Quest

CISSP Practice Questions

  1. Which of the following best describes the control that access to data or resources is necessary for the performance of official duties?
    A. Separation of Duties
    B. Need-to-Know
    C. Least Privilege
    D. Job Rotation
  2. Which of the following best ensures that a person has been determined to be trustworthy?
    A. Security clearance
    B. Identification
    C. Need-to-Know
    D. Access Control
  3. Which of following is of most concern when determining if a HIDS or NIDS should be implemented as a safeguard?
    A. Analysis of the frequency of network attacks
    B. The effectiveness of the solution
    C. The risk exposure of being breached
    D. Identify, analyze, and evaluate the risks
  4. A covert timing channel hinders which of the following security objective?
    A. Confidentiality
    B. Integrity
    C. Availability
    D. Non-repudiation
  5. When you are concerned with the issue of data loss and error when transmission between applications on your industrial control systems (ICS) network, you are considering issues in which layer of the ISO Open System Interconnection (OSI) Reference Model?
    A. Logic Link Control (LLC) Layer
    B. Transport Layer
    C. Network Layer
    D. Internet Layer
  6. When you are considering the issue of identifying and numbering networks and hosts, and the transmission path between two hosts, you are considering issues in which layer of the ISO Open System Interconnection (OSI) Reference Model?
    A. Logic Link Control (LLC) Layer
    B. Transport Layer
    C. Network Layer
    D. Internet Layer
  7. When you are considering the issue of identifying and numbering networks and hosts, and the transmission path between two hosts, you are considering issues in which layer of the TCP/IP Model?
    A. Logic Link Control (LLC) Layer
    B. Transport Layer
    C. Network Layer
    D. Internet Layer
  8. You are the CISO of an IC design house and report to the CEO directly; confidentiality of customer privacy, and research and development data is the most concern. Use of any USB devices violates the acceptable usage policy (AUP). A customer account manager reports that many crucial customers are complaining about the efficiency of uploading files to the company’s file server. He suggests that the data can be transferred using a USB flash drive to streamline the collaboration process. As a CISO, what should you do FIRST?
    A. Add an exception to the acceptable usage policy (AUP) to allow the use of USB flash drive as security is a business enabler. To help the business deliver value is the ultimate responsibility of a CISO.
    B. Reject the suggestion because it violates the acceptable usage policy (AUP), and the use of USB flash drive is highly risky.
    C. Side with the account manager and submit a proposal in favor of the suggestion to the CEO.
    D. Prepare a business case and submit it to the CEO for final approval.
  9. You are the CISO of a multinational trading company. Your company implements a large scale web site selling products to global consumers. A network intrusion detection system (IDS) is implemented to detect abnormal traffic and potential attacks. Your incident response (IR) team receives a report from users that the web site is not available and shows HTTP error 404. An IR team member suspects that it’s a distributed denial of service (DDOS) attack, but the IDS didn’t trigger any alert. What action should the IR team take FIRST?
    A. Document the incident in the incident management system.
    B. Inform and ask the contracted internet service provider to mitigate the DDOS traffic
    C. Analyze the incident report from the end user and notify the senior management
    D. Ask for more details from the end user to realize the real situation
  10. In an executive meeting, the vice president (VP) of manufacturing, the data owner of the material requirement planning (MRP), and the VP of sales, the data owner of the online shopping website, are justifying the criticality of the underlying information systems that process their data and support their business processes. Both of them believe their business processes are more critical and should be recovered first in case of a disaster. As a CISO, how should you do?
    A. Facilitate the process for the determination of the maximum tolerable downtime, and invite the VP of information technology to commit to the recovery time objective and recovery point objective.
    B. Take importance and urgency into consideration, and implement a hot site for the business processes with higher priority while a code site for the ones with lower priority.
    C. Prepare a disaster recovery plan (DRP) based on the recovery time objective and recovery point objective.
    D. Prepare a business continuity plan (BCP) and a business case with alternatives to implement a hot site to support both MRP and the online shopping website.
  11. You are the new CISO of an international trading company and just got on board recently. Which of the following is the first and most concern for you?
    A. Salary and benefits package
    B. The role and responsibility (R&R) of CISO
    C. To develop and implement an information security strategy
    D. To elicit business and security requirements, and develop an information security program and supporting policies
  12. Jack logged into an online book store, amazz-books.com, using his Google Account. Which of the following refers to the client in terms of federated identity?
    A. Jack
    B. amazz-books.com
    C. Google
    D. The browser Jack is using
  13. Which of the following provides the most flexible access control?
    A. A subject asserting unmarried
    B. A subject with the Top Secret clearance
    C. A subject with need-to-know
    D. A subject assigned to the Admin role
  14. You are the CISO of your company. You have implemented an incident response program to handle security incidents. The on-premise ERP system gets in trouble and becomes unresponsive. The availability of the ERP system has been harmed. To which of the following should the ERP users report this incident?
    A. Service Desk
    B. Network Administrator
    C. Chief Information Officer (CIO)
    D. Computer Security Incident Response Team (CSIRT)
  15. You are the CISO of your company. You have implemented an incident response program to handle security incidents. Your online e-commerce web site is suffering distributed denial-of-service (DDoS) attack. The incident response team received a report from users that the e-commerce web site is offline and unreachable. What should the incident response team do first?
    A. Collect and preserve evidence
    B. Report to the senior management
    C. Document and prioritize the incident
    D. Contain, Eradicate, and Recover
  16. You are the CISO of your company. You have implemented an incident response program to handle security incidents. The on-premise ERP system gets in trouble and becomes unresponsive. The availability of the ERP system has been harmed. To which of the following should the ERP users report this incident?
    A. Service Desk
    B. Network Administrator
    C. Chief Information Officer (CIO)
    D. Computer Security Incident Response Team (CSIRT)
  17. You are the CISO of your company. You have implemented an incident response program to handle security incidents. Your online e-commerce web site is suffering distributed denial-of-service (DDoS) attack. The incident response team received a report from users that the e-commerce web site is offline and unreachable. What should the incident response team do first?
    A. Collect and preserve evidence
    B. Report to the senior management
    C. Document and prioritize the incident
    D. Contain, Eradicate, and Recover
  18. After risk assessment, your company assigned you to prepare a disaster recovery plan to handle the identified disasters. A hot site, warm site, and cold site are common alternatives to the primary site. You are considering the backup site alternatives when preparing the disaster recovery plan. Which of the following will be your most concern?
    A. Risk Appetite
    B. Management Buy-in
    C. Maximum Tolerable Downtime
    D. Recovery Time Objective
  19. Your company is procuring computer systems to support the new business of video streaming services. You are responsible for ensuring the computer systems are compliant with the security policies in your company. Which of the following is your most concern?
    A. Trusted Computing Base
    B. System Design Flaws
    C. Security Kernel
    D. Implicit Covert Channels
  20. You are the development team leader and recently found your nightly build failed from time to time. Eve was a disgruntled developer in your team and quit last month. She is responsible for part of the solution and not authorized to integrate the solution. She installed a program running under the local system privilege to delete, on Monday midnights, some source code in the local code repository pushed to the central code repository to be integrated. What is the program installed by Eve called?
    A. Encapsulation
    B. Maintenance hook
    C. Multipartite
    D. Logic bomb
  21. You are the development team leader and recently found your nightly build failed from time to time. Eve was a disgruntled developer in your team and quit last month. She is responsible for part of the solution and not authorized to integrate the solution. She installed a program running under the local system privilege to delete, on Monday midnights, some source code in the local code repository pushed to the central code repository to be integrated. What is the program installed by Eve called?
    A. Authentication
    B. Authorization
    C. Auditing
    D. Non-repudiation

 

Join CISSP Made Easy!