CYBER SECURITY FUNDAMENTALS UPDATED 2024 PRE
TEST(QUESTIONS AND ANSWERS)CISSP COMPLETE
EXAM//ALREADY PASSED/GRADED A+
The CIA Triad
Confidentiality, Integrity, Availability
What is Maximum Tolerable Downtime (MTD) & Maximum Allowable Downtime
(MAD)?
Total length of time a process can be unavailable without causing significant harm to the
organization.
What is OECD?
Organization for Economic Cooperation and Development - Privacy Guidelines.
What is a disaster recovery plan?
A detailed process for recovering information or an IT system in the event of a
catastrophic disaster such as a fire or flood
What is click-wrap License?
Presents the user with a message on his or her computer screen, requires the user
manifest his or her compliance to the terms of the license user agreement by clicking on
an icon.
What is a shrink-wrap agreement?
A shrink wrap license is an end user agreement (EULA) that is enclosed with software
in plastic-wrapped packaging. Once the end user opens the package the, EULA is
considered to be in effect.
Quantitative Risk Analysis
What is Agile Software Development?
Evolutionary approach measured in weeks
Very Flexible & adaptable
Not predictable
Testing is done during the development
5 Phases of NIST Systems Development Life Cycle
Acquisition/Development
Implement/Assessment
Operations/Maintenance
, Sunset (disposal)
Initiation
What are Recovery Time Objectives (RTO)?
Planned time & level of services where it meets minimum services expectations.
When the BIA indicated the RTO will exceed the MTD, the owner is accepting the risk
for this period of time (planning for the disaster)
What is a Recovery Point Objective (RPO)?
A measurement of tolerable data loss
Based on time, not storage amounts
What is Footprinting?
Footprinting (also known as reconnaissance) is the technique used for gathering
information about computer systems and the entities they belong to. To get this
information, a hacker might use various tools and technologies. This information is very
useful to a hacker who is trying to crack a whole system.
What is the Plan-Do-Check-Act (PDCA)?
•Plan: identify an opportunity and plan for change
•Do: Implement the change on a small scale
•Check: analyze the results of the change
•Act: If successful implement on a wider scale; if the change did not work, begin the
cycle again
What are some Threat Modeling attributes?
•Enables informed decision making
•Can produce a prioritized list of security improvements
•Part of the design phase of SDLC
•A procedure for optimizing Network / Application / Internet Security by identifying
objectives and vulnerabilities and then defining countermeasures to prevent or mitigate
the threat
What type of encryption algorithm uses an S-Box?
Symmetric BLOCK style
Is it true if you conceal data in something other than an audio file or graphic file it
is no longer considered to be steganography but instead considered as a covert
channel?
FALSE
What are the two fundamental types of errors?
1. Errors of omission
2. Errors of commission
Define the term tertiary.
third in order or level
What is collision in reference to hashing?
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller MEGAMINDS. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for $0.00. You're not tied to anything after your purchase.
