CISSP Study Quiz

25 Questions | Total Attempts: 1560

SettingsSettingsSettings
CISSP Study Quiz

.


Questions and Answers
  • 1. 
    Which of the following processes identifies the threats that can impact the business continuity of operations?
    • A. 

      Function analysis

    • B. 

      Risk analysis

    • C. 

      Requirement analysis

    • D. 

      Business impact analysis

  • 2. 
    Which of the following is NOT a natural environmental threat that an organization faces?
    • A. 

      Floods

    • B. 

      Environmentalist Strike

    • C. 

      Storms

    • D. 

      Earthquake

  • 3. 
    Which one best describes the religious law?
    • A. 

      Punishments may take any and all forms

    • B. 

      Social mores and norms which dictate behavior have been inculcated into law

    • C. 

      Judges are distinct from attorneys, and are actively involved in fact-finding (to include investigations)

    • D. 

      Characterized by heavy reliance on legislative law instead of jurisprudence

  • 4. 
    Which of the following refers to a location away from the computer center where document copies and backup media are kept?
    • A. 

      Storage Area network

    • B. 

      Off-Site storage

    • C. 

      On-site storage

    • D. 

      Network attached storage

  • 5. 
    What type of analysis emphasizes the formal study of what your organization is doing currently and where it will be in the future?
    • A. 

      Gap

    • B. 

      Cost Benefit

    • C. 

      Requirement

    • D. 

      Vulnerability

  • 6. 
    Which one of the following is a characteristic of tort law?
    • A. 

      Punishments usually include fines, inability to practice a profession, and possibly incarceration

    • B. 

      Behaviors or conduct seen as harmful to the public or society

    • C. 

      Damages usually entail monetary restitution, which can be compensatory, punitive, or statutory

    • D. 

      Punishments may include loss of personal freedom (to include death) or monetary fines

  • 7. 
    Which of the following approaches for identifying appropriate BIA interviewees includes reviewing the enterprise's functional positions?
    • A. 

      Executive management interviews

    • B. 

      Overlaying system technology

    • C. 

      Organizational chart reviews

    • D. 

      Organizational process models

  • 8. 
    The Capability Maturity Model Integration (CMMI) has three constellations. Which of the following is not one of the constellations?
    • A. 

      Services

    • B. 

      Acquisition

    • C. 

      Development

    • D. 

      Design

  • 9. 
    Which of the following is true about maintaining the chain of custody of a digital investigation?
    • A. 

      Keep a log of every person who had physical custody of the evidence, documenting the actions that they performed on the evidence and at what time

    • B. 

      Using sound, repeatable collection techniques that allow for the demonstration of the accuracy and integrity of the evidence

    • C. 

      Using sound scientific methods to determine the characteristics of the evidence

    • D. 

      Ensuring that the contamination and destruction of the scene are kept to a minimum

  • 10. 
    All of the following is true about trade secrets EXCEPT:
    • A. 

      Provides competitive advantage or equal footing

    • B. 

      Is not disclosed in legal proceedings

    • C. 

      Must generally be not known and provide benefit to the company

    • D. 

      Registered with a government registrar

  • 11. 
    Which of the following statements about incremental backups are true? (CHECK ALL THAT APPLY)
    • A. 

      It is the fastest method of backing up data

    • B. 

      It is the slowest method for taking a data backup

    • C. 

      A full restoration of data will be slower, since all increments must be restored

    • D. 

      It backs up only the files changed since the most recent backup and clears the archive bit

  • 12. 
    Which of the following is the technology of indoor environmental comfort?
    • A. 

      CCTV

    • B. 

      HVAC

    • C. 

      Lightning

    • D. 

      Fire Suppression

  • 13. 
    Which one of the following is true about the criminal law?
    • A. 

      Divided into intentional torts, wrongs against a person or property, dignitary wrongs, economic wrongs, negligence, nuisance, and strict liability

    • B. 

      Deals with the governance of public bodies

    • C. 

      Punishments usually include fines, inability to practice a profession, and possibly incarceration

    • D. 

      Punishments may include loss of personal freedom (to include death) or monetary fines

  • 14. 
    Copyright conveys exclusive rights to the owner of markings the public uses to identify that owner's goods and products.
    • A. 

      True

    • B. 

      False

  • 15. 
    Which of the following electronically stored information (ESI) are not considered reasonably accessible?
    • A. 

      Manual access disks

    • B. 

      Backup tapes for disaster recovery

    • C. 

      Hard drives

    • D. 

      Auto-access optical disks

  • 16. 
    Which type of law is derived from court decisions and codification of British law dating back to the 12th century?
    • A. 

      Common Law

    • B. 

      Criminal Law

    • C. 

      Tort Law

    • D. 

      Administrative Law

  • 17. 
    The Investigative phase of the incident response process includes detection, identification, and notification.
    • A. 

      True

    • B. 

      False

  • 18. 
    Which of the following is NOT a consideration when choosing data retention policies?
    • A. 

      Human Resources

    • B. 

      Cost of data retention

    • C. 

      Data retrieval and use

    • D. 

      Inherent aggregation

  • 19. 
    The best exercise type to use in order to validate a specific functional response in your recovery plan is a:
    • A. 

      Structured Walk-through

    • B. 

      Tabletop Exercise

    • C. 

      Parallel Test

    • D. 

      Simulation Test

  • 20. 
    Of the following plans, which is designed to protect critical business processes from natural or man-made failures or disasters and the consequential loss of capital due to the unavailability of normal business operations?
    • A. 

      Disaster Recovery Plan

    • B. 

      Contingency Plan

    • C. 

      Business Continuity Plan

    • D. 

      Crisis Communication Plan

  • 21. 
    Many organizations purchase insurance policies to provide various liability coverage for information security risks, including any physical damage of assets, hacking attacks, etc. Which of the following risk management techniques are being employed?
    • A. 

      Risk avoidance

    • B. 

      Risk Transfer

    • C. 

      Risk acceptance

    • D. 

      Risk insurance

  • 22. 
    Management should decide when a system should be returned to operational status in which phase of the incident response process?
    • A. 

      Recovery Phase

    • B. 

      Triage Phase

    • C. 

      Investigative Phase

    • D. 

      Post-incident Phase

  • 23. 
    Which phase of the incident response process is triggered by awareness?
    • A. 

      Post-incident Phase

    • B. 

      Investigative Phase

    • C. 

      Recovery Phase

    • D. 

      Triage Phase

  • 24. 
    Administrative law is concerned with confining government power, curtailing governmental abuses, ensuring procedural adherence, and ensuring performance of statutory duties.
    • A. 

      True

    • B. 

      False

  • 25. 
    In which of the following alternative site configurations is the backup facility maintained in a constant order, with a full complement of servers, workstations, and communication links ready to assume the primary operations responsibility?
    • A. 

      Hot Site

    • B. 

      Mobile Site

    • C. 

      Warm Site

    • D. 

      Cold Site