单选题There are many types of viruses that hackers can use to damage systems. Which of the following is not a correct description of a polymorphic virus?
单选题RAID systems use a number of techniques to provide redundancy and performance. Which of the following activities divides and writes data over several drives?
单选题As a CISSP candidate, you must sign a Code of Ethics. Which of the following is from the (ISC)
2
Code of Ethics for the CISSP?
单选题An outline for a physical security design should include program categories and the necessary countermeasures for each. What category do locks and access controls belong to?
单选题What type of fence detects if someone attempts to climb or cut it?
单选题Bethany is working on a mandatory access control (MAC) system. She has been working on a file that was classified as Secret. She can no longer access this file because it has been reclassified as Top Secret. She deduces that the project she was working on has just increased in confidentiality and she now knows more about this project than her clearance and need-to-know allows. Which of the following refers to a concept that attempts to prevent this type of scenario from occurring?
单选题The Recovery Time Objective (RTO) and Maximum Tolerable Downtime (MTD) metrics have similar roles, but their values are very different. Which of the following best describes the difference between RTO and MTD metrics?
单选题Angela wants to group together computers by department to make it easier for them to share network resources. Which of the following will allow her to group computers logically?
单选题Thereareseveraldifferenttypesofauthenticationtechnologies.Whichtypeisbeingshowninthegraphicthatfollows?
单选题Which of the following occurs in a PK.I environment?
单选题Charlie is a new security manager at a textile company that develops its own proprietary software for internal business processes. Charlie has been told that the new application his team needs to develop must comply with the ISO/IEC 42010 standard. He has found out that many of the critical applications have been developed in the C programming language and has asked for these applications to be reviewed for a specific class of security vulnerabilities.
单选题Layer 2 of the OSI model has two sublayers. What are those sublayers, and what are two IEEE standards that describe technologies at that layer?
单选题There are different ways that operating systems can carry out software I/O procedures. Which of the following is used when the CPU sends data to an I/O device and then works on another process's request until the I/O device is ready for more data?
单选题High availability (HA) is a combination of technologies and processes that work together to ensure that specific critical functions are always up and running at the necessary level. To provide this level of high availability, a company has to have a long list of technologies and processes that provide redundancy, fault tolerance, and failover capabilities. Which of the following best describes these characteristics?
单选题Management support is critical to the success of a business continuity plan. Which of the following is the most important to be provided to management to obtain their support?
单选题Preplanned business continuity procedures provide organizations a number of benefits. Which of the following is not a capability enabled by business continuity planning?
单选题Amultitaskingoperatingsystemcanhaveseveralprocessesrunningatthesametime.Whatarethecomponentswithintheprocessesthatareshowninthegraphicthatfollows?
单选题Amultitaskingoperatingsystemcanhaveseveralprocessesrunningatthesametime.Whatarethecomponentswithintheprocessesthatareshowninthegraphicthatfollows?
单选题Which of the following indicates to a packet where to go and how to communicate with the right service or protocol on the destination computer?
单选题The following scenario will be used for questions 28 and 29.Jack has been told that successful attacks have been taking place and data that have been encrypted by his company's software systems have leaked to the company's competitors. Through Jack's investigation he has discovered that the lack of randomness in the seeding values used by the encryption algorithms in the company's software uncovered patterns and allowed for successful reverse engineering.
单选题The requirement of erasure is the end of the media life cycle if it contains sensitive information. Which of the following best describes purging?
单选题Which of the following correctly best describes an object-oriented database?
单选题Tom works at a large retail company that recently deployed radio-frequency identification (RFID) to better manage its inventory processes. Employees use scanners to gather product-related information instead of manually looking up product data. Tom has found out that malicious customers have carried out attacks on the RFID technology to reduce the amount they pay on store items. Which of the following is the most likely reason for the existence of this type of vulnerability?
单选题As with logical access controls, audit logs should be produced and monitored for physical access controls. Which of the following statements is correct about auditing physical access?
单选题Two commonly used networking protocols are TCP and UPD. Which of the following correctly describes the two?
单选题Whatisthemissingsecondstepinthegraphicthatfollows?
单选题Whattypeoftechnologyisrepresentedinthegraphicthatfollows?
单选题If implemented properly, a one-time pad is a perfect encryption scheme. Which of the following incorrectly describes a requirement for implementation?
单选题John is responsible for providing a weekly report to his manager outlining the week's security incidents and mitigation steps. What steps should he take if a report has no information?
单选题Risk assessment has several different methodologies. Which of the following official risk methodologies was not created for the purpose of analyzing security risks?
单选题Electrical power is being provided more through smart grids, which allow for self-healing, resistance to physical and cyberattacks, increased efficiency, and better integration of renewable energy sources. Countries want their grids to be more reliable, resilient, flexible, and efficient. Why does this type of evolution in power infrastructure concern many security professionals?
单选题Whattypeofsecurityencryptioncomponentismissingfromthetablethatfollows?
单选题As his company's business continuity coordinator, Matthew is responsible for helping recruit members to the business continuity planning (BCP) committee. Which of the following does not correctly describe this effort?
单选题Thereareseveraldifferenttypesofauthenticationtechnologies.Whichtypeisbeingshowninthegraphicthatfollows?
单选题Jill is establishing a companywide sales program that will require different user groups with different privileges to access information on a centralized database. How should the security manager secure the database?
单选题Whattypeofriskanalysisapproachdoesthefollowinggraphicprovide?
单选题Guidelines should be followed to allow secure remote administration. Which of the following is not one of those guidelines?
单选题The following scenario will be used for questions 30 and 31.Stephanie has been put in charge of developing incident response and forensics procedures her company needs to carry out if an incident occurs. She needs to ensure that their procedures map to the international principles for gathering and protecting digital evidence. She also needs to ensure that if and when internal forensics teams are deployed, they have labels, tags, evidence bags, cable ties, imaging software, and other associated tools.
单选题IDSs can detect intruders by employing electromechanical systems or volumetric systems. Which of the following correctly describes these systems?
单选题Which of the following is a correct description of the pros and cons associated with third-generation programming languages?
单选题Whattypeofriskanalysisapproachdoesthefollowinggraphicprovide?
单选题Which of the following is a legal form of eavesdropping when performed with prior consent or a warrant?
单选题There are different types of approaches to regulations. Which of the following is an example of self-regulation?
单选题Whattypeoftelecommunicationtechnologyisillustratedinthegraphicthatfollows?
单选题Gizmos and Gadgets has restored its original facility after a disaster. What should be moved in first?
单选题Whatarethethreetypesofpoliciesthataremissingfromthefollowinggraphic?
单选题The operations team is responsible for defining which data gets backed up and how often. Which type of backup process backs up files that have been modified since the last time all data was backed up?
单选题Differenttypesofmaterialarebuiltintowallsandotherconstructsofvarioustypesofbuildingsandfacilities.Whattypeofmaterialisshowninthefollowingphoto?
单选题Severaldifferenttypesofsmokeandfiredetectorscanbeused.Whattypeofdetectorisshowninthefollowinggraphic?