CISSP Official Practice Tests by Mike Chapple, David Seidl

Chapter 1 ■ Security and Risk Management (Domain 1) 3 Which one of the following is not one of the three common threat modeling ...

Chapter 2: Asset Security (Domain 2) 329 C. A watermark is used to digitally label data and can be used to indicate ownership. ...

4 Chapter 1 ■ Security and Risk Management (Domain 1) Tim’s organization recently received a contract to conduct sponsored rese ...

330 Appendix ■ Answers 2 4. B. Scoping involves selecting only the controls that are appropriate for your IT systems, while tail ...

Chapter 1 ■ Security and Risk Management (Domain 1) 5 C. Neither quantitative nor qualitative risk assessment D. Combination of ...

Chapter 2: Asset Security (Domain 2) 331 B. Downgrading systems and media is rare due to the difficulty of ensuring that saniti ...

6 Chapter 1 ■ Security and Risk Management (Domain 1) When developing a business impact analysis, the team should first create ...

332 Appendix ■ Answers 4 0. A. When data is stored in a mixed classification environment, it is typically classified based on th ...

Chapter 1 ■ Security and Risk Management (Domain 1) 7 Mary is helping a computer user who sees the following message appear on ...

Chapter 2: Asset Security (Domain 2) 333 B. Degaussing uses strong magnetic fields to erase magnetic media. Magwipe is a made-u ...

334 Appendix ■ Answers 6 0. B. The GDPR does include requirements that data be processed fairly, maintained securely, and mainta ...

8 Chapter 1 ■ Security and Risk Management (Domain 1) Renee is designing the long-term security plan for her organization and h ...

Chapter 2: Asset Security (Domain 2) 335 D. The GDPR does include the need to collect information for specified, explicit, and ...

Chapter 1 ■ Security and Risk Management (Domain 1) 9 Alan works for an e-commerce company that recently had some content stole ...

336 Appendix ■ Answers 8 0. C. Systems used to process data are data processors. Data owners are typically CEOs or other very se ...

10 Chapter 1 ■ Security and Risk Management (Domain 1) Gary is analyzing a security incident and, during his investigation, enc ...

Chapter 1 ■ Security and Risk Management (Domain 1) 11 Users in the two offices would like to access each other’s file servers ...

Chapter 2: Asset Security (Domain 2) 337 B. Susan’s organization is limiting its risk by sending drives that have been sanitize ...

12 Chapter 1 ■ Security and Risk Management (Domain 1) An accounting employee at Doolittle Industries was recently arrested for ...

338 Appendix ■ Answers 9 8. D. When the value of data changes due to legal, compliance, or business reasons, reviewing classific ...