CISSP Exam Questions for Self-Study (Domain 7)
Note: Pardon the messiness of the questions. These questions come from my podcast and will be cleaning the questions up over the coming weeks.
Question:
- As it relates to Logging and Monitoring, what are some of the key purposes behind capturing logs?
- Provides an Audit Trail; Allows for Legal Actions; Promotes Accountability
- Provides an Audit Trail; Keeps Employees Concerned; Promotes Dependability
- Allows for Compliance to Track Employees; Keeps Employees Concerned; Promotes Accountability
- None of the Above
- Answer: [A] Provides an Audit Trail; Allows for Legal Actions; Promotes Accountability
Question
- When considering the Data Life Cycle what are the phases/cycle that data is generated:
- Collection, Inspection, Storage, Archiving, Deletion
- Gathering, Examination, Storage, Archiving, Deletion
- Collection, Examination, Backups, Archiving, Deletion
- Collection, Examination, Storage, Archiving, Deletion
- Answer: [D] Collection, Examination, Storage, Archiving, Deletion
QUESTION 1
A critical first step in disaster recovery and contingency planning is which of the following?
- A. Complete a business impact analysis
- B. Determine offsite backup facility alternatives
- C. Organize and create relevant documentation
- D. Plan testing and drills
CORRECT ANSWER - A. Complete a business impact analysis
The first step in disaster recovery and contingency planning is implementing a business impact analysis (BIA). The step involves identifying all possible threats and measuring the effect each can have on the company. This also includes identifying critical company functions and resources and calculating outage times.
QUESTION 2
There are different types of offsite facilities, either subscription-based or company-owned. Which type of subscription-based backup facility is used most often?
- A. Cold
- B. Warm
- C. Hot
- D. Redundant
CORRECT ANSWER - B. Warm
Warm sites offer an even mix of advantages and disadvantages. These backup locations have power and network available, but only a portion of the hardware and software installed. A positive attribute of a warm site is that they are less expensive than a hot site. A downside is that testing capabilities are not available as they are with hot sites. A redundant site is not subscription-based, but owned by the company.
QUESTION 3
In disaster recovery, each level of employee should have clearly defined responsibilities. Which of the following is a responsibility of senior executives?
- A. Develop testing plans
- B. Establish project goals and develop plans
- C. Identify critical business systems
- D. Oversee budgets and the overall project
CORRECT ANSWER - D. Oversee budgets and the overall project
Senior executives have several key responsibilities within disaster recovery, which include: support and approve plans; sponsor all aspects of plans; verify testing phases are being carried out; and oversee budgets. Having the dedicated and consistent support of senior management is critical in the success of disaster recovery and contingency planning.
QUESTION 1
Two or more honeypots on a network:
- Honeyfarm
- Honeynet
- Honeypot
- Remanence
CORRECT ANSWER - Honeynet
QUESTION 2
A centralized collection of honeypots and analysis tools:
- Remanence
- Honeyfarm
- Honeypot
- Smart cards
CORRECT ANSWER - Honeyfarm
QUESTION 3
A form of software virtualization that lets programs and processes run in their own isolated virtual environment:
- Rim lock
- Mortise lock
- Cipher lock
- Sandboxing
CORRECT ANSWER - Sandboxing
QUESTION 1
A group of technologies which aggregate information about access controls and selected system activity to store for analysis and correlation:
- Intrusion prevention system (IPS)
- Chain of custody
- Security information and event management (SIEM)
- Indemnification
CORRECT ANSWER - Security information and event management (SIEM)
QUESTION 2
States that when a crime is committed, the perpetrators leave something behind and take something with them, hence the exchange:
- Balanced magnetic switch (BMS)
- Data leak prevention
- Records and information management (RIM)
- Locard's exchange principle
CORRECT ANSWER - Locard's exchange principle
QUESTION 3
Essential activities to protect business information and can be established in compliance with laws, regulations, or corporate governance:
- Protocol anomaly-based IDS
- Smart cards
- Time domain reflectometry (TDR)
- Records and information management (RIM)
CORRECT ANSWER - Records and information management (RIM)
QUESTION 4
A technology that monitors activity like an IDS but will automatically take proactive preventative action if it detects unacceptable activity:
- Intrusion prevention systems
- Intrusion detection systems
- Data leak prevention systems
- Infrared linear beam sensors
CORRECT ANSWER - Intrusion detection systems
