当前位置:网站首页>Daily CISSP certification common mistakes (April 15, 2022)
Daily CISSP certification common mistakes (April 15, 2022)
2022-04-23 18:18:00 【Tang Junfei - Mingxue Online】
CISSP Certification is often wrong ( From Mingxue online test platform :https://www.maxstu.com/page/1773704)
【 The answer is analyzed after the question 】
subject 1
Q: Which of the following fire extinguishing systems has the greatest accidental risk , It may damage the equipment in the data center ?
Which one of the following fire suppression systems poses the greatest risk of accidental discharge that damages equipment in a data center?
A、 Wet pipe
Wet pipe
B、 Main pipe
Dry pipe
C、 Water spray
Deluge
D、 Pretreatment system
Preaction
subject 2
Q: During software testing ,Jack Suppose a scene : A hacker wants to access the application he is reviewing .Jack Considering where hackers might start , Then he tests the system for the possible behavior of the attacker , Excuse me, Jack What kind of tests are being carried out ?
During software testing, Jack diagrams how a hacker might approach the application he is reviewing and determines what requirements the hacker might have. He then tests how the system would respond to the attacker's likely behavior. What type of testing is Jack conducting?
A、 Misuse case testing
Misuse case testing
B、 Use case testing
Use case testing
C、Hacker Use case testing
Hacker use case testing
D、 Static code analysis
Static code analysis
subject 3
Q:James Decided to implement a NAC Solution , Use the post admission principle to control the network connection . What kind of problems can't the post access principle solve ?
James has opted to implement a NAC solution that uses a post-admission philosophy for its control of network connectivity. What type of issues can't a strictly post-admission policy handle?
A、 Out of band monitoring
Out-of-band monitoring
B、 Prevent unconnected laptops from being used immediately after connecting to the network
Preventing an unpatched laptop from being exploited immediately after connecting to the network
C、 When the user behavior does not match the authorization matrix , Deny user access
Denying access when user behavior don’t match an authorization matrix
D、 When the user behavior satisfies the authorization based matrix , Allow users to access specific objects
Allowing a user access to a specific object when user behavior is allowed based on an authorization matrix
---------------
There are more free online security certification test questions and wechat learning discussion groups , You can add Mingxue online assistant vx:maxstu_com, Get and join .
---------------
subject 1
answer :A
analysis : Main pipe 、 The pipes used in the water spray and pretreatment system are normally empty , Once signs of fire are detected , The pipe is filled with water . The pipes used for wet pipes are always filled with water , If the pipe is damaged , May damage the equipment .
Dry pipe, deluge, and preaction systems all use pipes that remain empty until the system detects signs of a fire. Wet pipe systems use pipes filled with water that may damage equipment if there is damage to a pipe.
subject 2
answer :A
analysis :Jack Performing misuse case test , This test method focuses on the misuse of software . The purpose of static code testing is to check whether the code itself has defects , Instead of testing the software at runtime .Hacker Use case testing is a false word .
Jack is performing misuse case analysis, a process that tests code based on how it would perform if it was misused instead of used properly. Use case testing tests valid use cases, whereas static code analysis involves reviewing the code itself for flaws rather than testing the live software. Hacker use case testing not an industry term for a type of testing.
subject 3
answer :B
analysis : The post admission principle allows or denies access according to the user activities after connection . Since this does not check the state of the machine before connecting , Therefore, it is impossible to prevent the system from being used immediately after connection . This does not preclude out of band or in band monitoring , But it does mean : Before the system is allowed to enter the network , Strict post admission policies do not handle system checks .
A post-admission philosophy allows or denies access based on user activity after connection. Since this don’t check the status of a machine before it connects, it can't prevent the exploit of the system immediately after connection. This doesn't preclude out-of-band or in-band monitoring, but it does mean that a strictly post-admission policy won't handle system checks before the systems are admitted to the network.
版权声明
本文为[Tang Junfei - Mingxue Online]所创,转载请带上原文链接,感谢
https://yzsam.com/2022/04/202204210610263538.html
边栏推荐
- Resolves the interface method that allows annotation requests to be written in postman
- Flash operates on multiple databases
- Cygwin64 right click to add menu, and open cygwin64 here
- Docker installation MySQL
- 解决允许在postman中写入注释请求接口方法
- Jenkspy package installation
- Permission management with binary
- Arcpy adds fields and loop assignments to vector data
- Jeecg boot microservice architecture
- Install the yapiupload plug-in in idea and upload the API interface to the Yapi document
猜你喜欢
Differences between SSD hard disk SATA interface and m.2 interface (detailed summary)
【ACM】455. 分发饼干(1. 大饼干优先喂给大胃口;2. 遍历两个数组可以只用一个for循环(用下标索引--来遍历另一个数组))
How to restore MySQL database after win10 system is reinstalled (mysql-8.0.26-winx64. Zip)
Resolve the error Max virtual memory areas VM max_ map_ count [65530] is too low, increase to at least [262144]
Vulnérabilité d'exécution de la commande de fond du panneau de commande JD - freefuck
C medium? This form of
QT add external font ttf
解决报错max virtual memory areas vm.max_map_count [65530] is too low, increase to at least [262144]
Solving the problem of displaying too many unique values in ArcGIS partition statistics failed
WIN1 remote "this may be due to credssp encryption Oracle correction" solution
随机推荐
C language to achieve 2048 small game direction merging logic
多功能工具箱微信小程序源码
Crawl lottery data
GDAL + ogr learning
RC smart pointer in rust
re正則錶達式
Quantexa CDI(场景决策智能)Syneo平台介绍
Robocode tutorial 8 - advanced robot
Arcpy adds fields and loop assignments to vector data
Vulnérabilité d'exécution de la commande de fond du panneau de commande JD - freefuck
Matlab tips (6) comparison of seven filtering methods
Rust: the output information of println is displayed during the unit test
Deep learning classic network analysis and target detection (I): r-cnn
From source code to executable file
[UDS unified diagnostic service] (Supplement) v. detailed explanation of ECU bootloader development points (1)
Const keyword, variable and function are decorated with const
Custom prompt box MessageBox in QT
串口调试工具cutecom和minicom
Cygwin64 right click to add menu, and open cygwin64 here
Format problems encountered in word typesetting