Mike Chapple - (ISC)2 SSCP Systems Security Certified Practitioner Official Practice Tests

Здесь есть возможность читать онлайн «Mike Chapple - (ISC)2 SSCP Systems Security Certified Practitioner Official Practice Tests» — ознакомительный отрывок электронной книги совершенно бесплатно, а после прочтения отрывка купить полную версию. В некоторых случаях можно слушать аудио, скачать через торрент в формате fb2 и присутствует краткое содержание. Жанр: unrecognised, на английском языке. Описание произведения, (предисловие) а так же отзывы посетителей доступны на портале библиотеки ЛибКат.

(ISC)2 SSCP Systems Security Certified Practitioner Official Practice Tests: краткое содержание, описание и аннотация

Предлагаем к чтению аннотацию, описание, краткое содержание или предисловие (зависит от того, что написал сам автор книги «(ISC)2 SSCP Systems Security Certified Practitioner Official Practice Tests»). Если вы не нашли необходимую информацию о книге — напишите в комментариях, мы постараемся отыскать её.

Smarter, faster prep for the SSCP exam
(ISC)² SSCP Official Practice Tests, 2nd Edition

(ISC)2 SSCP Systems Security Certified Practitioner Official Practice Tests — читать онлайн ознакомительный отрывок

Ниже представлен текст книги, разбитый по страницам. Система сохранения места последней прочитанной страницы, позволяет с удобством читать онлайн бесплатно книгу «(ISC)2 SSCP Systems Security Certified Practitioner Official Practice Tests», без необходимости каждый раз заново искать на чём Вы остановились. Поставьте закладку, и сможете в любой момент перейти на страницу, на которой закончили чтение.

Тёмная тема
Сбросить

Интервал:

Закладка:

Сделать

22 Darcy is designing a fault-tolerant system and wants to implement RAID level 5 for her system. What is the minimum number of physical hard disks she can use to build this system?OneTwoThreeFive

23 What important function do senior managers normally fill on a business continuity planning team?Arbitrating disputes about criticalityEvaluating the legal environmentTraining staffDesigning failure controls

24 Which one of the following is not normally included in business continuity plan documentation?Statement of accountsStatement of importanceStatement of prioritiesStatement of organizational responsibility

25 Which one of the following is not normally considered a business continuity task?Business impact assessmentEmergency response guidelinesElectronic vaultingVital records program

26 Who should receive initial business continuity plan training in an organization?Senior executivesThose with specific business continuity rolesEveryone in the organizationFirst responders

27 Which one of the following components should be included in an organization’s emergency response guidelines?List of individuals who should be notified of an emergency incidentLong-term business continuity protocolsActivation procedures for the organization’s cold sitesContact information for ordering equipment

For questions 28–30, please refer to the following scenario.

Alejandro is an incident response analyst for a large corporation. He is on the midnight shift when an intrusion detection system alerts him to a potential brute-force password attack against one of the company’s critical information systems. He performs an initial triage of the event before taking any additional action.

1 What stage of the incident response process is Alejandro currently conducting?DetectionResponseRecoveryMitigation

2 If Alejandro’s initial investigation determines that a security incident is likely taking place, what should be his next step?Investigate the root cause.File a written report.Activate the incident response team.Attempt to restore the system to normal operations.

3 As the incident response progresses, during which stage should the team conduct a root-cause analysis?ResponseReportingRemediationLessons learned

4 The Domer Industries risk assessment team recently conducted a qualitative risk assessment and developed a matrix similar to the one shown here. Which quadrant contains the risks that require the most immediate attention?IIIIIIIV

5 Which one of the following stakeholders is not typically included on a business continuity planning team?Core business function leadersInformation technology staffCEOSupport departments

6 Craig is selecting the site for a new data center and must choose a location somewhere within the United States. He obtained the earthquake risk map shown here from the United States Geological Survey. Which of the following would be the safest location to build his facility if he were primarily concerned with earthquake risk?Image reprinted from CISSP (ISC) 2 Certified Information Systems Security Professional Official Study Guide, 7th Edition © John Wiley & Sons 2015, reprinted with permission.New YorkNorth CarolinaIndianaFlorida

7 As part of his incident response process, Charles securely wipes the drive of a compromised machine and reinstalls the operating system (OS) from original media. Once he is done, he patches the machine fully and applies his organization’s security templates before reconnecting the system to the network. Almost immediately after the system is returned to service, he discovers that it has reconnected to the same botnet it was part of before. Where should Charles look for the malware that is causing this behavior?The operating system partitionThe system BIOS or firmwareThe system memoryThe installation media

8 As part of his team’s forensic investigation process, Matt signs drives and other evidence out of storage before working with them. What type of documentation is he creating?CriminalChain of custodyCivilCYA

9 Karen’s organization has been performing system backups for years but has not used the backups frequently. During a recent system outage, when administrators tried to restore from backups, they found that the backups had errors and could not be restored. Which of the following options should Karen avoid when selecting ways to ensure that her organization’s backups will work next time?Log reviewMTD verificationHashingPeriodic testing

10 Referring to the following figure, what technology is shown that provides fault tolerance for the database servers?Failover clusterUPSTape backupCold site

11 Which of the following is not a common ethical standard for computer forensics professionals?Maintaining objectivityTestimony must favor the clientAvoiding conflict of interestNot concealing any findings

12 Glenda would like to conduct a disaster recovery test and is seeking a test that will allow a review of the plan with no disruption to normal information system activities and as minimal a commitment of time as possible. What type of test should she choose?Tabletop exerciseParallel testFull interruption testChecklist review

13 Which one of the following is not an example of a backup tape rotation scheme?Grandfather/Father/SonMeet-in-the-middleTower of HanoiSix Cartridge Weekly

14 Which one of the following is not a requirement for evidence to be admissible in court?The evidence must be relevant.The evidence must be material.The evidence must be tangible.The evidence must be competent.

15 Sam is responsible for backing up his company’s primary file server. He configured a backup schedule that performs full backups every Monday evening at 9 p.m. and differential backups on other days of the week at that same time. Files change according to the information shown in the following figure. How many files will be copied in Wednesday’s backup?2356

16 Tim is a forensic analyst who is attempting to retrieve information from a hard drive. It appears that the user attempted to erase the data, and Tim is trying to reconstruct it. What type of forensic analysis is Tim performing?Software analysisMedia analysisEmbedded device analysisNetwork analysis

17 Which one of the following is an example of a computer security incident?Completion of a backup scheduleSystem access recorded in a logUnauthorized vulnerability scan of a file serverUpdate of antivirus signatures

18 Florian is building a disaster recovery plan for his organization and would like to determine the amount of time that a particular IT service may be down without causing serious damage to business operations. What variable is Florian calculating?RTOMTDRPOSLA

19 During an incident investigation, investigators meet with a system administrator who may have information about the incident but is not a suspect. What type of conversation is taking place during this meeting?InterviewInterrogationBoth an interview and an interrogationNeither an interview nor an interrogation

20 Match each of the numbered types of recovery capabilities to their correct lettered definition:TermsHot siteCold siteWarm siteService bureauDefinitionsAn organization that can provide on-site or off-site IT services in the event of a disasterA site with dedicated storage and real-time data replication, often with shared equipment that allows restoration of service in a very short timeA site that relies on shared storage and backups for recoveryA rented space with power, cooling, and connectivity that can accept equipment as part of a recovery effort

21 Veronica is considering the implementation of a database recovery mechanism recommended by a consultant. In the recommended approach, an automated process will move database backups from the primary facility to an off-site location each night. What type of database recovery technique is the consultant describing?Remote journalingRemote mirroringElectronic vaultingTransaction logging

Читать дальше
Тёмная тема
Сбросить

Интервал:

Закладка:

Сделать

Похожие книги на «(ISC)2 SSCP Systems Security Certified Practitioner Official Practice Tests»

Представляем Вашему вниманию похожие книги на «(ISC)2 SSCP Systems Security Certified Practitioner Official Practice Tests» списком для выбора. Мы отобрали схожую по названию и смыслу литературу в надежде предоставить читателям больше вариантов отыскать новые, интересные, ещё непрочитанные произведения.


Отзывы о книге «(ISC)2 SSCP Systems Security Certified Practitioner Official Practice Tests»

Обсуждение, отзывы о книге «(ISC)2 SSCP Systems Security Certified Practitioner Official Practice Tests» и просто собственные мнения читателей. Оставьте ваши комментарии, напишите, что Вы думаете о произведении, его смысле или главных героях. Укажите что конкретно понравилось, а что нет, и почему Вы так считаете.

x