Escrito por estudiantes que aprobaron Inmediatamente disponible después del pago Leer en línea o como PDF ¿Documento equivocado? Cámbialo gratis 4,6 TrustPilot
logo-home
Examen

CISSP OFFICIAL ISC2 PRACTICE TESTS ALL DOMAINS WITH REVIEWED ANSWERS

Puntuación
-
Vendido
-
Páginas
359
Grado
A+
Subido en
10-09-2024
Escrito en
2024/2025

CISSP OFFICIAL ISC2 PRACTICE TESTS ALL DOMAINS WITH REVIEWED ANSWERS

Institución
CISSP
Grado
CISSP

Vista previa del contenido

CISSP OFFICIAL ISC2 PRACTICE
TESTS ALL DOMAINS WITH
REVIEWED ANSWERS


1. What is the final step of a quantitative risk analysis?
k k k k k k k k k k




A. Determine asset value.
k k k


B. Assess the annualized rate of occurrence.
k k k k k k


C. Derive the annualized loss expectancy.
k k k k k


D. Conduct a cost.benefit analysis. - CORRECT ANSWER-D.
k k k k k k k


The final step of a quantitative risk analysis is conducting a cost/b
k k k k k k k k k k k


enefit analysis to
k k


determine whether the organisation should implement proposed
k k k k k k k


countermeasure(s).

2. An evil twin attack that broadcasts a legitimate SSID for an una
k k k k k k k k k k k k


uthorised network is an example of what category of threat?
k k k k k k k k k




A. Spoofing
k


B. Information disclosure
k k


C. Repudiation
k


D. Tampering - CORRECT ANSWER-A.
k k k k


Spoofing attacks use falsified identities. Spoofing attacks may us
k k k k k k k k


e false IP addresses, email addresses, names, or, in the case of a
k k k k k k k k k k k k


n evil twin attack, SSIDs.
k k k k




3. Under the Digital Millennium Copyright Act (DMCA), what type
k k k k k k k k k k


of offenses do not require prompt action by an Internet service pr
k k k k k k k k k k k


ovider after it receives a notification of
k k k k k k


infringement claim from a copyright holder? k k k k k




A. Storage of information by a customer on a provider's server
k k k k k k k k k k


B. Caching of information by the provider
k k k k k k

,C. Transmission of information over the provider's network by a c
k k k k k k k k k k


ustomer
D. Caching of information in a provider search engine -
k k k k k k k k k


kCORRECT ANSWER-C. k


The DMCA states that providers are not responsible for the transi
k k k k k k k k k k


tory activities of
k k


their users. Transmission of information over a network would qu
k k k k k k k k k


alify for this exemption. The other activities listed are all nontransi
k k k k k k k k k k


tory actions that require
k k k


remediation by the provider. k k k




4. FlyAway Travel has offices in both the European Union and the
k k k k k k k k k k k


kUnited States and transfers personal information between those
k k k k k k k k


offices regularly. Which of the seven
k k k k k


requirements for processing personal information states that orgk k k k k k k


anizations must inform individuals about how the information they
k k k k k k k k


kcollect is used? k k




A. Notice
k


B. Choice
k


C. Onward Transfer
k k


D. Enforcement - CORRECT ANSWER-A.
k k k k


The Notice principle says that organizations must inform individu
k k k k k k k k


als of the information the organization collects about individuals a
k k k k k k k k k


nd how the organization will use it. These principles are based up
k k k k k k k k k k k


on the Safe Harbor Privacy Principles issued by the US Departm
k k k k k k k k k k


ent of Commerce in 2000 to help US companies comply with EU
k k k k k k k k k k k k


and Swiss privacy laws when collecting, storing, processing or tra
k k k k k k k k k


nsmitting data on EU or k k k k


Swiss citizens. k




5. Which one of the following is not one of the three common thre
k k k k k k k k k k k k k


at modeling techniques?
k k




A. Focused on assets
k k k


B. Focused on attackers
k k k


C. Focused on software
k k k

,D. Focused on social engineering - CORRECT ANSWER-D.
k k k k k k k


The three common threat modeling techniques are focused on att
k k k k k k k k k


ackers, software, k


and assets. Social engineering is a subset of attackers.
k k k k k k k k




6. Which one of the following elements of information is not consi
k k k k k k k k k k k


dered personally identifiable information that would trigger most
k k k k k k k k


US state data breach laws?
k k k k




A. Student identification number
k k k


B. Social Security number
k k k


C. Driver's license number
k k k


D. Credit card number - CORRECT ANSWER-A.
k k k k k k


Most state data breach notification laws are modeled after Califor
k k k k k k k k k


nia's law, which k k


covers Social Security number, driver's license number, state ide
k k k k k k k k


ntification card number, credit/debit card numbers, bank account
k k k k k k k k


numbers (in conjunction with a PIN or password), medical record
k k k k k k k k k


s, and health insurance information.
k k k k




7. In 1991, the federal sentencing guidelines formalized a rule tha
k k k k k k k k k k


t requires senior executives to take personal responsibility for info
k k k k k k k k k


rmation security matters. What is k k k k


the name of this rule?
k k k k




A. Due diligence rule
k k k


B. Personal liability rule
k k k


C. Prudent man rule
k k k


D. Due process rule - CORRECT ANSWER-C.
k k k k k k


The prudent man rule requires that senior executives take person
k k k k k k k k k


al responsibility
k


for ensuring the due care that ordinary, prudent individuals would
k k k k k k k k k k


exercise in the same situation. The rule originally applied to finan
k k k k k k k k k k


cial matters, but the Federal Sentencing Guidelines applied them
k k k k k k k k k


to information security matters in 1991.
k k k k k

, 8. Which one of the following provides an authentication mechani
k k k k k k k k k


sm that would be
k k k


appropriate for pairing with a password to achieve multifactor aut
k k k k k k k k k


hentication?

A. Username
k


B. PIN
k


C. Security question
k k


D. Fingerprint scan - CORRECT ANSWER-D.
k k k k k


A fingerprint scan is an example of a "something you are" factor,
k k k k k k k k k k k k


which would be k k


appropriate for pairing with a "something you know" password to
k k k k k k k k k k


achieve multifactor authentication. A username is not an authenti
k k k k k k k k


cation factor. PINs and security questions are both "something yo
k k k k k k k k k


u know," which would not achieve multifactor
k k k k k k


authentication when paired with a password because both metho k k k k k k k k


ds would come from
k k k


the same category, failing the requirement for multifactor authenti
k k k k k k k k


cation.

9. What United States government agency is responsible for adm
k k k k k k k k k


inistering the terms of safe harbor agreements between the Euro
k k k k k k k k k


pean Union and the United States under the EU Data Protection
k k k k k k k k k k k


Directive?

A. Department of Defense
k k k


B. Department of the Treasury
k k k k


C. State Department
k k


D. Department of Commerce - CORRECT ANSWER-D.
k k k k k k


The US Department of Commerce is responsible for implementin
k k k k k k k k


g the EU-US Safe
k k k


Harbor agreement. The validity of this agreement was in legal qu
k k k k k k k k k k


estion in the wake of k k k k


the NSA surveillance disclosures.
k k k

Escuela, estudio y materia

Institución
CISSP
Grado
CISSP

Información del documento

Subido en
10 de septiembre de 2024
Número de páginas
359
Escrito en
2024/2025
Tipo
Examen
Contiene
Preguntas y respuestas

Temas

$17.49
Accede al documento completo:

¿Documento equivocado? Cámbialo gratis Dentro de los 14 días posteriores a la compra y antes de descargarlo, puedes elegir otro documento. Puedes gastar el importe de nuevo.
Escrito por estudiantes que aprobaron
Inmediatamente disponible después del pago
Leer en línea o como PDF

Conoce al vendedor
Seller avatar
LectEduPdf

Conoce al vendedor

Seller avatar
LectEduPdf NURSING, ECONOMICS, MATHEMATICS, BIOLOGY, AND HISTORY MATERIALS BEST TUTORING, HOMEWORK HELP, EXAMS, TESTS, AND STUDY GUIDE MATERIALS WITH GUARANTEED A+ I am a dedicated medical practitioner with diverse knowledge in matters
Ver perfil
Seguir Necesitas iniciar sesión para seguir a otros usuarios o asignaturas
Vendido
2
Miembro desde
1 año
Número de seguidores
0
Documentos
412
Última venta
2 meses hace
WELCOME TO SOLUTIONS GRADE1 , A PLACE WHERE WE UNLOCK YOUR ACADEMIC OPPORTUNITIES On this page, you find all documents, package deals, and flashcards offered by seller Prestige

I have done papers of various topics and complexities. I am punctual and always submit work on-deadline. I write engaging and informative content on all subjects. Send me your research papers, case studies, psychology papers, etc, and I’ll do them to the best of my abilities. Writing is my passion when it comes to academic work. I’ve got a good sense of structure and enjoy finding interesting ways to deliver information in any given paper. I love impressing clients with my work, and I am very punctual about deadlines. Send me your assignment and I’ll take it to the next level. I strive for my content to be of the highest quality. Your wishes come first— send me your requirements and I’ll make a piece of work with fresh ideas, consistent structure, and following the academic formatting rules. For every student you refer to me with an order that is completed and paid transparently, I will do one assignment for you, free of charge!!!!!!!!!!!!

Lee mas Leer menos
0.0

0 reseñas

5
0
4
0
3
0
2
0
1
0

Por qué los estudiantes eligen Stuvia

Creado por compañeros estudiantes, verificado por reseñas

Calidad en la que puedes confiar: escrito por estudiantes que aprobaron y evaluado por otros que han usado estos resúmenes.

¿No estás satisfecho? Elige otro documento

¡No te preocupes! Puedes elegir directamente otro documento que se ajuste mejor a lo que buscas.

Paga como quieras, empieza a estudiar al instante

Sin suscripción, sin compromisos. Paga como estés acostumbrado con tarjeta de crédito y descarga tu documento PDF inmediatamente.

Student with book image

“Comprado, descargado y aprobado. Así de fácil puede ser.”

Alisha Student

Preguntas frecuentes