CISSP Practice question #126

Bob is working on categorizing incidences for our incident management plan what category does fires fall under?
A: Natural.
B: Environmental.
C: Human.
D: All of these.

CBK 7: Security Operations
Source: ThorTeaches.com practice tests

Answer


D: Fires can be natural, caused by our equipment or set by people.

show less

IT security trainer.
Sharing my knowledge, to help you reach your IT certification goals.
CISSP, C|EH, PMP, CCNP, CompTIA Security+, SCP, CCNA-Security, CCNA, et. Al.

Continue Reading

CISSP Practice question #125

What was the speed of T3?
A: 1,544Mbps.
B: 44,736Mbps.
C: 2,048Mbps.
D: 34,368Mbps.

CBK 4: Communication and Network Security
Source: ThorTeaches.com practice tests

Answer


D: E3 (Europe): 16 bundled E1 lines, creating a dedicated 34,368 Mbps circuit.

show less

IT security trainer.
Sharing my knowledge, to help you reach your IT certification goals.
CISSP, C|EH, PMP, CCNP, CompTIA Security+, SCP, CCNA-Security, CCNA, et. Al.

Continue Reading

CISSP Practice question #124

In the IAAA model which is not one of the A’s?
A: Authentication.
B: Alteration.
C: Authorization.
D: Accountability.

CBK 1: Security and Risk Management
Source: ThorTeaches.com practice tests

Answer


B: IAAA is Identification and Authentication, Authorization and Accountability. Alteration is the opposite of integrity from the CIA triad.

show less

IT security trainer.
Sharing my knowledge, to help you reach your IT certification goals.
CISSP, C|EH, PMP, CCNP, CompTIA Security+, SCP, CCNA-Security, CCNA, et. Al.

Continue Reading

CISSP Practice question #123

Which plan would we look at in our BCP for dealing with evacuating staff in an emergency?
A: COOP.
B: CCP.
C: OEP.
D: CIRP.

CBK 7: Security Operations
Source: ThorTeaches.com practice tests

Answer


C: OEP (Occupant Emergency Plan): How do we protect our facilities, our staff and the environment in a disaster event. This could be fires, hurricanes, floods, criminal attacks, terrorism, etc. Focuses on safety and evacuation, details how we evacuate, how often we do the drills and the training staff should get.

show less

IT security trainer.
Sharing my knowledge, to help you reach your IT certification goals.
CISSP, C|EH, PMP, CCNP, CompTIA Security+, SCP, CCNA-Security, CCNA, et. Al.

Continue Reading

CISSP Practice question #122

What is the most important to secure the safety of first in an emergency?
A: Staff.
B: Critical servers.
C: The building.
D: Backups.

CBK 3: Security Engineering
Source: ThorTeaches.com practice tests

Answer


A: Remember people are always more important to protect than stuff.

show less

IT security trainer.
Sharing my knowledge, to help you reach your IT certification goals.
CISSP, C|EH, PMP, CCNP, CompTIA Security+, SCP, CCNA-Security, CCNA, et. Al.

Continue Reading

CISSP Practice question #121

Why would we use a differential backups over an incremental?
A: Faster restores.
B: Faster backup time.
C: To exclude certain directories from the backup.
D: To include all directories in the backup.

CBK 7: Security Operations
Source: ThorTeaches.com practice tests

Answer


A: Differential backup: Backs up everything since the last Full backup. Does not clear the archive bit. Faster to restore since we just need 2 tapes for a full restore, the full and the differential. Backups take longer tan the incrementals, we are backing everything since the last full.

show less

IT security trainer.
Sharing my knowledge, to help you reach your IT certification goals.
CISSP, C|EH, PMP, CCNP, CompTIA Security+, SCP, CCNA-Security, CCNA, et. Al.

Continue Reading

CISSP Practice question #120

Which project management methodology is better geared towards year long project with very clear software requirements that should not change?
A: Waterfall.
B: Agile.
C: XP.
D: Rapid prototyping.

CBK 8: Software Development Security
Source: ThorTeaches.com practice tests

Answer


A: Waterfall methodology is well suited for long, very clearly defined projects.

show less

IT security trainer.
Sharing my knowledge, to help you reach your IT certification goals.
CISSP, C|EH, PMP, CCNP, CompTIA Security+, SCP, CCNA-Security, CCNA, et. Al.

Continue Reading

CISSP Practice question #119

What would be proper data disposal of SSD drives?
A: Degaussing.
B: Formatting.
C: Deleting all files.
D: Overwriting.

CBK 2: Asset Security
Source: ThorTeaches.com practice tests

Answer


D: SSD drives can’t be degaussed and formatting or deleting the files only removes the file structure, most if not all files are recoverable. We would need to overwrite all the data with random 0s and 1s.

show less

IT security trainer.
Sharing my knowledge, to help you reach your IT certification goals.
CISSP, C|EH, PMP, CCNP, CompTIA Security+, SCP, CCNA-Security, CCNA, et. Al.

Continue Reading

CISSP Practice question #118

Testing is done to:
A: See if the plan is accurate, complete and effective.
B: See how staff reacts and to train them.
C: Ensure the plan is being followed and understood.
D: Ensure compliance with regulations.

CBK 7: Security Operations
Source: ThorTeaches.com practice tests

Answer


A: Testing: To ensure the plan is accurate, complete and effective, happens before we implement the plan.

show less

IT security trainer.
Sharing my knowledge, to help you reach your IT certification goals.
CISSP, C|EH, PMP, CCNP, CompTIA Security+, SCP, CCNA-Security, CCNA, et. Al.

Continue Reading

CISSP Practice question #117

What would be a good security practice for BYOD and IOT devices?
A: Segment them on their own VLAN.
B: Allow them on the normal network so we can monitor them.
C: Allow employees to keep PHI on their own devices.
D: Let them use the same wireless as medical equipment is on.

CBK 7: Security Operations
Source: ThorTeaches.com practice tests

Answer


A: BYOD and IOT almost never has as good security posture as the organization hardware, we want to segment it on it’s own limited VLAN to ensure any compromised hardware can do as little damage as possible.

show less

IT security trainer.
Sharing my knowledge, to help you reach your IT certification goals.
CISSP, C|EH, PMP, CCNP, CompTIA Security+, SCP, CCNA-Security, CCNA, et. Al.

Continue Reading