CISSP PRACTICE TESTS Chapter 2 ▪Asset Security (Domain 2). Questions and answers. VERIFIED.

CISSP PRACTICE TESTS Chapter 2 ▪Asset Security (Domain 2). Questions and answers. VERIFIED. 1. Angela is an information security architect at a bank and has been assigned to ensure that transactions are secure as they traverse the network. She recommends that all transactions use TLS. What threat is the most likely attempting to stop, and what method is she using to proctect against it? A. Man-in-the-middle VPN B. Packet injection, encryption C. Sniffing, encryption D. Sniffing, TEMPEST - -C. Sniffing, encryption 2. COBIT, Control Objectives for Information and Related Technology, is a framework for IT management and governance. Which data management role is most likely to select and apply COBIT to balance the need for security controls against business requirements? A. Business owners B. Data processors C. Data owners D. Data stewards - -A. Business owners 3. What term is used to describe a starting point for a minimum security standard? A. Outline B. Baseline C. Policy D. Configuration guide - -B. Baseline 4. When media is labeled based on the classification of the data it contains, what rule is typically applied regarding labels? A. The data is labeled based on its integrity requirements. B. The media is labeled based on the highest classification level of the data it contains. C. The media is labeled with all levels of classification of the data it contains. D. The media is labeled with the lowest level of classification of the data it contains. - -B. The media is labeled based on the hightest classification level of the data it contains. 5. The need to protect sensitive data drives what administrative process? A. Information classification B. Remanence C. Transmitting dat