ebook img

CISSP Practice Exams PDF

461 Pages·2018·10.813 MB·English
Save to my drive
Quick download
Download
Most books are stored in the elastic cloud where traffic is expensive. For this reason, we have a limit on daily download.

Preview CISSP Practice Exams

All-In-One_PE / CISSP® Practice Exams, Fifth Edition / Shon Harris & Jonathan Ham / 267-1 / FM Blind Folio: i CISSP ® Practice Exams 00-FM.indd 1 08/10/18 2:06 PM All-In-One_PE / CISSP® Practice Exams, Fifth Edition / Shon Harris & Jonathan Ham / 267-1 / FM Blind Folio: ii ABOUT THE AUTHORS Shon Harris, CISSP, was the founder and CEO of Shon Harris Security LLC and Logical Security LLC, a security consultant, a former engineer in the Air Force’s Information Warfare unit, an instructor, and an author. Shon owned and ran her own training and consulting com- panies for 13 years prior to her death in 2014. She consulted with Fortune 100 corporations and government agencies on extensive security issues. She authored three best-selling CISSP books, was a contributing author to Gray Hat Hacking: The Ethical Hacker’s Handbook and Security Infor- mation and Event Management (SIEM) Implementation, and a technical editor for Information Security Magazine. Jonathan Ham, CISSP, GSEC, GCIA, GCIH, GMON, is an independent consultant who specializes in large-scale enterprise security issues, from policy and procedure, through team selec- tion and training, to implementing scalable prevention, detection, and response technologies and techniques. With a keen understanding of ROI and TCO (and an emphasis on real-world practice over products), he has helped his clients achieve greater success for over 20 years, advising in both the public and private sectors, from small startups to the Fortune 50, and the U.S. Department of Defense across multiple engaged forces. Mr. Ham has been commissioned to teach investigative techniques to the NSA, has trained NCIS investigators how to use intrusion detection technologies, has performed packet analysis from a facility more than 2,000 feet underground, and has chartered and trained the CIRT for one of the largest U.S. civilian federal agencies. In addition to his professional certifications, Mr. Ham is a Principal Instructor and Author with the SANS Institute, and is a member of the GIAC Advisory Board. He has also consistently been the highest rated trainer at Black Hat events, teaching his course on Network Forensics. His groundbreaking textbook on the topic established him as a pioneer in the field. A former combat medic with the U.S. Navy/Marine Corps, Mr. Ham has spent over a decade practicing a different kind of emergency response, volunteering and teaching for both the National Ski Patrol and the American Red Cross, as both a Senior Patroller and Instructor and a Professional Rescuer. 00-FM.indd 2 08/10/18 2:06 PM All-In-One_PE / CISSP® Practice Exams, Fifth Edition / Shon Harris & Jonathan Ham / 267-1 / FM Blind Folio: iii A Note from Jonathan Shon and I never met in person, though my career has been inextricably linked to hers for more than a decade. The first time I was ever asked to teach a class for the SANS Institute was because Shon was scheduled and couldn’t make it. I went on to teach SANS’ extremely popular CISSP prep course (Mgt414) dozens of times, and my students routinely brought her books to my classroom. As a result, I’ve gone on to teach thousands of students at both the graduate and post- graduate level, across six continents and in dozens of countries, and involving content rang- ing from hacking techniques to forensic investigations. Thanks to Shon, I am truly living the dream and giving it back in every way that I can. I am also extremely honored to have been asked by McGraw-Hill Education to continue her work. We had so very many friends in common that nearly everyone I know profes- sionally encouraged me to do it. She will be remembered with the respect of thousands of CISSPs. And mine. About the Technical Editor Daniel Carter, CCSP, CISSP, CISM, CISA, is currently working as a senior systems engineer at Johns Hopkins University & Medicine. An IT security and systems professional for almost 20 years, Daniel has worked extensively with web-based applications and infrastructure, as well as LDAP and federated identity systems, PKI, SIEM, and Linux/Unix systems. He is currently work- ing with enterprise authentication and single sign-on systems, including cloud-base deployments. Daniel holds a degree in criminology and criminal justice from the University of Maryland and a master’s degree in technology management, with a focus on homeland security management, from the University of Maryland, University College. 00-FM.indd 3 08/10/18 2:06 PM All-In-One_PE / CISSP® Practice Exams, Fifth Edition / Shon Harris & Jonathan Ham / 267-1 / FM Blind Folio: iv This page intentionally left blank 00-FM.indd 4 08/10/18 2:06 PM All-In-One_PE / CISSP® Practice Exams, Fifth Edition / Shon Harris & Jonathan Ham / 267-1 / FM Blind Folio: v CISSP ® Practice Exams Fifth Edition Shon Harris Jonathan Ham New York Chicago San Francisco Athens London Madrid Mexico City Milan New Delhi Singapore Sydney Toronto McGraw-Hill Education is an independent entity from (ISC)2® and is not affiliated with (ISC)2 in any manner. This study/ training guide and/or material is not sponsored by, endorsed by, or affiliated with (ISC)2 in any manner. This publication and accompanying media may be used in assisting students to prepare for the CISSP exam. Neither (ISC)2 nor McGraw-Hill Education warrants that use of this publication and accompanying media will ensure passing any exam. (ISC)2®, CISSP®, CAP®, ISSAP®, ISSEP®, ISSMP®, SSCP®, CCSP®, and CBK® are trademarks or registered trademarks of (ISC)2 in the United States and certain other countries. All other trademarks are trademarks of their respective owners. 00-FM.indd 5 08/10/18 2:06 PM Copyright © 2019 by McGraw-Hill Education. All rights reserved. Except as permitted under the United States Copyright Act of 1976, no part of this publication may be reproduced or distributed in any form or by any means, or stored in a database or re- trieval system, without the prior written permission of the publisher, with the exception that the program listings may be entered, stored, and executed in a computer system, but they may not be reproduced for publication. ISBN: 978-1-26-014266-2 MHID: 1-26-014266-3 The material in this eBook also appears in the print version of this title: ISBN: 978-1-26-014267-9, MHID: 1-26-014267-1. eBook conversion by codeMantra Version 1.0 All trademarks are trademarks of their respective owners. Rather than put a trademark symbol after every occurrence of a trade- marked name, we use names in an editorial fashion only, and to the benefit of the trademark owner, with no intention of infringe- ment of the trademark. Where such designations appear in this book, they have been printed with initial caps. McGraw-Hill Education eBooks are available at special quantity discounts to use as premiums and sales promotions or for use in corporate training programs. To contact a representative, please visit the Contact Us page at www.mhprofessional.com. Information has been obtained by McGraw-Hill Education from sources believed to be reliable. However, because of the pos- sibility of human or mechanical error by our sources, McGraw-Hill Education, or others, McGraw-Hill Education does not guarantee the accuracy, adequacy, or completeness of any information and is not responsible for any errors or omissions or the results obtained from the use of such information. TERMS OF USE This is a copyrighted work and McGraw-Hill Education and its licensors reserve all rights in and to the work. Use of this work is subject to these terms. Except as permitted under the Copyright Act of 1976 and the right to store and retrieve one copy of the work, you may not decompile, disassemble, reverse engineer, reproduce, modify, create derivative works based upon, transmit, distribute, disseminate, sell, publish or sublicense the work or any part of it without McGraw-Hill Education’s prior consent. You may use the work for your own noncommercial and personal use; any other use of the work is strictly prohibited. Your right to use the work may be terminated if you fail to comply with these terms. THE WORK IS PROVIDED “AS IS.” McGRAW-HILL EDUCATION AND ITS LICENSORS MAKE NO GUARANTEES OR WARRANTIES AS TO THE ACCURACY, ADEQUACY OR COMPLETENESS OF OR RESULTS TO BE OBTAINED FROM USING THE WORK, INCLUDING ANY INFORMATION THAT CAN BE ACCESSED THROUGH THE WORK VIA HYPERLINK OR OTHERWISE, AND EXPRESSLY DISCLAIM ANY WARRANTY, EXPRESS OR IMPLIED, IN- CLUDING BUT NOT LIMITED TO IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICU- LAR PURPOSE. McGraw-Hill Education and its licensors do not warrant or guarantee that the functions contained in the work will meet your requirements or that its operation will be uninterrupted or error free. Neither McGraw-Hill Education nor its licensors shall be liable to you or anyone else for any inaccuracy, error or omission, regardless of cause, in the work or for any damages resulting therefrom. McGraw-Hill Education has no responsibility for the content of any information accessed through the work. Under no circumstances shall McGraw-Hill Education and/or its licensors be liable for any indirect, incidental, special, punitive, consequential or similar damages that result from the use of or inability to use the work, even if any of them has been advised of the possibility of such damages. This limitation of liability shall apply to any claim or cause whatsoever whether such claim or cause arises in contract, tort or otherwise. All-In-One_PE / CISSP® Practice Exams, Fifth Edition / Shon Harris & Jonathan Ham / 267-1 / FM Blind Folio: vii It has been at the expense of my tribe that I have managed to continue Shon’s work. I honor them by name here, as elsewhere: 436861726C6965204D617269652048616D0D0A 56696F6C65742044616E67657220576573740D0A 5468756E646572204772657920576573740D0A 50616F6C6120436563696C696120476172636961204A756172657A0D0A They are beautiful and brilliant each, and are continue to be loved more than they may ever know, through each of these revisions, and their own. —Jonathan Ham, April 13, 2016 August 1, 2018 00-FM.indd 7 08/10/18 2:06 PM All-In-One_PE / CISSP® Practice Exams, Fifth Edition / Shon Harris & Jonathan Ham / 267-1 / FM Blind Folio: viii This page intentionally left blank 00-FM.indd 8 08/10/18 2:06 PM All-In-One_PE / CISSP® Practice Exams, Fifth Edition / Shon Harris & Jonathan Ham / 267-1 / FM CONTENTS Preface ............................................................. xi Introduction . ....................................................... xiii Chapter 1 Security and Risk Management . ................................ 1 Questions .......................................................... 2 Quick Answer Key .................................................. 20 Answers ............................................................ 21 Chapter 2 Asset Security ................................................. 71 Questions .......................................................... 72 Quick Answer Key .................................................. 78 Answers ............................................................ 79 Chapter 3 Security Architecture and Engineering .......................... 97 Questions .......................................................... 98 Quick Answer Key .................................................. 122 Answers ............................................................ 123 Chapter 4 Communication and Network Security . ........................ 195 Questions .......................................................... 196 Quick Answer Key .................................................. 212 Answers ............................................................ 213 Chapter 5 Identity and Access Management . .............................. 255 Questions .......................................................... 256 Quick Answer Key .................................................. 268 Answers ............................................................ 269 Chapter 6 Security Assessment and Testing ............................... 305 Questions .......................................................... 306 Quick Answer Key .................................................. 313 Answers ............................................................ 314 Chapter 7 Security Operations . .......................................... 331 Questions .......................................................... 332 Quick Answer Key .................................................. 348 Answers ............................................................ 349 Chapter 8 Software Development Security ................................ 391 Questions .......................................................... 392 Quick Answer Key .................................................. 404 Answers ............................................................ 405 ix 00-FM.indd 9 08/10/18 2:06 PM

See more

The list of books you might like

Most books are stored in the elastic cloud where traffic is expensive. For this reason, we have a limit on daily download.