CISSP (ISC)2 Certified Information Systems Security Professional Official Study Guide. Gibson Darril

Чтение книги онлайн.

СКАЧАТЬ The more complex a system, the less attack surface it generates.

      24. Ring 0, from the design architecture security mechanism known as protection rings, can also be referred to as all but which of the following?

      A. Privileged mode

      B. Supervisory mode

      C. System mode

      D. User mode

      25. Audit trails, logs, CCTV, intrusion detection systems, antivirus software, penetration testing, password crackers, performance monitoring, and cyclic redundancy checks (CRCs) are examples of what?

      A. Directive controls

      B. Preventive controls

      C. Detective controls

      D. Corrective controls

      26. System architecture, system integrity, covert channel analysis, trusted facility management, and trusted recovery are elements of what security criteria?

      A. Quality assurance

      B. Operational assurance

      C. Life cycle assurance

      D. Quantity assurance

      27. Which of the following is a procedure designed to test and perhaps bypass a system’s security controls?

      A. Logging usage data

      B. War dialing

      C. Penetration testing

      D. Deploying secured desktop workstations

      28. Auditing is a required factor to sustain and enforce what?

      A. Accountability

      B. Confidentiality

      C. Accessibility

      D. Redundancy

      29. What is the formula used to compute the ALE?

      A. ALE = AV * EF * ARO

      B. ALE = ARO * EF

      C. ALE = AV * ARO

      D. ALE = EF * ARO

      30. What is the first step of the business impact assessment process?

      A. Identification of priorities

      B. Likelihood assessment

      C. Risk identification

      D. Resource prioritization

      31. Which of the following represent natural events that can pose a threat or risk to an organization?

      A. Earthquake

      B. Flood

      C. Tornado

      D. All of the above

      32. What kind of recovery facility enables an organization to resume operations as quickly as possible, if not immediately, upon failure of the primary facility?

      A. Hot site

      B. Warm site

      C. Cold site

      D. All of the above

      33. What form of intellectual property is used to protect words, slogans, and logos?

      A. Patent

      B. Copyright

      C. Trademark

      D. Trade secret

      34. What type of evidence refers to written documents that are brought into court to prove a fact?

      A. Best evidence

      B. Payroll evidence

      C. Documentary evidence

      D. Testimonial evidence

      35. Why are military and intelligence attacks among the most serious computer crimes?

      A. The use of information obtained can have far-reaching detrimental strategic effects on national interests in an enemy’s hands.

      B. Military information is stored on secure machines, so a successful attack can be embarrassing.

      C. The long-term political use of classified information can impact a country’s leadership.

      D. The military and intelligence agencies have ensured that the laws protecting their information are the most severe.

      36. What type of detected incident allows the most time for an investigation?

      A. Compromise

      B. Denial of service

      C. Malicious code

      D. Scanning

      37. If you want to restrict access into or out of a facility, which would you choose?

      A. Gate

      B. Turnstile

      C. Fence

      D. Mantrap

      38. What is the point of a secondary verification system?

      A. To verify the identity of a user

      B. To verify the activities of a user

      C. To verify the completeness of a system

      D. To verify the correctness of a system

      39. Spamming attacks occur when numerous unsolicited messages are sent to a victim. Because enough data is sent to the victim to prevent legitimate activity, it is also known as what?

      A. Sniffing

      B. Denial of service

      C. Brute-force attack

      D. Buffer overflow attack

      40. Which type of intrusion detection system (IDS) can be considered an expert system?

      A. Host-based

      B. Network-based

      C. Knowledge-based

      D. Behavior-based

      Answers to Assessment Test

      1. C. Detective access controls are used to discover (and document) unwanted or unauthorized activity.

      2. D. Strong password choices are difficult to guess, unpredictable, and of specified minimum lengths to ensure that password entries cannot be computationally determined. They may be randomly generated and utilize all the alphabetic, СКАЧАТЬ