CISSP Official Practice Tests by Mike Chapple, David Seidl

Chapter 1: Security and Risk Management (Domain 1) 325 D. Wireshark is a protocol analyzer and may be used to eavesdrop on netw ...

326 Appendix ■ Answers 9 7. B. The annualized rate of occurrence is the number of times that risk analysts expect a risk to happ ...

Chapter 2: Asset Security (Domain 2) 327 A. When organizations merge, it is important to understand the state of the security f ...

328 Appendix ■ Answers 6. A. A data retention policy can help to ensure that outdated data is purged, removing potential additio ...

Chapter 2: Asset Security (Domain 2) 329 C. A watermark is used to digitally label data and can be used to indicate ownership. ...

330 Appendix ■ Answers 2 4. B. Scoping involves selecting only the controls that are appropriate for your IT systems, while tail ...

Chapter 2: Asset Security (Domain 2) 331 B. Downgrading systems and media is rare due to the difficulty of ensuring that saniti ...

332 Appendix ■ Answers 4 0. A. When data is stored in a mixed classification environment, it is typically classified based on th ...

Chapter 2: Asset Security (Domain 2) 333 B. Degaussing uses strong magnetic fields to erase magnetic media. Magwipe is a made-u ...

334 Appendix ■ Answers 6 0. B. The GDPR does include requirements that data be processed fairly, maintained securely, and mainta ...

Chapter 2: Asset Security (Domain 2) 335 D. The GDPR does include the need to collect information for specified, explicit, and ...

336 Appendix ■ Answers 8 0. C. Systems used to process data are data processors. Data owners are typically CEOs or other very se ...

Chapter 2: Asset Security (Domain 2) 337 B. Susan’s organization is limiting its risk by sending drives that have been sanitize ...

338 Appendix ■ Answers 9 8. D. When the value of data changes due to legal, compliance, or business reasons, reviewing classific ...

Chapter 3: Security Architecture and Engineering (Domain 3) 339 B. The Digital Signature Standard approves three encryption alg ...

340 Appendix ■ Answers 18. B. Each user retains their private key as secret information. In this scenario, Bob would only have a ...

Chapter 3: Security Architecture and Engineering (Domain 3) 341 A. Mantraps use a double set of doors to prevent piggybacking b ...

342 Appendix ■ Answers 4 3. C. Parameter checking, or input validation, is used to ensure that input provided by users to an app ...

Chapter 3: Security Architecture and Engineering (Domain 3) 343 B. The mean time to failure (MTTF) provides the average amount ...

344 Appendix ■ Answers 6 9. B. In a software as a service environment, the customer has no access to any underlying infrastructu ...