CISSP Practice Exam

59

CISSP Practice Exam

Certified Information Systems Security Professional

After you study your text books it is important to test your newly acquired knowledge and see just how well you have absorbed the material. Practice exams….

* Reinforces what you learnt – fill in the gaps of what you missed

* Gets you used to answering questions to build confidence and familiarity

Here are 10 Multiple choice exams questions for you to practice on:

______________________________

Question 1# – Which risk management methodology uses the exposure factor multiplied by the asset value to determine its outcome?

A. Annualized Loss Expectancy

B. Single Loss Expectancy

C. Annualized Rate of Occurrence

D. Information Risk Management

_____________________

Question 2# – Which of the following is *NOT* a symmetric key algorithm?

A.) Blowfish

B.) Digital Signature Standard (DSS)

C.) Triple DES (3DES)

D.) RC5

_____________________

Question 3# – Related to information security, availability is the opposite of which of the following?

A. Delegation

B. Distribution

C. Documentation

D. Destruction

_____________________

Question 4# – Why should organizations enforce separation of duties?

A. It ensures compliance with federal union rules

B. It helps verify that all employees know their job tasks

C. It provides for a better work environment

D. It encourages collusion

E. It is considered valuable in deterring fraud

_____________________

Question 5# – Which of the following is most concerned with personnel security?

A. Management controls

B. Operational controls

C. Technical controls

D. Human resources controls.

_____________________

Question 6# – Which one of the following devices might be used to commit telecommunications fraud using the “shoulder surfing” technique?

A. Magnetic stripe copier

B. Tone generator

C. Tone recorder

D. Video recorder

_____________________

Question 7# – What are database views used for?

A. To ensure referential integrity.

B. To allow easier access to data in a database.

C. To restrict user access to data in a database.

D. To provide audit trails.

_____________________

Question 8# – Which of the following services is not provided by the digital signature standard (DSS)?

A.) Encryption

B.) Integrity

C.) Digital signature

D.) Authentication

_____________________

Question 9# – Which one of the following describes a covert timing channel?

A. Modulated to carry an unintended information signal that can only be detected by special, sensitive receivers.

B. Used by a supervisor to monitor the productivity of a user without their knowledge.

C. Provides the timing trigger to activate a malicious program disguised as a legitimate function.

D. Allows one process to signal information to another by modulating its own use of system resources.

_____________________

Question 10# – Valuable paper insurance coverage does not cover damage to which of the following?

A.) Inscribed, printed and written documents

B.) Manuscripts

C.) Records

D.) Money and Securities

_____________________

ANSWERS

Question 1# – Correct Answers: B

Question 2# – Correct Answers: B

Question 3# – Correct Answers: D

Question 4# – Correct Answers: E

Question 5# – Correct Answers: B

Question 6# – Correct Answers: C

Question 7# – Correct Answers: C

Question 8# – Correct Answers: A

Question 9# – Correct Answers: D

Question 10# – Correct Answers: D

________________________________________________________

Source by Georgia Stath

· · · · ·


Related Articles & Comments

Menu Title