单选题Cyberlaw categorizes computer-related crime into three categories. Which of the following is an example of a crime in which the use of a computer would be categorized as incidental?
单选题Which of the following refers to the amount of time it will be expected to take to get a device fixed and back into production?
单选题What type of exploited vulnerability allows more input than the program has allocated space to store it?
单选题In computer programming, cohesion and coupling are used to describe modules of code. Which of the following is a favorable combination of cohesion and coupling?
单选题Whatarethethreetypesofpoliciesthataremissingfromthefollowinggraphic?
单选题Whattypeofinfrastructuralsetupisillustratedinthegraphicthatfollows?
单选题Which of the following is a common association of the Clark-Wilson access model?
单选题There are several types of password management approaches used by identity management systems. Which of the following reduces help-desk call volume, but is also criticized for the ease with which a hacker could gain access to multiple resources if a password is compromised?
单选题Thereareseveralsecurityenforcementcomponentsthatarecommonlybuiltintooperatingsystems.Whichcomponentisillustratedinthegraphicthatfollows?
单选题Whattypeoftechnologyisrepresentedinthegraphicthatfollows?
单选题There are two main types of symmetric ciphers: stream and block. Which of the following is not an attribute of a good stream cipher?
单选题For what purpose was the COSO framework developed?
单选题RAID systems use a number of techniques to provide redundancy and performance. Which of the following activities divides and writes data over several drives?
单选题Bethany is working on a mandatory access control (MAC) system. She has been working on a file that was classified as Secret. She can no longer access this file because it has been reclassified as Top Secret. She deduces that the project she was working on has just increased in confidentiality and she now knows more about this project than her clearance and need-to-know allows. Which of the following refers to a concept that attempts to prevent this type of scenario from occurring?
单选题As a CISSP candidate, you must sign a Code of Ethics. Which of the following is from the (ISC)
2
Code of Ethics for the CISSP?
单选题There are many types of viruses that hackers can use to damage systems. Which of the following is not a correct description of a polymorphic virus?
单选题An outline for a physical security design should include program categories and the necessary countermeasures for each. What category do locks and access controls belong to?
单选题What type of fence detects if someone attempts to climb or cut it?
单选题The Recovery Time Objective (RTO) and Maximum Tolerable Downtime (MTD) metrics have similar roles, but their values are very different. Which of the following best describes the difference between RTO and MTD metrics?
单选题Charlie is a new security manager at a textile company that develops its own proprietary software for internal business processes. Charlie has been told that the new application his team needs to develop must comply with the ISO/IEC 42010 standard. He has found out that many of the critical applications have been developed in the C programming language and has asked for these applications to be reviewed for a specific class of security vulnerabilities.