CISSP - Question Bank 14

Test your knowledge of CISSP with these multiple choice questions. Each Question Bank includes 20 practice questions that have been designed to measure your knowledge of key ideas.

A key factor to keep in mind is that guessing is better than not answering a question.

Every single question on the CISSP exam is a four-option multiple choice question with a single correct answer. Some are straightforward, such as asking you to select a definition. Some are a bit more involved, such as asking you to select the appropriate concept or best practice. And some questions present you with a scenario or situation and ask you to select the best response.

Start

Q1. What is a methodical examination or review of an environment to ensure compliance with regulations and to detect abnormalities, unauthorized occurrences, or outright crimes?

A. Penetration testing
B. Auditing
C. Risk analysis
D. Entrapment

View Answer
The Correct Answer is B.
Explanation: Auditing is a methodical examination or review of an environment to ensure compliance with regulations and to detect abnormalities, unauthorized occurrences, or outright crimes.
Q2. Which of the following is not considered a type of auditing activity?

A. Recording of event data
B. Data reduction
C. Log analysis
D. Deployment of countermeasures

View Answer
The Correct Answer is D.
Explanation: Deployment of countermeasures is not considered a type of auditing activity; rather, it’s an active attempt to prevent security problems.
Q3. Monitoring can be used to perform all but which of the following?

A. Detect availability of new software patches
B. Detect malicious actions by subjects
C. Detect attempted intrusions
D. Detect system failures

View Answer
The Correct Answer is A.
Explanation: Monitoring is not used to detect the availability of new software patches.
Q4. What provides data for re-creating step-by-step the history of an event, intrusion, or system failure?

A. Security policies
B. Log files
C. Audit reports
D. Business continuity planning

View Answer
The Correct Answer is B.
Explanation: Log files provide an audit trail for re-creating step-by-step the history of an event, intrusion, or system failure. An audit trail is used to reconstruct an event, to extract information about an incident, to prove or disprove culpability, and much more.
Q5. What is the frequency of an IT infrastructure security audit or security review based on?

A. Asset value
B. Management discretion
C. Risk
D. Level of realized threats

View Answer
The Correct Answer is C.
Explanation: The frequency of an IT infrastructure security audit or security review is based on risk. You must establish the existence of sufficient risk to warrant the expense of and interruption caused by a security audit on a more or less frequent basis.
Q6. Failure to perform which of the following can result in the perception that due care is not being maintained?

A. Periodic security audits
B. Deployment of all available safeguards
C. Performance reviews
D. Creating audit reports for shareholders

View Answer
The Correct Answer is A.
Explanation: Failing to perform periodic security audits can result in the perception that due care is not being maintained. Such audits alert personnel that senior management is practicing due diligence in maintaining system security.
Q7. Audit trails are considered to be what type of security control?

A. Administrative
B. Passive
C. Corrective
D. Physical

View Answer
The Correct Answer is B.
Explanation: Audit trails are a passive form of detective security control. Administrative, corrective, and physical security controls are active ways to maintain security.
Q8. Which essential element of an audit report is not considered to be a basic concept of the audit?

A. Purpose of the audit
B. Recommendations of the auditor
C. Scope of the audit
D. Results of the audit

View Answer
The Correct Answer is B.
Explanation: Recommendations of the auditor are not considered basic and essential concepts to be included in an audit report. Key elements of an audit report include the purpose, scope, and results of the audit.
Q9. Why should access to audit reports be controlled and restricted?

A. They contain copies of confidential data stored on the network.
B. They contain information about the vulnerabilities of the system.
C. They are useful only to upper management.
D. They include the details about the configuration of security controls.

View Answer
The Correct Answer is B.
Explanation: Audit reports should be secured because they contain information about the vulnerabilities of the system. Disclosure of such vulnerabilities to the wrong person could lead to security breaches.
Q10. What are used to inform would-be intruders or those who attempt to violate security policy that their intended activities are restricted and that any further activities will be audited and monitored?

A. Security policies
B. Interoffice memos
C. Warning banners
D. Honey pots

View Answer
The Correct Answer is C.
Explanation: Warning banners are used to inform would-be intruders or those who attempt to violate the security policy that their intended activities are restricted and that any further activities will be audited and monitored.
Q11. Which of the following focuses more on the patterns and trends of data rather than the actual content?

A. Keystroke monitoring
B. Traffic analysis
C. Event logging
D. Security auditing

View Answer
The Correct Answer is B.
Explanation: Traffic analysis focuses more on the patterns and trends of data rather than the actual content. Such an analysis offers insight into primary communication routes, sources of encrypted traffic, location of primary servers, primary and backup communication pathways, amount of traffic supported by the network, typical direction of traffic flow, frequency of communications, and much more.
Q12. Which of the following activities is not considered a valid form of penetration testing?

A. Denial of service attacks
B. Port scanning
C. Distribution of malicious code
D. Packet sniffing

View Answer
The Correct Answer is C.
Explanation: Distribution of malicious code will almost always result in damage or loss of assets. Thus, it is not an element of penetration testing under any circumstance, even if it’s done with the approval of upper management.
Q13. The act of searching for unauthorized modems is known as ___________________.

A. Scavenging
B. Espionage
C. System auditing
D. War dialing

View Answer
The Correct Answer is D.
Explanation: War dialing is the act of searching for unauthorized modems that will accept inbound calls on an otherwise secure network in an attempt to gain access.
Q14. Which of the following is not a useful countermeasure to war dialing?

A. Restricted and monitored Internet access
B. Imposing strong remote access security
C. Callback security
D. Call logging

View Answer
The Correct Answer is A.
Explanation: Users often install unauthorized modems because of restricted and monitored Internet access. Because war dialing is often used to locate unauthorized modems, restricting and monitoring Internet access wouldn’t be an effective countermeasure.
Q15. The standard for study and control of electronic signals produced by various types of electronic hardware is known as ___________________.

A. Eavesdropping
B. TEMPEST
C. SESAME
D. Wiretapping

View Answer
The Correct Answer is B.
Explanation: TEMPEST is the standard that defines the study and control of electronic signals produced by various types of electronic hardware.
Q16. Searching through the refuse, remains, or leftovers from an organization or operation to discover or infer confidential information is known as ___________________.

A. Impersonation
B. Dumpster diving
C. Social engineering
D. Inference

View Answer
The Correct Answer is B.
Explanation: Dumpster diving is the act of searching through the refuse, remains, or leftovers from an organization or operation to discover or infer confidential information.
Q17. Which of the following is not an effective countermeasure against inappropriate content being hosted or distributed over a secured network?

A. Activity logging
B. Content filtering
C. Intrusion detection system
D. Penalties and termination for violations

View Answer
The Correct Answer is C.
Explanation: An IDS is not a countermeasure against inappropriate content.
Q18. One of the most common vulnerabilities of an IT infrastructure and hardest to protect against is the occurrence of ___________________.

A. Errors and omissions
B. Inference
C. Data destruction by malicious code
D. Data scavenging

View Answer
The Correct Answer is A.
Explanation: One of the most common vulnerabilities and hardest to protect against is the occurrence of errors and omissions.
Q19. The willful destruction of assets or elements within the IT infrastructure as a form of revenge or justification for perceived wrongdoing is known as ___________________.

A. Espionage
B. Entrapment
C. Sabotage
D. Permutation

View Answer
The Correct Answer is C.
Explanation: The willful destruction of assets or elements within the IT infrastructure as a form of revenge or justification for perceived wrongdoing is known as sabotage.
Q20. What is the most common reaction to the loss of physical and infrastructure support?

A. Deploying OS updates
B. Vulnerability scanning
C. Waiting for the event to expire
D. Tightening of access controls

View Answer
The Correct Answer is C.
Explanation: In most cases, you must simply wait until the emergency or condition expires and things return to normal.

Copyright © 2018 | All Rights Reserved | Designed & Developed by Yeahhub.com