CISSP Practice question #7

A fire can be which type of a disaster?
A: Environmental.
B: Human.
C: Natural.
D: All of these.

CBK 7: Security Operations
Source: ThorTeaches.com practice tests

Answer


D: Fires can be caused by nature, our environment and people.

show less

IT security trainer.
Sharing my knowledge, to help you reach your IT certification goals.
CISSP, C|EH, PMP, CCNP, CompTIA Security+, SCP, CCNA-Security, CCNA, et. Al.

Continue Reading

CISSP Practice question #6

Why would we use a RTM in software testing?
A: To ensure we are secure.
B: To test for malformed input.
C: To map requirements to the testing plan.
D: To test the code while executing it.

CBK 6: Security Assessment and Testing
Source: ThorTeaches.com practice tests

Answer


C: TM/RTM (Requirements Traceability Matrix): Normally a table, used to map customer requirements to the testing plan using a many-to-many relationship comparison. A requirements traceability matrix may be used to check if the current project requirements are being met, and to help in the creation of a request for proposal, software requirements specification, various deliverable documents, and project plan tasks.

show less

IT security trainer.
Sharing my knowledge, to help you reach your IT certification goals.
CISSP, C|EH, PMP, CCNP, CompTIA Security+, SCP, CCNA-Security, CCNA, et. Al.

Continue Reading

CISSP Practice question #5

Who would perform a structured audit?
A: Senior management.
B: IT security staff.
C: External auditors.
D: Internal auditors.

CBK 6: Security Assessment and Testing
Source: ThorTeaches.com practice tests

Answer


C: Structured audits (3rd party): External auditors there to validate compliance, they are experts and the audit adds credibility. Can also be a knowledge transfer for the organization, required annually in many organizations.

show less

IT security trainer.
Sharing my knowledge, to help you reach your IT certification goals.
CISSP, C|EH, PMP, CCNP, CompTIA Security+, SCP, CCNA-Security, CCNA, et. Al.

Continue Reading

CISSP Practice question #4

Which is true about Twofish?
A: It is a 64bit block cipher, with 56bit keys.
B: It is a 64bit block cipher with a 112bit key.
C: It is a 64bit block cipher with a 128bit key.
D: It is a 128bit block cipher with 128, 192 or 256bit keys.

CBK 3: Security Engineering
Source: ThorTeaches.com practice tests

Answer


D: Twofish. Uses Feistel. Symmetric, block cipher 128bit blocks, key length 128, 192, 256 bits. Considered secure.

show less

IT security trainer.
Sharing my knowledge, to help you reach your IT certification goals.
CISSP, C|EH, PMP, CCNP, CompTIA Security+, SCP, CCNA-Security, CCNA, et. Al.

Continue Reading

CISSP Practice question #3

Which is not a SDLC software development methodology?
A: Waterfall.
B: Agile.
C: Sashimi.
D: Bottom-up.

CBK 8: Software Development Security
Source: ThorTeaches.com practice tests

Answer


D: Waterfall , Agile and Sashimi are all SDLC methods, bottom-up is not.

show less

IT security trainer.
Sharing my knowledge, to help you reach your IT certification goals.
CISSP, C|EH, PMP, CCNP, CompTIA Security+, SCP, CCNA-Security, CCNA, et. Al.

Continue Reading

CISSP Practice question #2

In software development security should be:
A: Added on later.
B: Added when we are compromised.
C: Designed into the software.
D: Added only in important areas.

CBK 8: Software Development Security
Source: ThorTeaches.com practice tests

Answer


C: Security should be designed into the software and be part of the initial requirements just as functionality is. The more breaches and compromises more we see the move towards security being part of the scope of the software design project. We use software, at our jobs, our personal lives, our homes, cars, power, water … It is everywhere and it has been and still is common to write functional code, security is an afterthought or not considered at all.

show less

IT security trainer.
Sharing my knowledge, to help you reach your IT certification goals.
CISSP, C|EH, PMP, CCNP, CompTIA Security+, SCP, CCNA-Security, CCNA, et. Al.

Continue Reading

CISSP Practice question #1

A smoke photoelectric detector detects what?
A: The infrared light emitted from a fire.
B: A change in the light indicating higher particle density.
C: A rise in temperature indicating a fire.
D: If the light is off in the data center.

CBK 3: Security Engineering
Source: ThorTeaches.com practice tests

Answer


B: Smoke Detectors: Photoelectric uses LED (Light Emitting Diode) and a photoelectric sensor that produces a small charge while receiving light. Triggers when smoke or any higher particle density interrupts the light.

show less

IT security trainer.
Sharing my knowledge, to help you reach your IT certification goals.
CISSP, C|EH, PMP, CCNP, CompTIA Security+, SCP, CCNA-Security, CCNA, et. Al.

Continue Reading