CISSP Practice Exam


CISSP Practice Exam
Certified Information Systems Security Professional
After you study your text books it is important to test your newly acquired knowledge and see just how well you have absorbed the material. Practice exams….
* Reinforces what you learnt – fill in the gaps of what you missed
* Gets you used to answering questions to build confidence and familiarity
Here are 10 Multiple choice exams questions for you to practice on:
______________________________
Question 1# – Which risk management methodology uses the exposure factor multiplied by the asset value to determine its outcome?
A. Annualized Loss Expectancy
B. Single Loss Expectancy
C. Annualized Rate of Occurrence
D. Information Risk Management
_____________________
Question 2# – Which of the following is NOT a symmetric key algorithm?
A.) Blowfish
B.) Digital Signature Standard (DSS)
C.) Triple DES (3DES)
D.) RC5
_____________________
Question 3# – Related to information security, availability is the opposite of which of the following?
A. Delegation
B. Distribution
C. Documentation
D. Destruction
_____________________
Question 4# – Why should organizations enforce separation of duties?
A. It ensures compliance with federal union rules
B. It helps verify that all employees know their job tasks
C. It provides for a better work environment
D. It encourages collusion
E. It is considered valuable in deterring fraud
_____________________
Question 5# – Which of the following is most concerned with personnel security?
A. Management controls
B. Operational controls
C. Technical controls
D. Human resources controls.
_____________________
Question 6# – Which one of the following devices might be used to commit telecommunications fraud using the “shoulder surfing” technique?
A. Magnetic stripe copier
B. Tone generator
C. Tone recorder
D. Video recorder
_____________________
Question 7# – What are database views used for?
A. To ensure referential integrity.
B. To allow easier access to data in a database.
C. To restrict user access to data in a database.
D. To provide audit trails.
_____________________
Question 8# – Which of the following services is not provided by the digital signature standard (DSS)?
A.) Encryption
B.) Integrity
C.) Digital signature
D.) Authentication
_____________________
Question 9# – Which one of the following describes a covert timing channel?
A. Modulated to carry an unintended information signal that can only be detected by special, sensitive receivers.
B. Used by a supervisor to monitor the productivity of a user without their knowledge.
C. Provides the timing trigger to activate a malicious program disguised as a legitimate function.
D. Allows one process to signal information to another by modulating its own use of system resources.
_____________________
Question 10# – Valuable paper insurance coverage does not cover damage to which of the following?
A.) Inscribed, printed and written documents
B.) Manuscripts
C.) Records
D.) Money and Securities
_____________________
ANSWERS
Question 1# – Correct Answers: B
Question 2# – Correct Answers: B
Question 3# – Correct Answers: D
Question 4# – Correct Answers: E
Question 5# – Correct Answers: B
Question 6# – Correct Answers: C
Question 7# – Correct Answers: C
Question 8# – Correct Answers: A
Question 9# – Correct Answers: D
Question 10# – Correct Answers: D


Related posts