CISSP Practice question #267

In our software code testing one of the coders is mentioning the test coverage analysis, what is she talking about?
A: Each pair of input parameters to a system.
B: All interfaces exposed by the application.
C: How much of the code was tested in relation to the entire application.
D: The amount of errors in the code.

CBK 6: Security Assessment and Testing
Source: ThorTeaches.com practice tests – https://www.udemy.com/user/thorpedersen/

Answer


C: Test Coverage Analysis: Identifies the how much of the code was tested in relation to the entire application.

show less

Continue Reading

CISSP Practice question #266

Where would we store the Basic Input/Output System (BIOS)?
A: Volatile memory.
B: Non-volatile memory.
C: Flash memory.
D: Referential memory.

CBK 2: Asset Security
Source: ThorTeaches.com practice tests – https://www.udemy.com/user/thorpedersen/

Answer


B: The BIOS on a computer, router or switch is the low-level operating system and configuration. The firmware is stored on an non-volatile embedded device like PROM, EPROM or EEPROM.

show less

Continue Reading

CISSP Practice question #265

Which of these are common attacks on trade secrets?
A: Software piracy.
B: Industrial espionage, trade secrets are security through obscurity, if discovered nothing can be done.
C: Counterfeiting.
D: Someone using your protected design in their products.

CBK 1: Security and Risk Management
Source: ThorTeaches.com practice tests – https://www.udemy.com/user/thorpedersen/

Answer


B: Trade Secrets. While a organization can do nothing if their Trade Secret is discovered, how it is done can be illegal. You tell no one about your formula, your secret sauce. If discovered anyone can use it; you are not protected.

show less

Continue Reading

CISSP Practice question #264

We are discussing our risk responses and we are considering not issuing our employees laptops. What type of risk response would that be?
A: Risk transference.
B: Risk rejection.
C: Risk avoidance.
D: Risk mitigation.

CBK 1: Security and Risk Management
Source: ThorTeaches.com practice tests – https://www.udemy.com/user/thorpedersen/

Answer


C: Risk Avoidance – We don’t issue employees laptops (if possible) or we build the Data Center in an area that doesn’t flood. (Most often done before launching new projects – this could be the Data Center build).

show less

Continue Reading

CISSP Practice question #263

Our Intrusion Prevention Systems (IPS) has blocked permitted traffic, what is this an example of?
A: True positive.
B: True negative.
C: False positive.
D: False negative.

CBK 7: Security Operations
Source: ThorTeaches.com practice tests – https://www.udemy.com/user/thorpedersen/

Answer


C: False Positive: Normal traffic and the system detects it and acts.

show less

Continue Reading

CISSP Practice question #262

For our servers we are using Random Access Memory (RAM), what is one of the key features of RAM?
A: Volatile.
B: Non-volatile.
C: Flash memory.
D: Predictive.

CBK 2: Asset Security
Source: ThorTeaches.com practice tests – https://www.udemy.com/user/thorpedersen/

Answer


A: RAM (Random Access Memory) is volatile memory. It loses the memory content after a power loss (or within a few minutes). This can be memory sticks or embedded memory.

show less

Continue Reading

CISSP Practice question #261

What can we do we do when a type 1 authentication is compromised?
A: Issue a new password.
B: Issue a new ID card.
C: Stop use of that type of biometric for that employee or use another finger if fingerprint.
D: Revoke the token.

CBK 5: Identity and Access Management
Source: ThorTeaches.com practice tests – https://www.udemy.com/user/thorpedersen/

Answer


A: Type 1 Authentication is something you know, this could be passwords, pass phrase, PIN etc. We would issue a new different password.

show less

Continue Reading

CISSP Practice question #260

Which type of Random Access Memory (RAM) could be embedded in the Central Processing Unit (CPU)?
A: SRAM.
B: DRAM.
C: SDRAM.
D: DDR SDRAM.

CBK 2: Asset Security
Source: ThorTeaches.com practice tests – https://www.udemy.com/user/thorpedersen/

Answer


A: SRAM (Static RAM): Fast and Expensive. Uses latches to store bits (Flip-Flops). Does not need refreshing to keep data, keeps data until power is lost. This can be embedded on the CPU.

show less

Continue Reading

CISSP Practice question #259

When physically storing sensitive data in a secure way. Which of these has slots where staff can easily slip sensitive paperwork into?
A: Wall safe.
B: Depository.
C: Vault.
D: Data center.

CBK 2: Asset Security
Source: ThorTeaches.com practice tests – https://www.udemy.com/user/thorpedersen/

Answer


B: A depository is a safe with slots or an opening where staff can add sensitive physical data. Think depositing money at the bank outside of their operating hours in the envelopes at the ATMs.

show less

Continue Reading

I just made all my slides from CISSP video courses available for download in the courses.

Good news everyone! 

I just made all my slides from my CISSP video courses available for download in the courses.

In “Course content” click on the slide download:

I hope having the slides available will make your CISSP studies easier!

If you do not have the courses already, you can buy them here for $9,99, marked down from $199.

https://www.udemy.com/cissp-domain-1-2/?couponCode=NINENINENINE

https://www.udemy.com/cissp-domain-3-4/?couponCode=NINENINENINE

https://www.udemy.com/cissp-domain-5-6/?couponCode=NINENINENINE

 

Mahalo (thank you),

Thor

Continue Reading
1 2 3 44