CISSP : Certified Information Systems Security Professional : Part 03

CISSP : Certified Information Systems Security Professional : Part 03

CISSP : Certified Information Systems Security Professional : Part 03

  1. Which of the following methods of suppressing a fire is environmentally friendly and the MOST appropriate for a data center?

    • Inert gas fire suppression system 
    • Halon gas fire suppression system
    • Dry-pipe sprinklers
    • Wet-pipe sprinklers

  2. Unused space in a disk cluster is important in media analysis because it may contain which of the following?

    • Residual data that has not been overwritten 
    • Hidden viruses and Trojan horses
    • Information about the File Allocation table (FAT)
    • Information about patches and upgrades to the system

  3. A company seizes a mobile device suspected of being used in committing fraud. What would be the BEST method used by a forensic examiner to isolate the powered-on device from the network and preserve the evidence?

    • Put the device in airplane mode 
    • Suspend the account with the telecommunication provider
    • Remove the SIM card
    • Turn the device off

  4. Which of the following is MOST appropriate for protecting confidentially of data stored on a hard drive?

    • Triple Data Encryption Standard (3DES)
    • Advanced Encryption Standard (AES) 
    • Message Digest 5 (MD5)
    • Secure Hash Algorithm 2(SHA-2)

  5. Which of the following is the MOST effective method to mitigate Cross-Site Scripting (XSS) attacks?

    • Use Software as a Service (SaaS)
    • Whitelist input validation 
    • Require client certificates
    • Validate data output

  6. What is the MOST significant benefit of an application upgrade that replaces randomly generated session keys with certificate based encryption for communications with backend servers?

    • Non-repudiation
    • Efficiency
    • Confidentially
    • Privacy

  7. A user has infected a computer with malware by connecting a Universal Serial Bus (USB) storage device.

    Which of the following is MOST effective to mitigate future infections?

    • Develop a written organizational policy prohibiting unauthorized USB devices
    • Train users on the dangers of transferring data in USB devices
    • Implement centralized technical control of USB port connections 
    • Encrypt removable USB devices containing data at rest

  8. An organization has a short-term agreement with a public Cloud Service Provider (CSP). Which of the following BEST protects sensitive data once the agreement expires and the assets are reused?

    • Recommend that the business data owners use continuous monitoring and analysis of applications to prevent data loss
    • Recommend that the business data owners use internal encryption keys for data-at-rest and data-in-transit to the storage environment
    • Use a contractual agreement to ensure the CSP wipes and data from the storage environment
    • Use a National Institute of Standards and Technology (NIST) recommendation for wiping data on the storage environment

  9. The MAIN task of promoting security for Personal Computers (PC) is:

    • understanding the technical controls and ensuring they are correctly installed
    • understanding the required systems and patching processes for different Operating Systems (OS)
    • making sure that users are using only valid, authorized software, so that the chance of virus infection is reduced
    • making users understand the risks to the machines and data, so they will take appropriate steps to protect them

  10. The personal laptop of an organization executive is stolen from the office, complete with personnel and project records. Which of the following should be done FIRST to mitigate future occurrences?

    • Encrypt disks on personal laptops
    • Issue cable locks for use on personal laptops
    • Create policies addressing critical information on personal laptops
    • Monitor personal laptops for critical information

  11. Which one of the following can be used to detect an anomaly in a system by keeping track of the state of files that do not normally change?

    • System logs
    • Anti-spyware
    • Integrity checker
    • Firewall logs

  12. Which attack defines a piece of code that is inserted into software to trigger a malicious function?

    • Phishing
    • Salami
    • Back door
    • Logic bomb

  13. Data remanence is the biggest threat in which of the following scenarios?

    • A physical disk drive has been overwritten and reused within a datacenter
    • A physical disk drive has been degaussed, verified, and released to a third party for destruction
    • A flash drive has been overwritten, verified, and reused within a datacenter
    • A flash drive has been overwritten and released to a third party for destruction

  14. Which of the following is used to ensure that data mining activities will NOT reveal sensitive data?

    • Implement two-factor authentication on the underlying infrastructure
    • Encrypt data at the field level and tightly control encryption keys
    • Preprocess the databases to see if information can be disclosed from the learned patterns
    • Implement the principle of least privilege on data elements so a reduced number of users can access the database

  15. How long should the records on a project be retained?

    • For the duration of the project, or at the discretion of the record owner
    • Until they are no longer useful or required by policy
    • Until five years after the project ends, then move to archives
    • For the duration of the organization fiscal year

  16. Which of the following is the MOST effective countermeasure against data remanence?

    • Destruction
    • Clearing
    • Purging
    • Encryption

  17. The application owner of a system that handles confidential data leaves an organization. It is anticipated that a replacement will be hired in approximately six months. During that time, which of the following should the organization do?

    • Grant temporary access to the former application owner’s account
    • Assign a temporary application owner to the system
    • Restrict access to the system until a replacement application owner is hired
    • Prevent changes to the confidential data until a replacement application owner is hired

  18. Assume that a computer was powered off when an information security professional arrived at a crime scene. Which of the following actions should be performed after the crime scene is isolated?

    • Turn the computer on and collect volatile data
    • Turn the computer on and collect network information
    • Leave the computer off and prepare the computer for transportation to the laboratory
    • Remove the hard drive, prepare it for transportation, and leave the hardware at the scene

  19. Which of the following is a MAJOR concern when there is a need to preserve or retain information for future retrieval?

    • Laws and regulations may change in the interim, making it unnecessary to retain the information
    • The expense of retaining the information could become untenable for the organization
    • The organization may lose track of the information and not dispose of it securely
    • The technology needed to retrieve the information may not be available in the future

  20. Which of the following is the BEST way to protect against Structured Query Language (SQL) injection?

    • Enforce boundary checking
    • Restrict use of SELECT command
    • Restrict HyperText Markup Language (HTML) source code access
    • Use stored procedures