Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

CISSP ISC2 2023 > CISSP Lesson 10 PreTest > Flashcards

CISSP Lesson 10 PreTest Flashcards

2
Q

How often should monitoring be implemented?
A) Monthly
B) Quarterly
C) Perpetually

A

Perpetually

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Which is the best countermeasure against loss of physical and infrastructure support?
A) Have a current disaster recovery plan
B) Have multiple backup generators
C) Have multiple physical controls

A

Have a current disaster recovery plan

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What is the purpose of separation of duties?
A) Ensures that individuals are not able to perform more tasks than their security clearance allows
B) Ensures that any critical task cannot be completely executed by a single individual

A

Ensures that any critical task cannot be completely executed by a single individual

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

All audit reports should include the scope of the audit.
A) TRUE
B) FALSE

A

TRUE

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Erasing files from a disk does not actually remove all of the data.
A) TRUE
B) FALSE

A

TRUE

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q 
Which types of records should be retained by a company to support data security? Choose all that apply.
A) Employee records
B) Event logs
C) Audit trails
D) Software registration documentation
E) Backups of critical information
A

Event logs
Audit trails
Backups of critical information

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Due care is the upkeep of due diligence.
A) TRUE
B) FALSE

A

FALSE

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Which type of monitoring tools allows for a quick view of a specific metric?
A) Ad hoc
B) Real-time
C) Passive

A

Ad hoc

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Which statement is true regarding audit reports?
A) An audit report should contain as much data as possible
B) An audit report should contain as little data as possible
C) An audit report should contain only meaningful data

A

An audit report should contain only meaningful data

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Which process is often used to declassify data?
A) Purging
B) Degaussing
C) Sanitation

A

Purging

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Which type of IDS contains a database of recognized attacks?
A) Host-based
B) Signature-based
C) Behavior-based

A

Signature-based

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Which is the best countermeasure against sniffing attacks?
A) Access controls
B) Physical controls
C) Encryption

A

Encryption

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q 
Which tools are used to scan for vulnerabilities? Choose all that apply.
A) WebSpy
B) Nessus
C) Nmap
D) WebInspect
E) NeoTrace
A

Nessus
Nmap
WebInspect

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q 
Which steps should be taken to protect source code? Choose all that apply.
A) Archive current code
B) Maintain version change history
C) Keep patches current
D) Apply access controls
A

Archive current code

Maintain version change history

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q 
Which events should be monitored? Choose all that apply.
A) Access to removable storage
B) Login failures
C) Logins and logouts
D) Database session start and end
A

Access to removable storage
Login failures
Logins and logouts
Database session start and end

How well did you know this?
1
Not at all
2
3
4
5
Perfectly

CISSP ISC2 2023 (90 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions