CISSP Security Assessment Testing Security Operations Exam Set 3

Password management falls into which control category?


Options are :

  • Detective
  • Compensating
  • Preventive (Correct)
  • Technical

Answer :Preventive

Which of the following is an IDS that acquires data and defines a "normal" usage profile for the network or host?


Options are :

  • dynamical anomaly-based IDS
  • Signature-Based IDS
  • inferential anomaly-based IDS
  • Statistical Anomaly-Based IDS (Correct)

Answer :Statistical Anomaly-Based IDS

In the course of responding to and handling an incident, you work on determining the root cause of the incident. In which step are you in?


Options are :

  • Recovery
  • Analysis and tracking (Correct)
  • Containment
  • Triage

Answer :Analysis and tracking

CISSP Security Assessment Testing Security Operations Exam Set 3

Which type of control is concerned with restoring controls?


Options are :

  • Compensating controls
  • Corrective controls (Correct)
  • Detective controls
  • Preventive contr

Answer :Corrective controls

Which of the following is used to create parity information?


Options are :

  • a clustering code
  • a striping code
  • a hamming code (Correct)
  • a mirroring code

Answer :a hamming code

The MAIN issue with Level 1 of RAID is which of the following?


Options are :

  • It is relatively unreliable.
  • It is difficult to recover
  • It is very expensive. (Correct)
  • It causes poor performance.

Answer :It is very expensive.

CISSP - Security Assessment and Testing Mock

You work in a police department forensics lab where you examine computers for evidence of crimes. Your work is vital to the success of the prosecution of criminals. One day you receive a laptop and are part of a two-man team responsible for examining it together. However, it is lunch time and after receiving the laptop you leave it on your desk and you both head out to lunch.What critical step in forensic evidence have you forgotten?


Options are :

  • Cracking the admin password with chntpw
  • Making a disk image for examination
  • Locking the laptop in your desk
  • Chain of custody (Correct)

Answer :Chain of custody

Which element must computer evidence have to be admissible in court?


Options are :

  • It must be annotated.
  • It must be relevant. (Correct)
  • It must be printed.
  • It must contain source code.

Answer :It must be relevant.

Which of the following is an unintended communication path that is NOT protected by the system's normal security mechanisms?


Options are :

  • A protection domain
  • A maintenance hook
  • A trusted path
  • covert channel (Correct)

Answer :covert channel

CISSP Security Engineering Certification Practice Exam Set 5

Why would anomaly detection IDSs often generate a large number of false positives?


Options are :

  • Because they are application-based are more subject to attacks.
  • Because they can't identify abnormal behavior.
  • Because they can only identify correctly attacks they already know about.
  • Because normal patterns of user and system behavior can vary wildly. (Correct)

Answer :Because normal patterns of user and system behavior can vary wildly.

Which backup method is used if backup time is critical and tape space is at an extreme premium?


Options are :

  • Full backup method.
  • Differential backup method.
  • Tape backup method.
  • Incremental backup method. (Correct)

Answer :Incremental backup method.

CISSP Security Engineering Certification Practical Exam Set 5

Hierarchical Storage Management (HSM) is commonly employed in:


Options are :

  • very small data retrieval systems.
  • most data retrieval systems
  • shorter data retrieval systems
  • very large data retrieval systems (Correct)

Answer :very large data retrieval systems

A hardware RAID implementation is usually:


Options are :

  • operating system dependent.
  • platform-independent. (Correct)
  • software dependent.
  • platform-dependent

Answer :platform-independent.

Which of the following tape formats can be used to backup data systems in addition to its original intended audio uses?


Options are :

  • Digital Analog Tape (DAT).
  • Digital Video Tape (DVT).
  • Digital Audio Tape (DAT). (Correct)
  • Digital Voice Tape (DVT).

Answer :Digital Audio Tape (DAT).

CISSP - Security Engineering Mock Questions

Which of the following activities would not be included in the contingency planning process phase?


Options are :

  • Development of recovery scenarios
  • Assessment of threat impact on the organization
  • Prioritization of applications
  • Development of test procedures (Correct)

Answer :Development of test procedures

Which backup method only copies files that have been recently added or changed and also leaves the archive bit unchanged?


Options are :

  • Full backup method
  • Differential backup method (Correct)
  • Incremental backup method
  • Fast backup method

Answer :Differential backup method

Which of the following defines when RAID separates the data into multiple units and stores it on multiple disks?


Options are :

  • screening
  • shadowing
  • scanning
  • striping (Correct)

Answer :striping

CISSP - Mock Questions with all domains

Which RAID Level often implements a one-for-one disk to disk ratio?


Options are :

  • RAID Level 1 (Correct)
  • RAID Level 0
  • RAID Level 5
  • RAID Level 2

Answer :RAID Level 1

What is the PRIMARY purpose of using redundant array of inexpensive disks (RAID) level zero?


Options are :

  • To provide fault tolerance and protection against file server hard disk crashes.
  • To maximize usage of hard disk space.
  • To improve system performance. (Correct)
  • To implement integrity.

Answer :To improve system performance.

RAID Level 1 mirrors the data from one disk or set of disks using which of the following techniques?


Options are :

  • Establishing dual addressing to another disk or set of disks.
  • Establishing dual connectivity to another disk or set of disks.
  • Duplicating the data onto another disk or set of disks. (Correct)
  • Moving the data onto another disk or set of disks.

Answer :Duplicating the data onto another disk or set of disks.

CISSP - Security Operations Mock Questions

Which of the following is the most important consideration in locating an alternate computing facility during the development of a disaster recovery plan?


Options are :

  • It is convenient to airports and hotels.
  • It is unlikely to be affected by the same disaster (Correct)
  • It is close enough to become operational quickly
  • It is close enough to serve its users

Answer :It is unlikely to be affected by the same disaster

RAID level 10 is created by combining which of the following?


Options are :

  • level 0 (striping) with level 1 (hamming).
  • level 0 (striping) with level 1 (clustering).
  • level 0 (striping) with level 1 (mirroring). (Correct)
  • level 0 (striping) with level 2 (hamming).

Answer :level 0 (striping) with level 1 (mirroring).

Which of the following should be emphasized during the Business Impact Analysis (BIA) considering that the BIA focus is on business processes?


Options are :

  • Dependencies (Correct)
  • Service levels
  • Priorities
  • Composition

Answer :Dependencies

CISSP - Security Operations Mock Questions

Contracts and agreements are often times unenforceable or hard to enforce in which of the following alternate facility recovery agreement?


Options are :

  • hot site.
  • cold site.
  • warm site.
  • reciprocal agreement. (Correct)

Answer :reciprocal agreement.

Which of the following answers BEST indicates the most important part of a data backup plan?


Options are :

  • A reliable network infrastructure
  • Testing the backups with restore operations (Correct)
  • Expensive backup hardware
  • An effective backup plan

Answer :Testing the backups with restore operations

A group of independent servers, which are managed as a single system, that provides higher availability, easier manageability, and greater scalability is:


Options are :

  • server cluster. (Correct)
  • host cluster.
  • client cluster.
  • guest cluster.

Answer :server cluster.

CISSP Security Engineering Certification Practical Exam Set 4

If any server in the cluster crashes, processing continues transparently, however, the cluster suffers some performance degradation. This implementation is sometimes called a:


Options are :

  • host farm
  • client farm
  • cluster farm
  • server farm (Correct)

Answer :server farm

Which of the following recovery plan test results would be most useful to management?


Options are :

  • elapsed time to perform various activities.
  • amount of work completed.
  • description of each activity.
  • list of successful and unsuccessful activities (Correct)

Answer :list of successful and unsuccessful activities

A server cluster looks like a:


Options are :

  • single server from the user's point of view. (Correct)
  • dual server from the user's point of view.
  • triple server from the user's point of view.
  • quadruple server from the user's point of view.

Answer :single server from the user's point of view.

CISSP - Security and Risk Management Pratice Questions

Which of the following security controls is intended to bring an environment back to regular operation?


Options are :

  • Deterrent
  • Preventive
  • Recovery (Correct)
  • Corrective

Answer :Recovery

Which of the following RAID levels is not used in practice and was quickly superseded by the more flexible levels?


Options are :

  • RAID Level 7
  • RAID Level 1
  • RAID Level 2 (Correct)
  • RAID Level 0

Answer :RAID Level 2

An incremental backup process


Options are :

  • Backs up all the data and changes the archive bit to 0.
  • Backs up all the files that have changed since the last full or incremental backup and sets the archive bit to 0. (Correct)
  • Backs up the files that been modified since the last full backup. It does not change the archive bit value.
  • Backs up all the data and changes the archive bit to 1.

Answer :Backs up all the files that have changed since the last full or incremental backup and sets the archive bit to 0.

CISSP - Mock Questions with all domains

When RAID runs as part of the operating system on the file server, it is an example of a:


Options are :

  • hardware implementation.
  • software implementation. (Correct)
  • server implementation.
  • network implementation.

Answer :software implementation.

Which of the following backup methods makes a complete backup of every file on the server every time it is run?


Options are :

  • The full backup method. (Correct)
  • The differential backup method.
  • The incremental backup method.
  • The tape backup method.

Answer :The full backup method.

Which of the following backup methods is primarily run when time and tape space permits, and is used for the system archive or baselined tape sets


Options are :

  • full backup method. (Correct)
  • differential backup method.
  • incremental backup method.
  • tape backup method.

Answer :full backup method.

CISSP Security Engineering Certification Practical Exam Set 6

Which of the following backup method must be made regardless of whether Differential or Incremental methods are used?


Options are :

  • Incremental backup method.
  • Tape backup method.
  • Full Backup Method (Correct)
  • Supplemental backup method.

Answer :Full Backup Method

Which backup method does not reset the archive bit on files that are backed up?


Options are :

  • Full backup method
  • Incremental backup method
  • Additive backup method
  • Differential backup method (Correct)

Answer :Differential backup method

This type of backup management provides a continuous on-line backup by using optical or tape "jukeboxes," similar to WORMs (Write Once, Read Many):


Options are :

  • Hierarchical Storage Management (HSM). (Correct)
  • Hierarchical Resource Management (HRM).
  • Hierarchical Instance Management (HIM).
  • Hierarchical Access Management (HAM).

Answer :Hierarchical Storage Management (HSM).

CISSP Communication and Network Security Practice Exam Set 7

Which of the following answers is directly related to providing High Availability to your users?


Options are :

  • Senior Executive Support
  • Updated Antivirus Software
  • Good hiring practices
  • Backup data circuits (Correct)

Answer :Backup data circuits

The only difference between RAID 3 and RAID 4 is that level 3 is implemented at the byte level while level 4 is usually implemented at which of the following?


Options are :

  • Buffer level.
  • Channel level.
  • Block level. (Correct)
  • Bridge level.

Answer :Block level.

Which of the following items is NOT primarily used to ensure integrity?


Options are :

  • Cyclic Redundancy Check (CRC)
  • Redundant Array of Inexpensive Disks (RAID) system (Correct)
  • Hashing Algorithms
  • The Biba Security model

Answer :Redundant Array of Inexpensive Disks (RAID) system

CISSP Security Engineering Certification Practical Exam Set 1

Which of the following stripes the data and the parity information at the block level across all the drives in the set?


Options are :

  • RAID Level 0
  • RAID Level 2
  • RAID Level 5 (Correct)
  • RAID Level 1

Answer :RAID Level 5

Physically securing backup tapes from unauthorized access is obviously a security concern and is considered a function of the:


Options are :

  • Operations Security Domain. (Correct)
  • Business Continuity Planning and Disaster Recovery Planning.
  • Telecommunications and Network Security Domain.
  • Operations Security Domain Analysis.

Answer :Operations Security Domain.

Which backup method is additive because the time and tape space required for each night's backup grows during the week as it copies the day's changed files and the previous days' changed


Options are :

  • The incremental backup method.
  • The tape backup method.
  • The differential backup method. (Correct)
  • The full backup method.

Answer :The differential backup method.

CISSP Security Engineering Certification Practical Exam Set 9

Fault tolerance countermeasures are designed to combat threats to which of the following?


Options are :

  • an uninterruptible power supply.
  • data integrity.
  • backup and retention capability.
  • design reliability (Correct)

Answer :design reliability

Comment / Suggestion Section
Point our Mistakes and Post Your Suggestions