CISSP Security Assessment and Testing • Complete Question Bank
Complete CISSP Security Assessment and Testing question bank — all 0 questions with answers and detailed explanations.
Refer to the exhibit. ``` [IDS Alert] Timestamp: 2024-03-15 14:32:17 Signature: ET WEB_SERVER SQL Injection Attempt Source IP: 192.168.1.105 Destination IP: 10.0.0.5 Destination Port: 80 Payload: GET /search.php?q=1' OR '1'='1' HTTP/1.1 ``` Exhibit:
Refer to the exhibit. ``` [Vulnerability Scan Report - Snippet] Host: 10.0.0.15 Port: 22/tcp Service: SSH Vulnerability: Weak SSH Cryptographic Algorithms Severity: Medium CVE: CVE-2016-0777 Fix: Disable weak ciphers (arcfour, blowfish-cbc) and enable strong ones (aes256-ctr, aes128-ctr) ``` Exhibit:
Drag steps to the numbered slots on the right, or tap a step then tap a slot.
Drag steps to the numbered slots on the right, or tap a step then tap a slot.
Drag a concept onto its matching description — or click a concept then click the description.
Symmetric block cipher
Asymmetric (public-key) cipher
Hash function
Keyed-hash message authentication code
Elliptic curve digital signature algorithm
Drag a concept onto its matching description — or click a concept then click the description.
Automated check for known vulnerabilities
Simulated attack to exploit vulnerabilities
Systematic evaluation of compliance with policies
Identification and analysis of risks
Refer to the exhibit. Vulnerability Scan Report (excerpt): Host: 192.168.1.100 Port: 443 (https) Vulnerability ID: 12345 Plugin: OpenSSL Heartbleed Detection Output: Vulnerable to Heartbleed (CVE-2014-0160) Host: 192.168.1.100 Port: 22 (ssh) Vulnerability ID: 67890 Plugin: SSH Weak MAC Algorithms Output: Server supports weak MAC algorithms (hmac-md5, hmac-sha1-96) Host: 192.168.1.100 Port: 25 (smtp) Vulnerability ID: 11111 Plugin: SMTP Open Relay Output: Server is an open relay.
Refer to the exhibit.
{
"policyName": "DataAccessPolicy",
"rules": [
{
"effect": "Allow",
"action": "read",
"resource": "customers",
"condition": {
"ipAddress": {
"cidr": "10.0.0.0/8"
}
}
},
{
"effect": "Deny",
"action": "write",
"resource": "*"
},
{
"effect": "Allow",
"action": "*",
"resource": "public_data"
}
]
}Refer to the exhibit. # Syslog configuration snippet local7.* @10.0.0.2:514 mail.* ~/var/log/maillog *.info;mail.none;authpriv.none /var/log/messages
192.168.1.10 - - [01/Jan/2023:10:15:30 +0000] "GET /index.html HTTP/1.1" 200 1234 192.168.1.10 - - [01/Jan/2023:10:15:31 +0000] "POST /login.php HTTP/1.1" 302 - 192.168.1.10 - - [01/Jan/2023:10:15:32 +0000] "GET /admin/dashboard HTTP/1.1" 401 - 192.168.1.10 - - [01/Jan/2023:10:15:33 +0000] "GET /admin/dashboard HTTP/1.1" 200 5678
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": "s3:GetObject",
"Resource": "arn:aws:s3:::example-bucket/*",
"Condition": {
"IpAddress": {
"aws:SourceIp": "10.0.0.0/8"
}
}
}
]
}CVE-2023-1234 - Apache HTTP Server 2.4.49 - Path Traversal - Severity: Critical - Exploit Available: Yes - Plugin Output: The remote web server is running Apache HTTP Server version 2.4.49 which is vulnerable to a path traversal attack.
Refer to the exhibit. Vulnerability Scan Report Excerpt: [+] SQL Injection (SQLi) - Parameter 'id' URL: https://app.example.com/item?id=123 Payload: 1' OR '1'='1 Risk: Critical CVE: CVE-2023-XXXX [+] Stored XSS - Parameter 'name' URL: https://app.example.com/profile Payload: <script>alert(1)</script> Risk: High [+] Open Redirect - Parameter 'next' URL: https://app.example.com/login?next= Payload: https://evil.com Risk: Medium