CISSP Lesson 10 PreTest Flashcards Preview

CISSP Exam > CISSP Lesson 10 PreTest > Flashcards

Flashcards in CISSP Lesson 10 PreTest Deck (15)
Loading flashcards...
2
Q

How often should monitoring be implemented?
A) Monthly
B) Quarterly
C) Perpetually

A

Perpetually

3
Q

Which is the best countermeasure against loss of physical and infrastructure support?
A) Have a current disaster recovery plan
B) Have multiple backup generators
C) Have multiple physical controls

A

Have a current disaster recovery plan

4
Q

What is the purpose of separation of duties?
A) Ensures that individuals are not able to perform more tasks than their security clearance allows
B) Ensures that any critical task cannot be completely executed by a single individual

A

Ensures that any critical task cannot be completely executed by a single individual

5
Q

All audit reports should include the scope of the audit.
A) TRUE
B) FALSE

A

TRUE

6
Q

Erasing files from a disk does not actually remove all of the data.
A) TRUE
B) FALSE

A

TRUE

7
Q
Which types of records should be retained by a company to support data security? Choose all that apply.
A) Employee records
B) Event logs
C) Audit trails
D) Software registration documentation
E) Backups of critical information
A

Event logs
Audit trails
Backups of critical information

8
Q

Due care is the upkeep of due diligence.
A) TRUE
B) FALSE

A

FALSE

9
Q

Which type of monitoring tools allows for a quick view of a specific metric?
A) Ad hoc
B) Real-time
C) Passive

A

Ad hoc

10
Q

Which statement is true regarding audit reports?
A) An audit report should contain as much data as possible
B) An audit report should contain as little data as possible
C) An audit report should contain only meaningful data

A

An audit report should contain only meaningful data

11
Q

Which process is often used to declassify data?
A) Purging
B) Degaussing
C) Sanitation

A

Purging

12
Q

Which type of IDS contains a database of recognized attacks?
A) Host-based
B) Signature-based
C) Behavior-based

A

Signature-based

13
Q

Which is the best countermeasure against sniffing attacks?
A) Access controls
B) Physical controls
C) Encryption

A

Encryption

14
Q
Which tools are used to scan for vulnerabilities? Choose all that apply.
A) WebSpy
B) Nessus
C) Nmap
D) WebInspect
E) NeoTrace
A

Nessus
Nmap
WebInspect

15
Q
Which steps should be taken to protect source code? Choose all that apply.
A) Archive current code
B) Maintain version change history
C) Keep patches current
D) Apply access controls
A

Archive current code

Maintain version change history

16
Q
Which events should be monitored? Choose all that apply.
A) Access to removable storage
B) Login failures
C) Logins and logouts
D) Database session start and end
A

Access to removable storage
Login failures
Logins and logouts
Database session start and end