1. Home
  2. CheckPoint
  3. 156-110

Check Point Certified Security Principles Associate (CCSPA)

Exam Details

  • Exam Code
    :156-110
  • Exam Name
    :Check Point Certified Security Principles Associate (CCSPA)
  • Certification
    :CheckPoint Certification
  • Vendor
    :CheckPoint
  • Total Questions
    :100 Q&As
  • Last Updated
    :May 15, 2024

CheckPoint CheckPoint Certification 156-110 Questions & Answers

  • Question 41:

    The items listed below are examples of ___________________ controls.

    *Smart cards *Access control lists *Authentication servers *Auditing

    A. Role-based

    B. Administrative

    C. Technical

    D. Physical

    E. Mandatory

  • Question 42:

    To protect its information assets, ABC Company purchases a safeguard that costs $60,000. The annual cost to maintain the safeguard is estimated to be $40,000. The aggregate Annualized Loss Expectancy for the risks the safeguard is expected to mitigate is $50,000. At this rate of return, how long will it take ABC Company to recoup the cost of the safeguard?

    A. ABC Company will never recoup the cost of this safeguard.

    B. Less than 7 years

    C. Less than 3 years

    D. Less than 1 year

    E. Less than 5 years

  • Question 43:

    Organizations _______ risk, when they convince another entity to assume the risk for them.

    A. Elevate

    B. Assume

    C. Deny

    D. Transfer

    E. Mitigate

  • Question 44:

    A(n) _______________ is an unintended communication path that can be used to violate a system security policy.

    A. Covert channel

    B. Integrity axiom

    C. Simple rule violation

    D. Inferred fact

    E. Aggregated data set

  • Question 45:

    ____________________ educate(s) security administrators and end users about organizations' security policies.

    A. Security-awareness training

    B. Information Security (INFOSEC) briefings

    C. Acceptable-use policies

    D. Continuing education

    E. Nondisclosure agreements

  • Question 46:

    Operating-system fingerprinting uses all of the following, EXCEPT ________, to identify a target operating system.

    A. Sequence Verifier

    B. Initial sequence number

    C. Address spoofing

    D. Time to Live

    E. IP ID field

  • Question 47:

    Which of the following is the BEST method for managing users in an enterprise?

    A. Enter user data in a spreadsheet.

    B. Implement centralized access control.

    C. Deploy Kerberos.

    D. Place them in a centralized Lightweight Directory Access Protocol.

    E. Use a Domain Name System.

  • Question 48:

    You are considering purchasing a VPN solution to protect your organization's information assets. The solution you are reviewing uses RFC-compliant and open-standards encryption schemes. The vendor has submitted the system to a variety of recognized testing authorities. The vendor does not make the source code available to testing authorities. Does this solution adhere to the secure design principle of open design?

    A. No, because the software vendor could have changed the code after testing, which is not verifiable.

    B. No, because the software vendor submitted the software to testing authorities only, and did not make the software available to the public for testing.

    C. Yes, because the methods were tested by recognized testing authorities, and the source code is protected from vandalism.

    D. Yes, because the methods are open, and the system does not rely on the secrecy of its internal mechanisms to provide protection.

    E. No, because if a software vendor refuses to reveal the source code for a product, it cannot comply with the open-design principle.

  • Question 49:

    ____________________ is the state of being correct, or the degree of certainty a person or process can have, that the data in an information asset is correct.

    A. Confidentiality

    B. Integrity

    C. Authenticity

    D. Privacy

    E. Availability

  • Question 50:

    Distinguish between the role of the data owner and the role of the data custodian. Complete the following sentence. The data owner is the:

    A. department in the organization responsible for the data's physical storage location. The data custodian is anyone who has access the data for any reason.

    B. person or entity who accesses/and or manipulates data or information, in the course of assigned duties. The data custodian is a person or process with the appropriate level of privilege to access the data.

    C. person or entity ultimately responsible for the security of an information asset. The data custodian is the person or entity responsible for imposing and enforcing policies and restrictions, dictated by the data owner.

    D. person or process that originally creates the information. The data custodian is a role that shifts to any person or process currently accessing the data, and passes to the next person or process to access the data.

    E. person or entity responsible for imposing and enforcing policies and restrictions, dictated by the functional user. The data custodian is a person or process who accesses and/or manipulates the information.

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CheckPoint exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 156-110 exam preparations and CheckPoint certification application, do not hesitate to visit our Vcedump.com to find your solutions here.