive
- Proactive offensive
Answer : Layered defensive
Which of the following is NOT a Business Continuity Plan (BCP) recovery strategy?
Options are :
- Delegating risk to another entity, such as an insurer
(Correct)
- Manual procedures; alternative solution to technology available
- Deferring action; action waiting until a later date
- Doing nothing; no action taken to recover the technology
- Reciprocal agreements with another organization
Answer : Delegating risk to another entity, such as an insurer
156-315.65 Check Point Security Administration NGX R65 Exam Set 4
Which of the following best describes the largest security challenge for Remote Offices/Branch Offices?
Options are :
- Distributed denial-of-service attacks
- Salami attacks
- Unauthorized network connectivity
- Secure access to remote organizational resources
(Correct)
- Leased-line security
Answer : Secure access to remote organizational resources
A(n) ___________ is the first step for determining which technical information assets should be protected.
Options are :
- Business Impact Analysis
- Intrusion detection system
- Network diagram
(Correct)
- Office floor plan
- Firewall
Answer : Network diagram
All of the following are possible configurations for a corporate intranet, EXCEPT:
Options are :
- Local-area network
- Metropolitan-area network
- Wide-area network
- Value-added network
(Correct)
- Campus-area network
Answer : Value-added network
Check Point Certified Security Expert Exam Set 3
__________
is the state of being correct, or the degree of certainty a person or
process can have, that the data in an information asset is correct.
Options are :
- Availability
- Authenticity
- Confidentiality
- Integrity
(Correct)
- Privacy
Answer : Integrity
ABC
Corporation's network is configured such that a user must log in
individually at each server and access control. Which type of
authentication is in use?
Options are :
- Single sign-on
- Role-based access control
- Mandatory sign-on
(Correct)
- Three-factor authentication
- Hybrid access control
Answer : Mandatory sign-on
Enterprise
employees working remotely require access to data at an organization's
headquarters. Which of the following is the BEST method to transfer this
data?
Options are :
- Virtual private network
(Correct)
- Faxed information
- CD-ROMs shipped with updated versions of the data
- Standard e-mail
- Dial-in access behind the enterprise firewall
Answer : Virtual private network
156-115 Check Point Certified Security Master - Final Exam Set 5
The
items listed below are examples of ___________ controls. *Procedures
and policies *Employee security-awareness training *Employee background
checks *Increasing management security awareness
Options are :
- Mandatory
- Administrative
(Correct)
- Role-based
- Technical
- Physical
Answer : Administrative
One
individual is selected from each department, to attend a
security-awareness course. Each person returns to his department,
delivering the course to the remainder of the department. After training
is complete, each person acts as a peer coach. Which type of training
is this?
Options are :
- On-line training
- Train-the-mentor training
(Correct)
- Formal classroom training
- Self-paced training
- Alternating-facilitator training
Answer : Train-the-mentor training
156-215.77 Check Point Certified Security Administrator Exam Set 3
A(n)
_____________ is a quantitative review of risks, to determine how an
organization continue to function, in the event a risk is realized. .
Options are :
- Monitored risk process
- Full interruption test
- Information security audit
- Business impact analysis
(Correct)
- Disaster-recovery plan
Answer : Business impact analysis
Which of the following are common failures that should be addressed in an (BCP) ? (Choose THREE.)
Options are :
- Utility failures
(Correct)
- Connectivity failures
(Correct)
- Personal failures
- Hardware failures
(Correct)
- Accounting failures
Answer : Utility failures
Connectivity failures
Hardware failures
Which of the following can be stored on a workstation? (Choose TWO.)
Options are :
- Interoffice memo
(Correct)
- Payroll information
- Customer correspondence
(Correct)
- Databases
- Data objects used by many employees
Answer : Interoffice memo
Customer correspondence
156-315.77 Check Point Certified Security Expert Exam Set 7
Which of the following is NOT a concern for enterprise physical security?
Options are :
- Network Intrusion Detection Systems
(Correct)
- Dumpster diving
- Property theft
- Social engineering
- Unauthorized access to a facility
Answer : Network Intrusion Detection Systems
Which of the following should be included in an enterprise Business Continuity Plan (BCP)? (Choose THREE.)
Options are :
- Employee administrative leave
- Severe weather disasters
(Correct)
- Minor power outages
(Correct)
- Employee terminations
- Accidental or intentional data deletion
(Correct)
Answer : Severe weather disasters
Minor power outages
Accidental or intentional data deletion
_________ educate(s) security administrators and end users about organizations' security policies.
Options are :
- Acceptable-use policies
- Continuing education
- Information Security (INFOSEC) briefings
- Nondisclosure agreements
- Security-awareness training
(Correct)
Answer : Security-awareness training
156-215.77 Check Point Certified Security Administrator Test Set 6
Which types of security solutions should a home user deploy? (Choose TWO.)
Options are :
- Network intrusion-detection system
- Managed Security Gateway
- Personal firewall
(Correct)
- Anti-virus software
(Correct)
- Access control lists on a router
Answer : Personal firewall
Anti-virus software
Digital signatures are typically provided by a _______, where a third party verifies a keys authenticity.
Options are :
- Network firewall
- Certificate Authority
(Correct)
- Security administrator
- Hash function
- Domain controller
Answer : Certificate Authority
_________
intrusion detection involves comparing traffic to known characteristics
of malicious traffic, known as attack signatures.
Options are :
- Statistical anomaly
- Host
- Pattern matching
(Correct)
- Network
- Behavioral analysis
Answer : Pattern matching
156-315.77 Check Point Certified Security Expert Exam Set 6
