CISSP Official Practice Tests by Mike Chapple, David Seidl

Chapter 12: Practice Test 4 445 Chapter 12: Practice Test 4 C. Detective access controls operate after the fact and are intende ...

446 Appendix ■ Answers 10. A. The onward transfer principle requires that organizations only exchange personal information with ...

Chapter 12: Practice Test 4 447 C. Mike should use overwriting to protect this device. While degaussing is a valid secure data ...

448 Appendix ■ Answers 2 7. C. A power spike is a momentary period of high voltage. A surge is a prolonged period of high voltag ...

Chapter 12: Practice Test 4 449 B. Record retention ensures that data is kept and maintained as long as it is needed, and that ...

450 Appendix ■ Answers 4 7. C. Synchronous communications use a timing or clock mechanism to control the data stream. This can p ...

Chapter 12: Practice Test 4 451 C. The client sends its existing valid TGT to the KDC and requests access to the resource. A. T ...

452 Appendix ■ Answers 6 8. B. System owners have to ensure that the systems they are responsible for are properly labeled based ...

Chapter 12: Practice Test 4 453 B. The recovery time objective (RTO) is the amount of time that it may take to restore a servic ...

454 Appendix ■ Answers 8 8. C. Release control includes acceptance testing to ensure that any alterations to end-user work tasks ...

Chapter 12: Practice Test 4 455 the waterfall and spiral models. The SDLC does not mandate the use of an iterative or sequential ...

456 Appendix ■ Answers 10 9. The disaster recovery test types, listed in order of their potential impact on the business from th ...

Chapter 12: Practice Test 4 457 D. Ed’s best option is to install an IPv6 to IPv4 gateway that can translate traffic between th ...

...

Index Index 2DES (Double DES) encryption algorithm, 69 3DES (Triple DES), 427 127.0.0.1 address, 98 127.0.0.1 IP address, 356 80 ...

460 AES-based CCMP – attacks ARP spoofing, 357 AS (authentication server), 365 ASLR, 75 assembly languages, 448 assessment objec ...

auditing – backups 461 biometrics, 108, 111, 115, 122, 211 device fingerprinting, 418 EAP, 100 factor types, 104 falsified crede ...

462 baseline – CALEA (Communications Assistance to Law Enforcement) encryption and, 356 scanning, 136 botnets, 168, 207, 393 att ...

California Online Privacy Protection Act – code review 463 Class B networks, subnet masks, 93 classification, 28, 33, 35, 37, 39 ...

464 code testing methods – custodians cookies, 450 COPPA (Children’s Online Privacy Protection Act), 18, 255, 324, 430 copyright ...