CISSP Official Practice Tests by Mike Chapple, David Seidl

Chapter 3 ■ Security Architecture and Engineering (Domain 3) 55 A. Simple Security Property B. Simple Integrity Property C. *-Se ...

Chapter 6: Security Assessment and Testing (Domain 6) 377 6 7. B. Fagan testing is a detailed code review that steps through pla ...

56 Chapter 3 ■ Security Architecture and Engineering (Domain 3) When Bob receives the encrypted message from Alice, what key do ...

378 Appendix ■ Answers 7 4. B. Not having enough log sources is not a key consideration in log management system design, althoug ...

Chapter 3 ■ Security Architecture and Engineering (Domain 3) 57 C. Deluge D. Preaction Susan would like to configure IPsec in a ...

Chapter 6: Security Assessment and Testing (Domain 6) 379 D. Since a shared symmetric key could be used by any of the servers, ...

58 Chapter 3 ■ Security Architecture and Engineering (Domain 3) In the figure shown here, Harry’s request to write to the data ...

380 Appendix ■ Answers 8 8. C. Static analysis is the process of reviewing code without running it. It relies on techniques like ...

Chapter 3 ■ Security Architecture and Engineering (Domain 3) 59 What cryptographic principle stands behind the idea that crypto ...

Chapter 7: Security Operations (Domain 7)  381 B. Once additional tools have been installed, penetration testers will typically ...

60 Chapter 3 ■ Security Architecture and Engineering (Domain 3) In the figure shown here, Sally is blocked from writing to the ...

382 Appendix ■ Answers B. A pseudoflaw is a false vulnerability in a system that may attract an attacker. A honeynet is a netwo ...

Chapter 3 ■ Security Architecture and Engineering (Domain 3) 61 In what state does a processor’s scheduler place a process when ...

Chapter 7: Security Operations (Domain 7)  383 D. Hotfixes, updates, and security fixes are all synonyms for single patches des ...

62 Chapter 3 ■ Security Architecture and Engineering (Domain 3) Which one of the following terms is not used to describe a priv ...

384 Appendix ■ Answers 2 5. D. A disaster is any event that can disrupt normal IT operations and can be either natural or manmad ...

Chapter 3 ■ Security Architecture and Engineering (Domain 3) 63 A. Visual cryptography B. Steganography C. Cryptographic hashing ...

Chapter 7: Security Operations (Domain 7)  385 D. The hypervisor runs within the virtualization platform and serves as the mode ...

64 Chapter 3 ■ Security Architecture and Engineering (Domain 3) Which one of the following is an example of a code, not a ciphe ...

386 Appendix ■ Answers 4 4. B. The scrutiny of hard drives for forensic purposes is an example of media analysis. Embedded devic ...