CISSP Asset Security Practice Exam Final File Trabslate Exam Set 2

You have been tasked to develop an effective data classification program. Which of the following measures must be carried out first?


Options are :

  • Determination of the criteria to determine how the information is classified as (Correct)
  • To establish procedures on a regular basis classification and ownership
  • Configure the security checks required for each classification level
  • None
  • Identify the custodian of information, which are responsible for ensuring that the security level of data

Answer : Determination of the criteria to determine how the information is classified as

CISSP Security Engineering Certification Practical Exam Set 2

Which type of attack would be the best competitive intelligence to classify the attack?


Options are :

  • intelligence attack
  • economic attack
  • Business assault (Correct)
  • Grudge attack
  • None

Answer : Business assault

What are the components of the object sensitivity label?


Options are :

  • One of the classification and Tray Set (Correct)
  • One of the classification and a single space.
  • Determination and classification of user data.
  • None
  • Set categorization and a single space.

Answer : One of the classification and Tray Set

Which of the following is NOT responsible for the information (data) the owner?


Options are :

  • None
  • By sharing responsibility guardians of protection of information.
  • Periodic re-classification tasks against business needs.
  • Determine what level of classification of information requests.
  • Running regular backups and periodically testing the validity of the backup data (Correct)

Answer : Running regular backups and periodically testing the validity of the backup data

Who can best decide what to have sufficient technical security controls on computer based search system with regard to use of data protection, criticality of the data, and its sensitivity level?


Options are :

  • System auditor
  • None
  • System Manager
  • Or user data
  • Or the owner of the data (Correct)

Answer : Or the owner of the data

Which of the following is NOT a media viability of the controller, which is used to protect the viability of the data storage media?


Options are :

  • make
  • storage
  • None
  • reading
  • clearing (Correct)

Answer : clearing

What is not a proper part of the following Media Viability Controls?


Options are :

  • storage
  • Writing (Correct)
  • make
  • reading
  • None

Answer : Writing

What is the main problem of media re-use?


Options are :

  • flushing
  • Media destruction
  • degaussing
  • None
  • data retentivity (Correct)

Answer : data retentivity

When it comes to cleaning the magnetic media between what a difference can be made clearing and purging?


Options are :

  • Both include rewriting the media.
  • Draining to empty the media while rinsing to remove only the file headers, in which case the recovery files.
  • Clearing makes data unrecoverable laboratory against attack and to clean the keyboard makes data unrecoverable attack.
  • Clearing keyboard makes data unrecoverable attack and makes the cleaning of contaminated laboratory data against attack. (Correct)
  • None

Answer : Clearing keyboard makes data unrecoverable attack and makes the cleaning of contaminated laboratory data against attack.

CISSP Security Engineering Certification Practice Exam Set 10

Which of the following logical responsibilities involvers variable data before, or it is fed to a computer?


Options are :

  • viruses
  • None
  • Salami techniques
  • Trojans
  • data diddling (Correct)

Answer : data diddling

US-EU Safe Harbor process is created to meet which of the following?


Options are :

  • Protection of personal data transferred to the US and European companies (Correct)
  • the confidentiality of European and international data to be transferred business
  • between the confidentiality of the data transferred to the US and European companies
  • the integrity of the data transferred to the US and European companies
  • None

Answer : Protection of personal data transferred to the US and European companies

US Department of Health, Education and Welfare compiled a list of fair information practices focused on the privacy of an individual, personally identifiable information. Which of the following is incorrect?


Options are :

  • Any organization creating, maintaining, using, or distributing the book personally identifiable information to ensure data reliability with their intended use and must precautions wrong information.
  • There must be a recording of personal data in the system, the existence of which must be kept secret. (Correct)
  • There must be a way to prevent personal information about them, which were obtained for one purpose, use or made available for any other purpose without their consent.
  • None
  • There must be a means to a person to find out what information about them is there and how it is used.

Answer : There must be a recording of personal data in the system, the existence of which must be kept secret.

What level of assurance digital certificate verifies the user's name, address, ID number and other information received from a credit bureau in the database?


Options are :

  • Level 3 / Grade 3
  • Level 1 / Class 1
  • None
  • .Level 2 / Class 2 (Correct)
  • Level 4 / Class 4

Answer : .Level 2 / Class 2

According to Requirement 3 The Payment Card Industry Data Security Standard (PCI DSS) is a requirement of cardholder data ‚ Ä úprotect stored. Which of the following items can not be stored in the merchant?


Options are :

  • None
  • Expiration date
  • Primary account number
  • Card holder's name
  • Card Verification (CVV2) (Correct)

Answer : Card Verification (CVV2)

Electrical appliance (AC or DC), which can generate the magnetic coercive force is to reduce the magnetic flux density in a zero magnetic recording medium or other media is called:


Options are :

  • None
  • a magnetic field.
  • magnetic remanence.
  • magnetic saturation.
  • degausser (Correct)

Answer : degausser

CISSP Security Engineering Certification Practical Exam Set 3

Which of the following method is recommended for professional security forces to permanently delete sensitive data on magnetic media?


Options are :

  • None
  • format magnetic media
  • degaussing (Correct)
  • Overwrite all sectors on a magnetic pattern of 1's and 0's
  • Delete the file allocation table

Answer : degaussing

Degaussing is used to delete the data from all of the following media except:


Options are :

  • Read-Only Media (Correct)
  • None
  • video tapes
  • Floppy Disks
  • magnetic hard drives

Answer : Read-Only Media

What is the protocol used for e-wallet customer's computer and sends the encrypted credit card information to the merchant's web server, which digitally signs it and sends it to its processing in the bank?


Options are :

  • S / MIME (Secure MIME)
  • SET (Secure Electronic Transaction) (Correct)
  • SSL (Secure Sockets Layer)
  • SSH (Secure Shell)
  • None

Answer : SET (Secure Electronic Transaction)

What is the safest way to dispose of information on the CD-ROM?


Options are :

  • None
  • degaussing
  • physical damage
  • sanitizing
  • the physical destruction of the (Correct)

Answer : the physical destruction of the

A typical computer scammers are usually people who have the following features?


Options are :

  • None
  • They have had previous contact with law enforcement authorities
  • They conspire with others
  • They have the confidence (Correct)
  • They differ from the accepted norms of society

Answer : They have the confidence

Which best describes your situation, when a worker is cutting the pennies from multiple accounts and deposit funds into your bank account?


Options are :

  • None
  • data fiddling
  • Trojans
  • data diddling
  • Salami techniques (Correct)

Answer : Salami techniques

CISSP - Security and Risk Management Pratice Questions

Which of the following is the most reliable, secure way to delete data from magnetic storage media such as magnetic tape or cassette?


Options are :

  • Zeroization
  • Buffer overflow
  • Parity Bit Manipulation
  • None
  • degaussing (Correct)

Answer : degaussing

Which of the following refers to the information left to the media when the media is removed?


Options are :

  • semi-hidden
  • recovery
  • None
  • sticky bits
  • retentivity (Correct)

Answer : retentivity

What principles relating to the following European Union (EU) data protection of individuals is incorrect?


Options are :

  • The accounts of the individual should be accurate and up to date.
  • the organization collected data can be used for any purpose, and for as long as is necessary, as long as it is not communicated to the outside of the organization, where it is collected. (Correct)
  • Individuals have the right to correct errors contained in their personal information.
  • Transmission of personal data where the "equivalent" protection of personal data can not be guaranteed, is prohibited.
  • None

Answer : the organization collected data can be used for any purpose, and for as long as is necessary, as long as it is not communicated to the outside of the organization, where it is collected.

n Mandatory Access Control, sensitivity labels to resist contains what information?


Options are :

  • None
  • transmission classification
  • Embryonic need to know
  • Embryo classification and category set (Correct)
  • transmission class

Answer : Embryo classification and category set

Which of the following best describes the term vulnerability, which potentially can be exploited?


Options are :

  • Risk
  • Objective assessment (toe)
  • susceptibility (Correct)
  • threat
  • None

Answer : susceptibility

Telecommunications Security Domain Security also applies to the prevention and detection of abuse or systems which are a threat to the principles:


Options are :

  • None
  • Confidentiality, integrity and authenticity (C.I.A.).
  • Confidentiality, integrity and Entity (C.I.E.).
  • Confidentiality, integrity and responsibility (C.I.L.)
  • Confidentiality, integrity and availability (C.I.A.). (Correct)

Answer : Confidentiality, integrity and availability (C.I.A.).

Access control systems and related networks is essential to the preservation of their:


Options are :

  • Authenticity, confidentiality, integrity and availability.
  • Integrity and availability.
  • None
  • Authenticity, confidentiality and availability
  • Confidentiality, integrity and availability (Correct)

Answer : Confidentiality, integrity and availability

What can be defined as secret communications with the existence of the message is hidden?


Options are :

  • clusters
  • None
  • cryptology
  • steganography (Correct)
  • Vernam cipher

Answer : steganography

CISSP - Security and Risk Management Pratice Questions

Which of the following computer crime is most often associated with INSIDERS?


Options are :

  • data diddling (Correct)
  • password sniffer
  • None
  • A denial of service attack (DoS)
  • IP spoofing

Answer : data diddling

Comment / Suggestion Section
Point our Mistakes and Post Your Suggestions