CISSP - Practice Exam Questions And Accurate
Answers
Data Remanence - Answer The residual of incomplete or even the whole set of digital
information
Disaster Recovery Planning (DRP) - Answer Concerned with the restoration of normal
business operations after the disaster has taken place.works to get the business back
to normal
Maximum tolerable downtime - Answer The maximum time period during which a critical
business function can remain unavailable before the company incurs serious and
irreversible damage.
802.5 IEEE standard defines the Token Ring media access method
Recovery Time Objective The balance against the cost of recover and the cost of
disruption
Resource Requirements portion of the BIA that lists the resources that an organization
needs in order to continue operating each critical business function.
Checklist - Test one in which copies of the plan are given out to each functional area to
make sure the plan deal with their needs
Information Owner - Answer The one person responsible for data, its classification and
control setting
Job Rotation - Answer Moving from location to location, keeping the same function
,Differential power analysis - Answer A: A side-channel attack carried out on smart
cards, looking at the power emission release during processing
Mitigate - Answer: In, it is defined as real-time monitoring and analysis of network
activity and data for possible vulnerabilities and actual attacks in progress.
Electromagnetic analysis -
Threat and Vulnerability Analysis: The orderly review of threats and vulnerabilities that
forms a foundation for a proper risk management process.
Change Control: Making sure full control is applied to the request, implementation, and
traceability; having proper documentation of changes.
Containment: Isolation of systems that are compromised from the network can reduce
further damage.
30 to 90 Days: Most organizations implement password change policies, which range
from
Isochronous - Answer Process must within set time constrains, applications are video
related where audio and video must match perfectly
Detection - Answer Identification and notification of an unauthorized and/or undesired
action
Electronic Vaulting - Answer Periodic, automatic and transparent backup of data in
bulk.
Fault Tolerance - Answer Mitigation of system or component loss or interruption through
,use of backup capability.
Incremental - Answer A backup method use when time and space are a high importance
Secure HTTP - Answer Protocol designed to same individual message securely
Criminal - Answer Conduct that violates government laws developed to protect society
Class C - Answer Has 256 hosts
RAID 0 - Answer Creates one large disk by using several disks
Trade secrets - Answer Considered owned by a company and typically contains
information that gives one an advantage, information is protected for as long the owner
takes protective measures
Redundant Array Of Independent Drives (RAID) - Answer Multiple disks acting as a
single storage device for the purpose of performance and fault tolerance
Proprietary - Answer Define the way in which the organization operates.
Gateway - Answer Used to connect two networks using dissimilar protocols at different
layers of the OSI model
, Classification - Answer The assignment of a level of sensitivity to data (or information)
that results in the specification of controls for each level of classification.
Data Integrity - Answer The property that data meet with a priority expectation of quality
and that the data can be relied upon.
Alarm Filtering - Answer The process of categorizing attack alerts produced from an
IDS in order to distinguish false positives from actual attacks
Coaxial Cable - Answer A cable consisting of a core, inner conductor that is surrounding
by an insulator, an outer cylindrical conductor
Concentrator - Answer Layer 1 network device that is used to connect network
segments together, but provides no traffic control (a hub).
Digital Signature - Answer An asymmetric cryptography mechanism that provides
authentication.
Eavesdropping - Answer A passive network attack involving monitoring of traffic.
E-Mail Spoofing - Answer Forgery of the sender's email address in an email header.
Emanations - Answer Potentially compromising leakage of electrical or acoustical
signals.
Fiber Optics - Answers Bundles of long strands of pure glass that efficiently transmit
light pulses over long distances. Difficult to intercept undetected.
Fraggle - Answer A type of Denial of Service attack that involves sending spoofed UDP
echo request to IP broadcast addresses.
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller Easton. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for $12.99. You're not tied to anything after your purchase.