CISSP Official Practice Tests by Mike Chapple, David Seidl

Chapter 1 ■ Security and Risk Management (Domain 1) 13 James is conducting a risk assessment for his organization and is attemp ...

Chapter 3: Security Architecture and Engineering (Domain 3) 339 B. The Digital Signature Standard approves three encryption alg ...

14 Chapter 1 ■ Security and Risk Management (Domain 1) The following graphic shows the NIST risk management framework with step ...

340 Appendix ■ Answers 18. B. Each user retains their private key as secret information. In this scenario, Bob would only have a ...

Chapter 1 ■ Security and Risk Management (Domain 1) 15 Which one of the following components should be included in an organizat ...

Chapter 3: Security Architecture and Engineering (Domain 3) 341 A. Mantraps use a double set of doors to prevent piggybacking b ...

16 Chapter 1 ■ Security and Risk Management (Domain 1) Ben is seeking a control objective framework that is widely accepted aro ...

342 Appendix ■ Answers 4 3. C. Parameter checking, or input validation, is used to ensure that input provided by users to an app ...

Chapter 1 ■ Security and Risk Management (Domain 1) 17 Which one of the following stakeholders is not typically included on a b ...

Chapter 3: Security Architecture and Engineering (Domain 3) 343 B. The mean time to failure (MTTF) provides the average amount ...

18 Chapter 1 ■ Security and Risk Management (Domain 1) The Domer Industries risk assessment team recently conducted a qualitati ...

344 Appendix ■ Answers 6 9. B. In a software as a service environment, the customer has no access to any underlying infrastructu ...

Chapter 1 ■ Security and Risk Management (Domain 1) 19 C. 17 D. 18 Tom is considering locating a business in the downtown area ...

Chapter 3: Security Architecture and Engineering (Domain 3) 345 A. The information flow model applies state machines to the flo ...

20 Chapter 1 ■ Security and Risk Management (Domain 1) You discover that a user on your network has been using the Wireshark to ...

346 Appendix ■ Answers 9 6. B. Abstraction uses a black box approach to hide the implementation details of an object from the us ...

Chapter 1 ■ Security and Risk Management (Domain 1) 21 Match the following numbered laws or industry standards to their lettere ...

Chapter 4: Communication and Network Security (Domain 4) 347 C. The most reasonable choice presented is to move the devices to ...

22 Chapter 1 ■ Security and Risk Management (Domain 1) Which one of the following tools is most often used for identification p ...

348 Appendix ■ Answers 3. C. Ben is using ad hoc mode, which directly connects two clients. It can be easy to confuse this with ...