Your company implemented a biometric-based system to control access to the computer room. When the threshold (1 to 10) is set to 5, both the False Acceptance Rate (FAR) and False Rejection Rate (FRR) are 5 out of 10. Which of the following is the best configuration to enforce the physical security of the computer room? (Wentz QOTD)
A. Lower the Crossover Error Rate (CER)
B. Raise the Equal Error Rate (EER).
C. Lower the sensitivity
D. Raise the threshold
Monthly Archives: June 2021
CISSP PRACTICE QUESTIONS – 20210623
You are implementing OpenID Connect and OAuth 2.0 to support authentication and authorization. Which of the following is used for authorization between a client and a resource server? (Wentz QOTD)
A. Assertions
B. XACML
C. Access Token
D. Bearer Token
CISSP PRACTICE QUESTIONS – 20210622
OpenID Connect is a simple identity layer on top of the OAuth 2.0 protocol. Which of the following is incorrect? (Wentz QOTD)
A. OpenID 2.0 used XML and a custom message signature scheme, while OIDC employs JSON.
B. The OpenID Provider performs authentication and provides the ID Token as a JSON Web Token.
C. The OAuth 2.0 authorization server authenticates the end-user as a human participant.
D. OAuth 2.0 specifies access tokens to access resources and standard methods to provide identity information.
CISSP PRACTICE QUESTIONS – 20210621
Which of the following RESTful API operations least hinders the integrity of data? (Wentz QOTD)
A. POST
B. GET
C. PUT
D. DELETE
CISSP PRACTICE QUESTIONS – 20210620
You are implementing IT services to support meetings. Participants rely on wireless services to access intranet resources and cast screens. To provide handy and secure wireless services, which of the following is the least concern? (Wentz QOTD)
A. 802.1X
B. Ad hoc mode
C. Captive portals
D. Automatic Private IP Addressing (APIPA)
PoC for WUSON Test Engine
WUSON Practice Field for Desktop is a Windows Form App that can send requests to the Web API on Azure Docker services and return CISSP practice questions stored in the SQL Azure.
Continue readingCISSP PRACTICE QUESTIONS – 20210619
Which of the following is not a layer two protocol in terms of the ISO OSI reference model? (Wentz QOTD)
A. SLIP
B. CSMA/CD
C. OFDM
D. PPTP
CISSP PRACTICE QUESTIONS – 20210618
PPP connects a client to the network access server (NAS) using dialup POTS, ISDN, ADSL, etc. L2TP extends PPP and connects a client to a remote NAS over the packet switching network. Which of the following is incorrect? (Wentz QOTD)
A. L2TP tunnels PPP frames to the remote network access server.
B. L2TP data messages are retransmitted when packet loss occurs.
C. PPP can optionally authenticate clients to establish the connection.
D. PPP encapsulates multiprotocol packets sent across layer 2 point-to-point links.
Security Chaos Engineering
CISSP PRACTICE QUESTIONS – 20210617
To mitigate the impact of the pandemic of COVID-19, your company decides to have half of the employees work from home (WFH), who have to connect to the VPN server using L2TP/IPsec to access the intranet resources securely. Which of the following is the best configuration required to support the WFH initiative? (Wentz QOTD)
A. AH
B. ESP
C. Tunnel mode
D. Network Address Translation-Traversal (NAT-T)