CISSP-operations Security

21 Questions | Total Attempts: 222

SettingsSettingsSettings
CISSP Quizzes & Trivia

Questions and Answers
  • 1. 
    In the event of a security incident, one of the primary objectives of the operations staff is to ensure that
    • A. 

      The attackers are detected and stopped.

    • B. 

      There is minimum disruption to the organization’s activities.

    • C. 

      Appropriate documentation about the event is maintained as chain of evidence.

    • D. 

      Th e affected systems are immediately shut off to limit to the impact.

  • 2. 
    For which of the following groups is the threat of unauthorized disclosure of sensitive information most likely to go unnoticed in the absence of auditing?
    • A. 

      Malicious software (malware)

    • B. 

      Hacker or cracker

    • C. 

      Disgruntled employee

    • D. 

      Auditors

  • 3. 
    Which of the following provides controlled and unintercepted interfaces into privileged user functions?
    • A. 

      Ring protection

    • B. 

      Anti-malware

    • C. 

      Maintenance hooks

    • D. 

      Trusted paths

  • 4. 
    Th e doors of a data center opens up in the event of a fi re. Th is is an example of
    • A. 

      Fail-safe

    • B. 

      Fail-secure

    • C. 

      Fail-open

    • D. 

      Fail-closed

  • 5. 
    In order to ensure constant redundancy and fault-tolerance, which of the following type of spare is recommended?
    • A. 

      Cold spare

    • B. 

      Warm spare

    • C. 

      Hot spare

    • D. 

      Archives

  • 6. 
    If speed is preferred over resilience, which of the following RAID confi guration is the most suited?
    • A. 

      RAID 0

    • B. 

      RAID 1

    • C. 

      RAID 5

    • D. 

      RAID 10

  • 7. 
    Updating records in multiple locations or copying an entire database on to a remote location as a means to ensure the appropriate levels of fault-tolerance and redundancy is known as
    • A. 

      Data mirroring

    • B. 

      Database shadowing

    • C. 

      Backup

    • D. 

      Archiving

  • 8. 
    When the backup window is not long enough to backup all of the data and the restoration of backup must be as fast as possible, which of the following type of high-availability backup strategy is recommended?
    • A. 

      Full

    • B. 

      Incremental

    • C. 

      Differential

    • D. 

      Increase the backup window so a full backup can be performed

  • 9. 
    When you approach a restricted facility, you are requested for identifi cation and verifi ed against a pre-approved list by the guard at the front gate before being let in. Th is is an example of checking for the principle of
    • A. 

      Least privilege

    • B. 

      Separation of duties

    • C. 

      Fail-safe

    • D. 

      Psychological acceptability

  • 10. 
    Th e major benefi t of information classifi cation is to
    • A. 

      Map out the computing ecosystem

    • B. 

      Identify the threats and vulnerabilities

    • C. 

      Determine the software baseline

    • D. 

      Identify the appropriate level of protection needs

  • 11. 
    When information, once classifi ed highly sensitive, is no longer critical or highly valued, that information must be
    • A. 

      Destroyed

    • B. 

      Declassified

    • C. 

      Degaussed

    • D. 

      Deleted

  • 12. 
    Th e main benefit of placing users into groups and roles is
    • A. 

      Ease of user administration

    • B. 

      Increased security

    • C. 

      Ease of programmatic access

    • D. 

      Automation

  • 13. 
    The likelihood of an individual’s compliance to organization’s policy can be determined by their
    • A. 

      Job rank or title

    • B. 

      Partnership with the security team

    • C. 

      Role

    • D. 

      Clearance level

  • 14. 
    Reports must be specific on both the message and which of the following?
    • A. 

      Intended audience

    • B. 

      Delivery options

    • C. 

      Colors used

    • D. 

      Print layout

  • 15. 
    Which of the following can help with ensuring that only the needed logs are collected for monitoring?
    • A. 

      Clipping level

    • B. 

      Clearance level

    • C. 

      Least privilege

    • D. 

      Separation of duties

  • 16. 
    Th e main diff erence between a security event management (SEM) system and a log management system is that SEM systems are useful for log collection, collation, and analysis
    • A. 

      In real time

    • B. 

      For historical purposes

    • C. 

      For admissibility in court

    • D. 

      In discerning patterns

  • 17. 
    When normal traffic is flagged as an attack, it is an example of
    • A. 

      Fail-safe

    • B. 

      Fail-secure

    • C. 

      False-negative

    • D. 

      False-positive

  • 18. 
    The best way to ensure that there is no data remanence of sensitive information that was once stored on a burn-once DVD media is by
    • A. 

      Deletion

    • B. 

      Degaussing

    • C. 

      Destruction

    • D. 

      Overwriting

  • 19. 
    Which of the following processes is concerned with not only identifying the root cause but also addressing the underlying issue?
    • A. 

      Incident management

    • B. 

      Problem management

    • C. 

      Change management

    • D. 

      Confi guration management

  • 20. 
    Before applying a software update to production systems, it is extremely important that
    • A. 

      Full disclosure information about the threat that the patch addresses is available

    • B. 

      The patching process is documented

    • C. 

      The production systems are backed up

    • D. 

      An independent third party attests the validity of the patch