156-110 Dumps

156-110 Braindumps

156-110 Real Questions

156-110 Practice Test

156-110 Actual Questions


killexams.com CheckPoint 156-110


Check Point Certified Security Principles Associate


https://killexams.com/pass4sure/exam-detail/156-110


QUESTION: 91

is a method of tricking users into revealing passwords, or other sensitive information.


  1. Dumpster diving

  2. Means testing

  3. Social engineering

  4. Risk

  5. Exposure


Answer: C


QUESTION: 92

Which of the following equations results in the Single Loss Expectancy for an asset?


  1. Asset Value x % Of Loss From Realized Exposure

  2. Asset Value x % Of Loss From Realized Threat

  3. Annualized Rate of Occurrence / Annualized Loss Expectancy

  4. Asset Value x % Of Loss From Realized Vulnerability

  5. Annualized Rate of Occurrence x Annualized Loss Expectancy


Answer: B


QUESTION: 93

Which encryption algorithm has the highest bit strength?


  1. AES

  2. Blowfish

  3. DES

  4. CAST

  5. Triple DES


Answer: A


QUESTION: 94

is a type of cryptography, where letters of an original message are

systematically rearranged into another sequence.


  1. Symmetric-key exchange


  2. Steganography

  3. Transposition cipher

  4. Asymmetric-key encryption

  5. Simple substitution cipher


Answer: C


QUESTION: 95

Which of the following are appropriate uses of asymmetric encryption? (Choose THREE.)


  1. Authentication

  2. Secure key-exchange mechanisms

  3. Public Web site access

  4. Data-integrity checking

  5. Sneaker net


Answer: A, B, D


QUESTION: 96

What is the purpose of resource isolation?


  1. To reduce the level of broadcast traffic on physical segments.

  2. To ensure that anyone accessing a resource has appropriate integrity.

  3. To automate the creation of access control lists and Trusted Computing Bases.

  4. To enforce access controls, and clearly separate resources from each other.

  5. To make people buy more computers than they really need.


Answer: D


QUESTION: 97

Why should user populations be segmented?


  1. To allow resources to be shared among employees

  2. To allow appropriate collaboration, and prevent inappropriate resource sharing

  3. To prevent appropriate collaboration

  4. To provide authentication services

  5. To prevent the generation of audit trails from gateway devices


Answer: B


QUESTION: 98

A(n) is an abstract machine, which mediates all access subjects have to objects.


  1. ACL

  2. Reference monitor

  3. State machine

  4. TCB

  5. Router


Answer: B


QUESTION: 99

Who should have physical access to network-connectivity devices and corporate servers?


  1. Customers and clients

  2. Accounting, information-technology, and auditing staff

  3. Managers and C-level executives

  4. Only appropriate information-technology personnel

  5. Only the maintenance staff


Answer: D


QUESTION: 100

Which of the following represents a valid reason for testing a patch on a nonproduction

system, before applying it to a production system?


  1. Patches may re-enable services previously disabled.

  2. Patches are a kind of virus.

  3. Patches always overwrite user data.

  4. Only patches on vendor-pressed CDs can be trusted.

  5. Patches usually break important system functionality.


Answer: A