Black Friday Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: 70special

Examstrust Logo
examstrust mcafee
  1. Home
  2. Checkpoint
  3. Checkpoint Certification
  4. 156-110 - Check Point Certified Security Principles Associate (CCSPA)

Checkpoint 156-110 Check Point Certified Security Principles Associate (CCSPA) Exam Practice Test

Page: 1 / 0
Total 0 questions
Get 156-110 Full Access Download 156-110 PDF

Check Point Certified Security Principles Associate (CCSPA) Questions and Answers

Question 1

Which of the following are common failures that should be addressed in an organization's Business Continuity Plan (BCP) ? (Choose THREE.)

Options:

A.

Connectivity failures

B.

Accounting failures

C.

Hardware failures

D.

Utility failures

E.

Personal failures

Question 2

You are preparing a machine that will be used as a dedicated Web server. Which of the following services should NOT be removed?

Options:

A.

E. IRC

B.

SMTP

C.

FTP

D.

HTTP

E.

PVP

Question 3

A(n) _______________ is an abstract machine, which mediates all access subjects have to objects.

Options:

A.

ACL

B.

Reference monitor

C.

State machine

D.

TCB

E.

Router

Question 4

Which of the following calculations is used when selecting countermeasures?

Options:

A.

Annualized Rate of Occurrence

B.

Single Loss Expectancy

C.

Annualized Loss Expectancy

D.

Business Impact Analysis

E.

Business Continuity Plan

Question 5

To protect its information assets, ABC Company purchases a safeguard that costs $60,000. The annual cost to maintain the safeguard is estimated to be $40,000. The aggregate Annualized Loss Expectancy for the risks the safeguard is expected to mitigate is $50,000.

At this rate of return, how long will it take ABC Company to recoup the cost of the safeguard?

Options:

A.

ABC Company will never recoup the cost of this safeguard.

B.

Less than 7 years

C.

Less than 3 years

D.

Less than 1 year

E.

Less than 5 years

Question 6

Which of the following best describes the largest security challenge for Remote Offices/Branch Offices?

Options:

A.

Leased-line security

B.

Salami attacks

C.

Unauthorized network connectivity

D.

Distributed denial-of-service attacks

E.

Secure access to remote organizational resources

Question 7

The items listed below are examples of ___________________ controls.

*Procedures and policies

*Employee security-awareness training

*Employee background checks

*Increasing management security awareness

Options:

A.

Technical

B.

Administrative

C.

Role-based

D.

Mandatory

E.

Physical

Question 8

Which of the following is likely in a small-business environment?

Options:

A.

Most small businesses employ a full-time information-technology staff.

B.

Resources are available as needed.

C.

Small businesses have security personnel on staff.

D.

Most employees have experience with information security.

E.

Security budgets are very small.

Question 9

____________________ are the people who consume, manipulate, and produce information assets.

Options:

A.

Information asset owners

B.

Business-unit owners

C.

Audit-control groups

D.

Information custodians

E.

Functional users

Question 10

_______ is a method of tricking users into revealing passwords, or other sensitive information.

Options:

A.

Dumpster diving

B.

Means testing

C.

Social engineering

D.

Risk

E.

Exposure

Question 11

Which of the following is the BEST method for managing users in an enterprise?

Options:

A.

Enter user data in a spreadsheet.

B.

Implement centralized access control.

C.

Deploy Kerberos.

D.

Place them in a centralized Lightweight Directory Access Protocol.

E.

Use a Domain Name System.

Question 12

Which of the following is the MOST important consideration, when developing security- awareness training materials?

Options:

A.

Training material should be accessible and attractive.

B.

Delivery mechanisms should allow easy development of additional materials, to complement core material.

C.

Security-awareness training materials should never contradict an organizational security policy.

D.

Appropriate language should be used to facilitate localization, should training materials require translation.

E.

Written documentation should be archived, in case of disaster.

Question 13

Which of these strategies can be employed to test training effectiveness? (Choose THREE.)

Options:

A.

Create a survey for managers, to see if participants practice behaviors presented during training.

B.

Provide feedback forms for employees to rate instruction and training material, immediately after training has ended.

C.

Include auditors before and after the training. This checks to see if the number of security-related incidents is reduced, because of the training.

D.

Give incentives to employees who attend security-awareness training. Perform spot-checks, to see if incentives are displayed.

E.

Test employees on security concepts several months after training has ended.

Question 14

_______ intrusion detection involves comparing traffic to known characteristics of malicious traffic, known as attack signatures.

Options:

A.

Pattern matching

B.

Statistical anomaly

C.

Behavioral analysis

D.

Host

E.

Network

Question 15

_______ is the process of confirming that implemented security safeguards work as expected.

Options:

A.

Penetration testing

B.

Exploitation

C.

Baselining

D.

A vulnerability

E.

A countermeasure

Load More 156-110 Questions
Page: 1 / 0
Total 0 questions
Get 156-110 Full Access Download 156-110 PDF