单选题As a CISSP candidate, you must sign a Code of Ethics. Which of the following is from the (ISC)
2
Code of Ethics for the CISSP?
单选题There are many types of viruses that hackers can use to damage systems. Which of the following is not a correct description of a polymorphic virus?
单选题An outline for a physical security design should include program categories and the necessary countermeasures for each. What category do locks and access controls belong to?
单选题RAID systems use a number of techniques to provide redundancy and performance. Which of the following activities divides and writes data over several drives?
单选题The Recovery Time Objective (RTO) and Maximum Tolerable Downtime (MTD) metrics have similar roles, but their values are very different. Which of the following best describes the difference between RTO and MTD metrics?
单选题Charlie is a new security manager at a textile company that develops its own proprietary software for internal business processes. Charlie has been told that the new application his team needs to develop must comply with the ISO/IEC 42010 standard. He has found out that many of the critical applications have been developed in the C programming language and has asked for these applications to be reviewed for a specific class of security vulnerabilities.
单选题Angela wants to group together computers by department to make it easier for them to share network resources. Which of the following will allow her to group computers logically?
单选题Preplanned business continuity procedures provide organizations a number of benefits. Which of the following is not a capability enabled by business continuity planning?
单选题The requirement of erasure is the end of the media life cycle if it contains sensitive information. Which of the following best describes purging?
单选题High availability (HA) is a combination of technologies and processes that work together to ensure that specific critical functions are always up and running at the necessary level. To provide this level of high availability, a company has to have a long list of technologies and processes that provide redundancy, fault tolerance, and failover capabilities. Which of the following best describes these characteristics?
单选题Two commonly used networking protocols are TCP and UPD. Which of the following correctly describes the two?
单选题If implemented properly, a one-time pad is a perfect encryption scheme. Which of the following incorrectly describes a requirement for implementation?
单选题Bethany is working on a mandatory access control (MAC) system. She has been working on a file that was classified as Secret. She can no longer access this file because it has been reclassified as Top Secret. She deduces that the project she was working on has just increased in confidentiality and she now knows more about this project than her clearance and need-to-know allows. Which of the following refers to a concept that attempts to prevent this type of scenario from occurring?
单选题What type of fence detects if someone attempts to climb or cut it?
单选题Thereareseveraldifferenttypesofauthenticationtechnologies.Whichtypeisbeingshowninthegraphicthatfollows?
单选题John is responsible for providing a weekly report to his manager outlining the week's security incidents and mitigation steps. What steps should he take if a report has no information?
单选题Electrical power is being provided more through smart grids, which allow for self-healing, resistance to physical and cyberattacks, increased efficiency, and better integration of renewable energy sources. Countries want their grids to be more reliable, resilient, flexible, and efficient. Why does this type of evolution in power infrastructure concern many security professionals?
单选题Amultitaskingoperatingsystemcanhaveseveralprocessesrunningatthesametime.Whatarethecomponentswithintheprocessesthatareshowninthegraphicthatfollows?
单选题As with logical access controls, audit logs should be produced and monitored for physical access controls. Which of the following statements is correct about auditing physical access?
单选题Thereareseveraldifferenttypesofauthenticationtechnologies.Whichtypeisbeingshowninthegraphicthatfollows?