CISSP : Certified Information Systems Security Professional : Part 15

A company-wide penetration test result shows customers could access and read files through a web browser. Which of the following can be used to mitigate this vulnerability?
- Enforce the chmod of files to 755
- Enforce the control of file directory listings
- Implement access control on the web server
- Implement Secure Sockets Layer (SSL) certificates throughout the web server
When planning a penetration test, the tester will be MOST interested in which information?
- Places to install back doors
- The main network access points
- Job application handouts and tours
- Exploits that can attack weaknesses
What is the PRIMARY objective for conducting an internal security audit?
- Verify that all systems and Standard Operating Procedures (SOP) are properly documented
- Verify that all personnel supporting a system are knowledgeable of their responsibilities
- Verify that security controls are established following best practices
- Verify that applicable security controls are implemented and effective
Which of the following is a characteristic of the independent testing of a program?
- Independent testing increases the likelihood that a test will expose the effect of a hidden feature.
- Independent testing decreases the likelihood that a test will expose the effect of a hidden feature.
- Independent testing teams help decrease the cost of creating test data and system design specifications.
- Independent testing teams help identify functional requirements and Service Level Agreements (SLA) to improve program reliability.
Which of the following is a characteristic of covert security testing?
- Induces less risk than overt testing
- Focuses on identifying vulnerabilities
- Tests and validates all security controls in the organization
- Tests staff knowledge and implementation of the organization’s security policy
The security team has been tasked with performing an interface test against a front-end external facing application and needs to verify that all input fields protect against invalid input. Which of the following BEST assists this process?
- Application fuzzing
- Instruction set simulation
- Regression testing
- Sanity testing
A security professional has been requested by the Board of Directors and Chief Information Security Officer (CISO) to perform an internal and external penetration test. What is the BEST course of action?
- Review data localization requirements and regulations
- Review corporate security policies and procedures
- With notice to the organization, perform an internal penetration test first, then an external test
- With notice to the organization, perform an external penetration test first, then an internal test
Which of the following is a PRIMARY challenge when running a penetration test?
- Determining the cost
- Establishing a business case
- Remediating found vulnerabilities
- Determining the depth of coverage
Which type of test suite should be run for fast feedback during application development?
- Smoke
- Specific functionality
- Full regression
- End-to-end
An organization is found lacking the ability to properly establish performance indicators for its Web hosting solution during an audit. What would be the MOST probable cause?
- Absence of a Business Intelligence (BI) solution
- Inadequate cost modeling
- Improper deployment of the Service-Oriented Architecture (SOA)
- Insufficient Service Level Agreement (SLA)
Which of the following types of business continuity tests includes assessment of resilience to internal and external risks without endangering live operations?
- Walkthrough
- Simulation
- Parallel
- White box
What is the PRIMARY reason for implementing change management?
- Certify and approve releases to the environment
- Provide version rollbacks for system changes
- Ensure that all applications are approved
- Ensure accountability for changes to the environment
Which of the following is a PRIMARY advantage of using a third-party identity service?
- Consolidation of multiple providers
- Directory synchronization
- Web based logon
- Automated account management
With what frequency should monitoring of a control occur when implementing Information Security Continuous Monitoring (ISCM) solutions?
- Continuously without exception for all security controls
- Before and after each change of the control
- At a rate concurrent with the volatility of the security control
- Only during system implementation and decommissioning
What should be the FIRST action to protect the chain of evidence when a desktop computer is involved?
- Take the computer to a forensic lab
- Make a copy of the hard drive
- Start documenting
- Turn off the computer
What is the MOST important step during forensic analysis when trying to learn the purpose of an unknown application?
- Disable all unnecessary services
- Ensure chain of custody
- Prepare another backup of the system
- Isolate the system from the network
A Business Continuity Plan/Disaster Recovery Plan (BCP/DRP) will provide which of the following?
- Guaranteed recovery of all business functions
- Minimization of the need decision making during a crisis
- Insurance against litigation following a disaster
- Protection from loss of organization resources
When is a Business Continuity Plan (BCP) considered to be valid?
- When it has been validated by the Business Continuity (BC) manager
- When it has been validated by the board of directors
- When it has been validated by all threat scenarios
- When it has been validated by realistic exercises
Explanation:

Reference: http://www.manchester.gov.uk/info/200039/emergencies/6174/business_continuity_planning/5
Recovery strategies of a Disaster Recovery planning (DRIP) MUST be aligned with which of the following?
- Hardware and software compatibility issues
- Applications’ critically and downtime tolerance
- Budget constraints and requirements
- Cost/benefit analysis and business objectives
Explanation:

Reference: http://www.pearsonitcertification.com/articles/article.aspx?p=1329710&seqNum=3
Which of the following is the FIRST step in the incident response process?
- Determine the cause of the incident
- Disconnect the system involved from the network
- Isolate and contain the system involved
- Investigate all symptoms to confirm the incident

CISSP : Certified Information Systems Security Professional : All Parts
CISSP Part 01	CISSP Part 08	CISSP Part 15	CISSP Part 22
CISSP Part 02	CISSP Part 09	CISSP Part 16	CISSP Part 23
CISSP Part 03	CISSP Part 10	CISSP Part 17	CISSP Part 24
CISSP Part 04	CISSP Part 11	CISSP Part 18	CISSP Part 25
CISSP Part 05	CISSP Part 12	CISSP Part 19	CISSP Part 26
CISSP Part 06	CISSP Part 13	CISSP Part 20	CISSP Part 27
CISSP Part 07	CISSP Part 14	CISSP Part 21	CISSP Part 28

CISSP : Certified Information Systems Security Professional : All Parts
CISSP Part 01	CISSP Part 08	CISSP Part 15	CISSP Part 22
CISSP Part 02	CISSP Part 09	CISSP Part 16	CISSP Part 23
CISSP Part 03	CISSP Part 10	CISSP Part 17	CISSP Part 24
CISSP Part 04	CISSP Part 11	CISSP Part 18	CISSP Part 25
CISSP Part 05	CISSP Part 12	CISSP Part 19	CISSP Part 26
CISSP Part 06	CISSP Part 13	CISSP Part 20	CISSP Part 27
CISSP Part 07	CISSP Part 14	CISSP Part 21	CISSP Part 28

CISSP : Certified Information Systems Security Professional : Part 15

A company-wide penetration test result shows customers could access and read files through a web browser. Which of the following can be used to mitigate this vulnerability?

When planning a penetration test, the tester will be MOST interested in which information?

What is the PRIMARY objective for conducting an internal security audit?

Which of the following is a characteristic of the independent testing of a program?

Which of the following is a characteristic of covert security testing?

The security team has been tasked with performing an interface test against a front-end external facing application and needs to verify that all input fields protect against invalid input. Which of the following BEST assists this process?

A security professional has been requested by the Board of Directors and Chief Information Security Officer (CISO) to perform an internal and external penetration test. What is the BEST course of action?

Which of the following is a PRIMARY challenge when running a penetration test?

Which type of test suite should be run for fast feedback during application development?

An organization is found lacking the ability to properly establish performance indicators for its Web hosting solution during an audit. What would be the MOST probable cause?

Which of the following types of business continuity tests includes assessment of resilience to internal and external risks without endangering live operations?

What is the PRIMARY reason for implementing change management?

Which of the following is a PRIMARY advantage of using a third-party identity service?

With what frequency should monitoring of a control occur when implementing Information Security Continuous Monitoring (ISCM) solutions?

What should be the FIRST action to protect the chain of evidence when a desktop computer is involved?

What is the MOST important step during forensic analysis when trying to learn the purpose of an unknown application?

A Business Continuity Plan/Disaster Recovery Plan (BCP/DRP) will provide which of the following?

When is a Business Continuity Plan (BCP) considered to be valid?

Recovery strategies of a Disaster Recovery planning (DRIP) MUST be aligned with which of the following?

Which of the following is the FIRST step in the incident response process?