CISSP Official Practice Tests by Mike Chapple, David Seidl

(chelsyfait) #1

138 Chapter 6 ■ Security Assessment and Testing (Domain 6)



  1. What four types of coverage criteria are commonly used when validating the work of a
    code testing suite?
    A. Input, statement, branch, and condition coverage
    B. Function, statement, branch, and condition coverage
    C. API, branch, bounds, and condition coverage
    D. Bounds, branch, loop, and condition coverage

  2. As part of his role as a security manager, Jacob provides the following chart to his organi-
    zation’s management team. What type of measurement is he providing for them?


Time to Remediate in Days vs. Number of Vulnerabilities
60

45

30

15

0
369
Number of Vulnerabilities

12 15

A. A coverage rate measure
B. A key performance indicator
C. A time to live metric
D. A business criticality indicator


  1. What does using unique user IDs for all users provide when reviewing logs?
    A. Confidentiality
    B. Integrity
    C. Availability
    D. Accountability

Free download pdf