LibCat » Книги » Приключения » unrecognised » Mike Chapple - (ISC)2 CISSP Certified Information Systems Security Professional Official Practice Tests

Mike Chapple - (ISC)2 CISSP Certified Information Systems Security Professional Official Practice Tests

Здесь есть возможность читать онлайн «Mike Chapple - (ISC)2 CISSP Certified Information Systems Security Professional Official Practice Tests» — ознакомительный отрывок электронной книги совершенно бесплатно, а после прочтения отрывка купить полную версию. В некоторых случаях можно слушать аудио, скачать через торрент в формате fb2 и присутствует краткое содержание. Жанр: unrecognised, на английском языке. Описание произведения, (предисловие) а так же отзывы посетителей доступны на портале библиотеки ЛибКат.

Читать книгу

Название:
(ISC)2 CISSP Certified Information Systems Security Professional Official Practice Tests
Автор:
Mike Chapple
Жанр:
unrecognised / на английском языке
Год:
неизвестен
ISBN:
нет данных
Рейтинг книги:
3 / 5. Голосов: 1
Избранное:

Добавить в избранное
Отзывы:
Написать комментарий
Ваша оценка:
- 60
- 1
- 2
- 3
- 4
- 5

(ISC)2 CISSP Certified Information Systems Security Professional Official Practice Tests: краткое содержание, описание и аннотация

Предлагаем к чтению аннотацию, описание, краткое содержание или предисловие (зависит от того, что написал сам автор книги «(ISC)2 CISSP Certified Information Systems Security Professional Official Practice Tests»). Если вы не нашли необходимую информацию о книге — напишите в комментариях, мы постараемся отыскать её.

Full-length practice tests covering all CISSP domains for the ultimate exam prep The
is a major resource for (ISC)2 Certified Information Systems Security Professional (CISSP) candidates, providing 1300 unique practice questions. The first part of the book provides 100 questions per domain. You also have access to four unique 125-question practice exams to help you master the material. As the only official practice tests endorsed by (ISC)2, this book gives you the advantage of full and complete preparation. These practice tests align with the 2021 version of the exam to ensure up-to-date preparation, and are designed to cover what you will see on exam day. Coverage includes: Security and Risk Management, Asset Security, Security Architecture and Engineering, Communication and Network Security, Identity and Access Management (IAM), Security Assessment and Testing, Security Operations, and Software Development Security.
The CISSP credential signifies a body of knowledge and a set of guaranteed skills that put you in demand in the marketplace. This book is your ticket to achieving this prestigious certification, by helping you test what you know against what you need to know.
Test your knowledge of the 2021 exam domains Identify areas in need of further study Gauge your progress throughout your exam preparation Practice test taking with Sybex’s online test environment containing the questions from the book The CISSP exam is refreshed every few years to ensure that candidates are up-to-date on the latest security topics and trends. Currently-aligned preparation resources are critical, and periodic practice tests are one of the best ways to truly measure your level of understanding.

(ISC)2 CISSP Certified Information Systems Security Professional Official Practice Tests — читать онлайн ознакомительный отрывок

Ниже представлен текст книги, разбитый по страницам. Система сохранения места последней прочитанной страницы, позволяет с удобством читать онлайн бесплатно книгу «(ISC)2 CISSP Certified Information Systems Security Professional Official Practice Tests», без необходимости каждый раз заново искать на чём Вы остановились. Поставьте закладку, и сможете в любой момент перейти на страницу, на которой закончили чтение.

Тёмная тема

Шрифт:

↓

↑

Сбросить

Интервал:

↓

↑

Закладка:

Сделать

4 FlyAway Travel has offices in both the European Union (EU) and the United States and transfers personal information between those offices regularly. They have recently received a request from an EU customer requesting that their account be terminated. Under the General Data Protection Regulation (GDPR), which requirement for processing personal information states that individuals may request that their data no longer be disseminated or processed?The right to accessPrivacy by designThe right to be forgottenThe right of data portability

5 After conducting a qualitative risk assessment of her organization, Sally recommends purchasing cybersecurity breach insurance. What type of risk response behavior is she recommending?AcceptTransferReduceReject

6 Which one of the following elements of information is not considered personally identifiable information that would trigger most United States (U.S.) state data breach laws?Student identification numberSocial Security numberDriver's license numberCredit card number

7 Renee is speaking to her board of directors about their responsibilities to review cybersecurity controls. What rule requires that senior executives take personal responsibility for information security matters?Due diligence rulePersonal liability rulePrudent man ruleDue process rule

8 Henry recently assisted one of his co-workers in preparing for the CISSP exam. During this process, Henry disclosed confidential information about the content of the exam, in violation of Canon IV of the Code of Ethics: “Advance and protect the profession.” Who may bring ethics charges against Henry for this violation?Anyone may bring charges.Any certified or licensed professional may bring charges.Only Henry's employer may bring charges.Only the affected employee may bring charges.

9 Wanda is working with one of her organization's European Union business partners to facilitate the exchange of customer information. Wanda's organization is located in the United States. What would be the best method for Wanda to use to ensure GDPR compliance?Binding corporate rulesPrivacy ShieldStandard contractual clausesSafe harbor

10 Yolanda is the chief privacy officer for a financial institution and is researching privacy requirements related to customer checking accounts. Which one of the following laws is most likely to apply to this situation?GLBASOXHIPAAFERPA

11 Tim's organization recently received a contract to conduct sponsored research as a government contractor. What law now likely applies to the information systems involved in this contract?FISMAPCI DSSHIPAAGISRA

12 Chris is advising travelers from his organization who will be visiting many different countries overseas. He is concerned about compliance with export control laws. Which of the following technologies is most likely to trigger these regulations?Memory chipsOffice productivity applicationsHard drivesEncryption software

13 Bobbi is investigating a security incident and discovers that an attacker began with a normal user account but managed to exploit a system vulnerability to provide that account with administrative rights. What type of attack took place under the STRIDE threat model?SpoofingRepudiationTamperingElevation of privilege

14 You are completing your business continuity planning effort and have decided that you want to accept one of the risks. What should you do next?Implement new security controls to reduce the risk level.Design a disaster recovery plan.Repeat the business impact assessment.Document your decision-making process.

15 You are completing a review of the controls used to protect a media storage facility in your organization and would like to properly categorize each control that is currently in place. Which of the following control categories accurately describe a fence around a facility? (Select all that apply.)PhysicalDetectiveDeterrentPreventive

16 Tony is developing a business continuity plan and is having difficulty prioritizing resources because of the difficulty of combining information about tangible and intangible assets. What would be the most effective risk assessment approach for him to use?Quantitative risk assessmentQualitative risk assessmentNeither quantitative nor qualitative risk assessmentCombination of quantitative and qualitative risk assessment

17 Vincent believes that a former employee took trade secret information from his firm and brought it with him to a competitor. He wants to pursue legal action. Under what law could he pursue charges?Copyright lawLanham ActGlass-Steagall ActEconomic Espionage Act

18 Which one of the following principles imposes a standard of care upon an individual that is broad and equivalent to what one would expect from a reasonable person under the circumstances?Due diligenceSeparation of dutiesDue careLeast privilege

19 Brenda's organization recently completed the acquisition of a competitor firm. Which one of the following tasks would be LEAST likely to be part of the organizational processes addressed during the acquisition?Consolidation of security functionsIntegration of security toolsProtection of intellectual propertyDocumentation of security policies

20 Kelly believes that an employee engaged in the unauthorized use of computing resources for a side business. After consulting with management, she decides to launch an administrative investigation. What is the burden of proof that she must meet in this investigation?Preponderance of the evidenceBeyond a reasonable doubtBeyond the shadow of a doubtThere is no standard

21 Keenan Systems recently developed a new manufacturing process for microprocessors. The company wants to license the technology to other companies for use but wants to prevent unauthorized use of the technology. What type of intellectual property protection is best suited for this situation?PatentTrade secretCopyrightTrademark

22 Which one of the following actions might be taken as part of a business continuity plan?Restoring from backup tapesImplementing RAIDRelocating to a cold siteRestarting business operations

23 When developing a business impact analysis, the team should first create a list of assets. What should happen next?Identify vulnerabilities in each asset.Determine the risks facing the asset.Develop a value for each asset.Identify threats facing each asset.

24 Mike recently implemented an intrusion prevention system designed to block common network attacks from affecting his organization. What type of risk management strategy is Mike pursuing?Risk acceptanceRisk avoidanceRisk mitigationRisk transference

25 Laura has been asked to perform an SCA. What type of organization is she most likely in?Higher educationBankingGovernmentHealthcare

26 Carl is a federal agent investigating a computer crime case. He identified an attacker who engaged in illegal conduct and wants to pursue a case against that individual that will lead to imprisonment. What standard of proof must Carl meet?Beyond the shadow of a doubtPreponderance of the evidence Beyond a reasonable doubtMajority of the evidence

27 The International Information Systems Security Certification Consortium uses the logo shown here to represent itself online and in a variety of forums. What type of intellectual property protection may it use to protect its rights in this logo?CopyrightPatentTrade secretTrademark

28 Mary is helping a computer user who sees the following message appear on his computer screen. What type of attack has occurred?AvailabilityConfidentialityDisclosureDistributed

29 Which one of the following organizations would not be automatically subject to the privacy and security requirements of HIPAA if they engage in electronic transactions?Healthcare providerHealth and fitness application developerHealth information clearinghouseHealth insurance plan

30 John's network begins to experience symptoms of slowness. Upon investigation, he realizes that the network is being bombarded with TCP SYN packets and believes that his organization is the victim of a denial-of-service attack. What principle of information security is being violated?AvailabilityIntegrityConfidentialityDenial