CISSP STUDY GUIDE QUESTIONS AND
COMPLETE ANSWERS||b
\."Safe languages" and "safe libraries" are so-called because: - Answer-They
automatically detect some forms of input attacks
\.A biometric authentication system that incorporates the results of newer
scans into a user's profile is less likely to: - Answer-Reject future authentication
attempts as the user's biometrics
slowly change over time
\.A database administrator (DBA) is responsible for carrying out security
policy, which includes controlling which users have access to which data.
The DBA has been asked to make just certain fields in some database
tables visible to some new users. What is the best course of action for the
DBA to take? - Answer-Create a view that contains only the fields that the users are
permitted to see
\.A defense-in-depth strategy for anti-malware is recommended because: - Answer-
There are many malware attack vectors
\.A list of all of the significant events that occur in an application is known
as: - Answer-Audit log
\.A qualitative risk assessment is used to identify: - Answer-Vulnerabilities, threats,
threat probabilities, and countermeasures
\.A risk manager has completed a risk analysis for an asset valued at $4000.
Two threats were identified; the ALE for one threat is $400, and the ALE
for the second threat is $500. What is the amount of loss that the
organization should estimate for an entire year? - Answer-$900
\.A security assessment discovered back doors in an application, and the
security manager needs to develop a plan for detecting and removing back
doors in the future. The most effective countermeasures that should be
chosen are: - Answer-Outside code reviews
\.A security door has been designed so that it will ignore signals from the
building's door entry system in the event of a power failure. This is known
as: - Answer-Fail closed
, \.A security engineer has recently installed a biometric system, and needs
to tune it. Currently the biometric system is rejecting too many valid,
registered users. What adjustment does the security engineer need to
make? - Answer-Reduce the False Reject Rate
\.A security engineer is soliciting bids for a software product that will
perform centralized authentication. The engineer has found two products
so far: one that is based on LDAP and one that is based on TACACS.
Which of the following statements is the best approach? - Answer-Do not consider the
TACACS-based product, consider the LDAPbased
product, and continue looking for other products
\.A security manager is developing a data classification policy. What
elements need to be in the policy? - Answer-Sensitivity levels, marking procedures,
access procedures, and
handling procedures
\.A security manager is performing a quantitative risk assessment on a
particular asset. The security manager wants to determine the quantitative
loss for a single loss based on a particular threat. The correct way to
calculate this is: - Answer-Multiply the asset's value times the exposure factor
\.A security manager is performing a quantitative risk assessment on a
particular asset. The security manager wants to estimate the yearly loss
based on a particular threat. The correct way to calculate this is: - Answer-Multiply the
single loss expectancy times the annualized rate of
occurrence
\.A security manager needs to perform a risk assessment on a critical
business application in order to determine what additional controls may be
needed to protect the application and its databases. The best approach to
performing this risk assessment is: - Answer-Perform a qualitative risk assessment first,
then perform a
quantitative risk assessment
\.A smart card is a good form of two-factor authentication because: - Answer-It contains
a certificate on a microchip that is resistant to cloning
or cracking
\.A system administrator needs to harden a server. The most effective
approach is: - Answer-Remove unneeded services, disable unused ports, and remove
unneeded accounts
\.A user, Bill, has posted a link on a web site that causes unsuspecting users
to transfer money to Bill if they click the link. The link will only work for
users who happen to be authenticated to the bank that is the target of the
COMPLETE ANSWERS||b
\."Safe languages" and "safe libraries" are so-called because: - Answer-They
automatically detect some forms of input attacks
\.A biometric authentication system that incorporates the results of newer
scans into a user's profile is less likely to: - Answer-Reject future authentication
attempts as the user's biometrics
slowly change over time
\.A database administrator (DBA) is responsible for carrying out security
policy, which includes controlling which users have access to which data.
The DBA has been asked to make just certain fields in some database
tables visible to some new users. What is the best course of action for the
DBA to take? - Answer-Create a view that contains only the fields that the users are
permitted to see
\.A defense-in-depth strategy for anti-malware is recommended because: - Answer-
There are many malware attack vectors
\.A list of all of the significant events that occur in an application is known
as: - Answer-Audit log
\.A qualitative risk assessment is used to identify: - Answer-Vulnerabilities, threats,
threat probabilities, and countermeasures
\.A risk manager has completed a risk analysis for an asset valued at $4000.
Two threats were identified; the ALE for one threat is $400, and the ALE
for the second threat is $500. What is the amount of loss that the
organization should estimate for an entire year? - Answer-$900
\.A security assessment discovered back doors in an application, and the
security manager needs to develop a plan for detecting and removing back
doors in the future. The most effective countermeasures that should be
chosen are: - Answer-Outside code reviews
\.A security door has been designed so that it will ignore signals from the
building's door entry system in the event of a power failure. This is known
as: - Answer-Fail closed
, \.A security engineer has recently installed a biometric system, and needs
to tune it. Currently the biometric system is rejecting too many valid,
registered users. What adjustment does the security engineer need to
make? - Answer-Reduce the False Reject Rate
\.A security engineer is soliciting bids for a software product that will
perform centralized authentication. The engineer has found two products
so far: one that is based on LDAP and one that is based on TACACS.
Which of the following statements is the best approach? - Answer-Do not consider the
TACACS-based product, consider the LDAPbased
product, and continue looking for other products
\.A security manager is developing a data classification policy. What
elements need to be in the policy? - Answer-Sensitivity levels, marking procedures,
access procedures, and
handling procedures
\.A security manager is performing a quantitative risk assessment on a
particular asset. The security manager wants to determine the quantitative
loss for a single loss based on a particular threat. The correct way to
calculate this is: - Answer-Multiply the asset's value times the exposure factor
\.A security manager is performing a quantitative risk assessment on a
particular asset. The security manager wants to estimate the yearly loss
based on a particular threat. The correct way to calculate this is: - Answer-Multiply the
single loss expectancy times the annualized rate of
occurrence
\.A security manager needs to perform a risk assessment on a critical
business application in order to determine what additional controls may be
needed to protect the application and its databases. The best approach to
performing this risk assessment is: - Answer-Perform a qualitative risk assessment first,
then perform a
quantitative risk assessment
\.A smart card is a good form of two-factor authentication because: - Answer-It contains
a certificate on a microchip that is resistant to cloning
or cracking
\.A system administrator needs to harden a server. The most effective
approach is: - Answer-Remove unneeded services, disable unused ports, and remove
unneeded accounts
\.A user, Bill, has posted a link on a web site that causes unsuspecting users
to transfer money to Bill if they click the link. The link will only work for
users who happen to be authenticated to the bank that is the target of the
