CISSP Official Practice Tests by Mike Chapple, David Seidl

(chelsyfait) #1

Chapter 2 ■ Asset Security (Domain 2) 35



  1. What encryption technology would be appropriate for HIPAA documents in transit?


A. BitLocker
B. DES
C. TLS
D. SSL


  1. Lauren’s employer asks Lauren to classify patient X-ray data that has an internal patient
    identifier associated with it but does not have any way to directly identify a patient. The
    company’s data owner believes that exposure of the data could cause damage (but not
    exceptional damage) to the organization. How should Lauren classify the data?
    A. Public
    B. Sensitive
    C. Private
    D. Confidential

  2. What technology could Lauren’s employer implement to help prevent confidential data
    from being emailed out of the organization?
    A. DLP
    B. IDS
    C. A firewall
    D. UDP

  3. A U.S. government database contains Secret, Confidential, and Top Secret data. How
    should it be classified?
    A. Top S e c re t
    B. Confidential
    C. Secret
    D. Mixed classification

  4. What tool is used to prevent employees who leave from sharing proprietary information
    with their new employers?
    A. Encryption
    B. NDA
    C. Classification
    D. Purging

  5. What encryption algorithm is used by both BitLocker and Microsoft’s Encrypting
    File System?
    A. Blowfish
    B. Serpent
    C. AES
    D. 3DES

Free download pdf