Winter Special Sale - Limited Time 60% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: 575363r9

Welcome To DumpsPedia
  1. Home
  2. Checkpoint
  3. Checkpoint Certification
  4. 156-110
  5. Check Point Certified Security Principles Associate (CCSPA) Questions and Answers

156-110 Sample Questions Answers

Questions 4

Which of the following represents a valid reason for testing a patch on a nonproduction system, before applying it to a production system?

Options:

A.

Patches may re-enable services previously disabled.

B.

Patches are a kind of virus.

C.

Patches always overwrite user data.

D.

Only patches on vendor-pressed CDs can be trusted.

E.

Patches usually break important system functionality.

Buy Now
Questions 5

A(n) _______________ is an abstract machine, which mediates all access subjects have to objects.

Options:

A.

ACL

B.

Reference monitor

C.

State machine

D.

TCB

E.

Router

Buy Now
Questions 6

You are a system administrator managing a pool of database servers. Your software vendor releases a service pack, with many new features. What should you do? (Choose TWO.)

Options:

A.

Eliminate the testing phase of change control.

B.

Read the release notes.

C.

Refuse to install the service pack.

D.

Install the service pack on all production database servers.

E.

Install the service pack on a database server, in a test environment.

Buy Now
Questions 7

Which of the following are common failures that should be addressed in an organization's Business Continuity Plan (BCP) ? (Choose THREE.)

Options:

A.

Connectivity failures

B.

Accounting failures

C.

Hardware failures

D.

Utility failures

E.

Personal failures

Buy Now
Questions 8

Which of the following is NOT a restriction, for partners accessing internal corporate resources through an extranet?

Options:

A.

Preventing modification of restricted information

B.

Using restricted programs, to access databases and other information resources

C.

Allowing access from any location

D.

Preventing access to any network resource, other than those explicitly permitted

E.

Viewing inventory levels for partner products only

Buy Now
Questions 9

A(n) _______ occurs when intrusion-detection measures fail to recognize suspicious traffic or activity.

Options:

A.

False positive

B.

False negative

C.

CIFS pop-up

D.

Threshold

E.

Alarm

Buy Now
Questions 10

Which of these strategies can be employed to test training effectiveness? (Choose THREE.)

Options:

A.

Create a survey for managers, to see if participants practice behaviors presented during training.

B.

Provide feedback forms for employees to rate instruction and training material, immediately after training has ended.

C.

Include auditors before and after the training. This checks to see if the number of security-related incidents is reduced, because of the training.

D.

Give incentives to employees who attend security-awareness training. Perform spot-checks, to see if incentives are displayed.

E.

Test employees on security concepts several months after training has ended.

Buy Now
Questions 11

Operating-system fingerprinting uses all of the following, EXCEPT ________, to identify a target operating system.

Options:

A.

Sequence Verifier

B.

Initial sequence number

C.

Address spoofing

D.

Time to Live

E.

IP ID field

Buy Now
Questions 12

What type of document contains information on alternative business locations, IT resources, and personnel?

Options:

A.

End-user license agreement

B.

Nondisclosure agreement

C.

Acceptable use policy

D.

Security policy

E.

Business continuity plan

Buy Now
Questions 13

_______ can mimic the symptoms of a denial-of-service attack, and the resulting loss in productivity can be no less devastating to an organization.

Options:

A.

ICMP traffic

B.

Peak traffic

C.

Fragmented packets

D.

Insufficient bandwidth

E.

Burst traffic

Buy Now
Questions 14

Which principle of secure design states that a security mechanism's methods must be testable?

Options:

A.

Separation of privilege

B.

Least common mechanism

C.

Complete mediation

D.

Open design

E.

Economy of mechanism

Buy Now
Questions 15

Which type of Business Continuity Plan (BCP) test involves shutting down a primary site, bringing an alternate site on-line, and moving all operations to the alternate site?

Options:

A.

Parallel

B.

Full interruption

C.

Checklist

D.

Structured walkthrough

E.

Simulation

Buy Now