Appendix A
Practice CISSP Exam
If you’ve never taken a certification exam, you may be wondering what the exam will be like. The CISSP certification exam is fairly straightforward: Each question is multiple-choice and includes four possible answers. Only one answer is the best answer.
This chapter contains 250 questions — the same as in the real CISSP exam. You may consider this a practice run for the CISSP exam. You should time yourself and make sure you can finish in six hours.
Practice Test Questions
1 The number-one priority of disaster planning should always be:
A Preservation of capital
B Personnel evacuation and safety
C Resumption of core business functions
D Investor relations
2 An access control system that grants access to information based on that information’s classification and the clearance of the individual is known as:
A Identity-based access control
B Mandatory access control
C Role-based access control
D Clearance-based access control
3 A database that contains the data structures used by an application is known as:
A A data encyclopedia
B A data dictionary
C Metadata
D A schema
4 The process of breaking the key and/or plaintext from an enciphered message is known as:
A Decryption
B Steganography
C Cryptanalysis
D Extraction
5 The Internet Worm incident of 1988 was perpetrated by:
A The 414 Gang
B Robert Morris
C Kevin Mitnick
D Gene Spafford
6 Access controls and card key systems are examples of:
A Detective controls
B Preventive controls
C Corrective controls
D Trust controls
7 Why should a datacenter’s walls go all the way to the ceiling and not just stop as high as the suspended ceiling?
A The walls will be stronger.
B The HVAC will run more efficiently.
C An intruder could enter the datacenter by climbing over the low wall.
D The high wall will block more noise.
8 Memory that’s used to store computer instructions and data is known as:
A UART
B SIMM
C Cache
D ROM
9 Of what value is separation of authority in an organization?
A It limits the capabilities of any single individual.
B It provides multiple paths for fulfilling critical tasks.
C It accommodates the requirement for parallel audit trails.
D It ensures that only one person is authorized to perform each task.
10 UDP is sometimes called the “unreliable data protocol” because:
A It works only on low-speed wireless LANs.
B UDP packets rarely get through because they have a lower priority.
C Few know how to program UDP.
D UDP does not guarantee delivery.
11 Which of the following is NOT a goal of a Business Impact Assessment (BIA)?
A To inventory mutual aid agreements
B To identify and prioritize business critical functions
C To determine how much downtime the business can tolerate
D To identify resources required by critical processes
12 An access control system that grants access to information based on the identity of the user is known as:
A Identity-based access control
B Mandatory access control
C Role-based access control
D Clearance-based access control
13 The purpose of a Service-Level Agreement is:
A To guarantee a minimum quality of service for an application or function
B To guarantee the maximum quality of service for an application or function
C To identify gaps in availability of an application
D To correct issues identified in a security audit
14 The method of encryption in which both sender and recipient possess a common encryption key is known as:
A Message digest
B Hash function
C Public key cryptography
D Secret key cryptography
15 Forensics is the term that describes:
A Due process
B Tracking hackers who operate in other countries
C Taking steps to preserve and record evidence
D Scrubbing a system in order to return it to service
16 Audit trails and security cameras are examples of:
A Detective controls
B Preventive controls
C Corrective controls
D Trust controls
17 How does water aid in fire suppression?
A It reduces the fire’s oxygen supply.
B It isolates the fire’s fuel supply.
C It lowers the temperature to a degree at which the fire can’t sustain itself.
D It extinguishes the fire through a chemical reaction.
18 Firmware is generally stored on:
A ROM or EPROM
B Tape
C RAM
D Any removable media
19 The term open view refers to what activity?
A Reclassifying a document so that anyone can view it
B Viewing the contents of one’s private encryption key
C Leaving classified information where unauthorized people can see it
D Using a decryption key to view the contents of a message
20 TCP is a poor choice for streaming video because:
A It is too bursty for large networks.
B Acknowledgment and sequencing add significantly to its overhead.
C Checksums in video packets are meaningless.
D TCP address space is nearly exhausted.
21 The longest period of time that an organization can accept a critical outage is known as:
A Maximum Acceptable Downtime
B Greatest Tolerated Downtime
C Maximum Tolerable Downtime
D Recovery Time Objective
22 An access control system that gives the user some control over who has access to information is known as:
A Identity-based access control
B User-directed access control
C Role-based access control
D Clearance-based access control
23 CRCs, parity checks, and checksums are examples of:
A Corrective application controls
B Message digests
C Preventive application controls
D Detective application controls
24 Why would a user’s public encryption key be widely distributed?
A So that cryptographers can attempt to break it
B Because it’s encrypted
C Because the user’s private key can’t be derived from his or her public key
D So that the user can decrypt messages from any location
25 An expert witness:
A Offers an opinion based on the facts of a case and on personal expertise
B Is someone who was present at the scene of the crime
C Has direct personal knowledge about the event in question
D Can testify in criminal proceedings only
26 Reboot instructions and file restore procedures are examples of:
A Detective controls
B Preventive controls
C Corrective controls
D Trust controls
27 Drain pipes that channel liquids away from a building are called:
A Positive drains
B Tight lines
C Storm drains
D Negative drains
28 What’s the purpose of memory protection?
A It protects memory from malicious code.
B It prevents a program from being able to access memory used by another program.
C Memory protection is another term used to describe virtual memory backing store.
D It assures that hardware refresh happens frequently enough to maintain memory integrity.
29 Which individual is responsible for classifying information?
A Owner
B Custodian
C Creator
D User
30 How many layers does the TCP/IP protocol model have?
A 4
B 5
C 6
D 7
31 The primary difference between a hot site and a warm site is:
A The hot site is closer to the organization’s datacenters than the warm site.
B The warm site’s systems don’t have the organization’s software or data installed.
C The warm site doesn’t have computer systems in it.
D The warm site is powered down, but the hot site is powered up and ready to go.
32 Encryption, tokens, access control lists, and smart cards are known as:
A Discretionary access controls
B Physical controls
C Technical controls
D Administrative controls
33 Data mining:
A Can be performed by privileged users only
B Is generally performed after hours because it’s resource-intensive
C Refers to searches for correlations in a data warehouse
D Is the term used to describe the activities of a hacker who has broken into a database
34 Reading down the columns of a message that has been written across is known as:
A A columnar transposition cipher
B Calculating the hash
C Calculating the checksum
D Calculating the modulo
35 A witness:
A Offers an opinion based on the facts of a case and on personal expertise
B Is someone who was present at the scene of the crime
C Has direct personal knowledge about the event in question
D Can testify in criminal proceedings only
36 Covert channel analysis is used to:
A Detect and understand unauthorized communication
B Encipher unauthorized communications
C Decipher unauthorized communications
D Recover unauthorized communications
37 Of what value is pre-employment screening?
A Undesirable medical or genetic conditions could diminish productivity.
B Only certain personality types can work effectively in some organizations.
C Employees need to have knowledge of security.
D Background checks could uncover undesirable qualities.
38 The mapping of existing physical memory into a larger, imaginary memory space is known as:
A Virtual memory
B Swapping
C Thrashing
D Spooling
39 Which individual is responsible for protecting information?
A Owner
B Custodian
C Creator
D User
40 ARP is:
A Access Routing Protocol
B Address Resolution Protocol
C Access Resolution Protocol
D Address Recovery Protocol
41 Which of the following is NOT a concern for a hot site?
A Programs and data at the hot site must be protected.
B A widespread disaster will strain the hot site’s resources.
C A hot site is expensive because of the controls and patches required.
D Computer equipment must be shipped quickly to the hot site for it to be effective.
42 Supervision, audits, procedures, and assessments are known as:
A Discretionary access controls
B Safeguards
C Physical controls
D Administrative controls
43 Object-oriented, relational, and network are examples of:
A Types of database tables
B Types of database records
C Types of database queries
D Types of databases
44 An asymmetric cryptosystem is also known as a:
A Message digest
B Hash function
C Public key cryptosystem
D Secret key cryptosystem
45 Entrapment is defined as:
A Leading someone to commit a crime that they wouldn’t otherwise have committed
B Monitoring with the intent of recording a crime
C Paying someone to commit a crime
D Being caught with criminal evidence in one’s possession
46 Least privilege means:
A Analysis that determines which privileges are required to complete a task.
B People who have high privileges delegate some of those privileges to others.
C The people who have the fewest access rights do all the work.
D Users should have the minimum privileges required to perform required tasks.
47 Which of the following is NOT a part of a building’s automated access audit log?
A Time of the attempted entry
B The reason for the attempted entry
C Location of attempted entry
D Entry success or failure
48 Systems that have published specifications and standards are known as:
A Open source
B Copyleft
C Freeware
D Open systems
49 Which of the following is NOT a criterion for classifying information?
A Marking
B Useful life
C Value
D Age
50 What is the purpose of ARP?
A When given an IP address, ARP returns a MAC address.
B When given a MAC address, ARP returns an IP address.
C It calculates the shortest path between two nodes on a network.
D It acquires the next IP address on a circular route.
51 The Disaster Recovery Plan (DRP) needs to be continuously maintained because:
A The organization’s software versions are constantly changing.
B The organization’s business processes are constantly changing.
C The available software patches are constantly changing.
D The organization’s data is constantly changing.
52 Security guards, locked doors, and surveillance cameras are known as:
A Site-access controls
B Safeguards
C Physical access controls
D Administrative controls
53 Neural networking gets its name from:
A The make and model of equipment in a network
B Patterns thought to exist in the brain
C Its inventor, Sigor Neura
D Observed patterns in neural telepathy
54 The process of hiding a message inside a larger dataset is known as:
A Decryption
B Steganography
C Cryptanalysis
D Extraction
55 Enticement is defined as:
A Being caught with criminal evidence in one’s possession
B Leading someone to commit a crime that they wouldn’t otherwise have committed
C Monitoring with the intent of recording a crime
D Keeping the criminal at the scene of the crime long enough to gather evidence
56 The practice of separation of duties:
A Is used to provide variety by rotating personnel among various tasks
B Helps to prevent any single individual from compromising an information system
C Is used to ensure that the most experienced persons get the best tasks
D Is used in large 24x7 operations shops
57 Tailgating is a term describing what activity?
A Logging in to a server from two or more locations
B Causing a PBX to permit unauthorized long distance calls
C Following an employee through an uncontrolled access
D Following an employee through a controlled access
58 Which of the following is NOT a security issue with distributed architectures?
A Lack of security awareness by some personnel.
B Difficulty in controlling the distribution and use of software.
C Protection of centrally stored information.
D Backups might not be performed on some systems, risking loss of data.
59 What’s the purpose of a senior management statement of security policy?
A It defines who’s responsible for carrying out a security policy.
B It states that senior management need not follow a security policy.
C It emphasizes the importance of security throughout an organization.
D It states that senior management must also follow a security policy.
60 What is the purpose of RARP?
A When given an IP address, RARP returns a MAC address.
B When given a MAC address, RARP returns an IP address.
C It traces the source address of a spoofed packet.
D It determines the least cost route through a multipath network.
61 How is the organization’s DRP best kept up-to-date?
A With regular audits to ensure that changes in business processes are known
B By maintaining lists of current software versions, patches, and configurations
C By maintaining personnel contact lists
D By regularly testing the DRP
62 Role-based access control and task-based access control are examples of:
A Mandatory access controls
B Administrative controls
C Discretionary access controls
D Non-discretionary access controls
63 The verification activity associated with coding is called:
A Unit testing
B Design review
C System testing
D Architecture review
64 Steganography isn’t easily noticed because:
A Monitor and picture quality are so good these days.
B Most PCs’ speakers are turned off or disabled.
C The human eye often can’t sense the noise that steganography introduces.
D Checksums can’t detect most steganographed images.
65 The purpose of a honeypot is to:
A Log an intruder’s actions.
B Act as a decoy to keep the intruder interested while his or her origin and identity are traced.
C Deflect Denial of Service attacks away from production servers.
D Provide direct evidence of a break-in.
66 Which of the following tasks would NOT be performed by a security administrator?
A Changing file permissions
B Configuring user privileges
C Installing system software
D Reviewing audit data
67 What does fail open mean in the context of controlled building entrances?
A Controlled entrances permit no one to pass.
B Controlled entrances permit people to pass without identification.
C A power outage won’t affect control of the entrance.
D A pass key is required to enter the building.
68 TCB is an acronym for:
A Trusted Computing Baseline
B Trusted Computing Base
C Tertiary Computing Base
D Trusted Cache Base
69 What is the purpose of an “advisory policy”?
A This is an optional policy that can be followed.
B This is an informal offering of advice regarding security practices.
C This is a temporary policy good only for a certain period of time.
D This is a policy that must be followed but is not mandated by regulation.
70 132.116.72.5 is a:
A MAC address
B IPv4 address
C Subnet mask
D IPv6 address
71 An organization that’s developing its DRP has established a 20 minute Recovery Time Objective (RTO). Which solution will best support this objective?
A Cluster
B Cold site
C Hot site
D Virtualization
72 Audits, background checks, video cameras, and listening devices are known as:
A Discretionary controls
B Physical controls
C Preventive controls
D Detective controls
73 What’s the primary input of a high-level product design?
A Feasibility study
B Integration rules
C Unit testing
D Requirements
74 What historic event was the backdrop for breakthroughs in strategic cryptography?
A The Gulf War
B World War I
C World War II
D The Six-Day War
75 Which of the following is NOT a precaution that needs to be taken before monitoring e-mail?
A Establishing strict procedures that define under what circumstances e-mail may be searched
B Posting a visible notice that states e-mail is company information subject to search
C Issuing monitoring tools to all e-mail administrators
D Making sure that all employees know that e-mail is being monitored
76 What’s the potential security benefit of rotation of duties?
A It reduces the risk that personnel will perform unauthorized activities.
B It ensures that all personnel are familiar with all security tasks.
C It’s used to detect covert activities.
D It ensures security because personnel aren’t very familiar with their duties.
77 What does fail closed mean in the context of controlled building entrances?
A Controlled entrances permit no one to pass.
B Controlled entrances permit people to pass without identification.
C The access control computer is down.
D Everyone is permitted to enter the building.
78 The sum total of all protection mechanisms in a system is known as a:
A Trusted Computing Base
B Protection domain
C Trusted path
D SPM (Summation Protection Mechanism)
79 What is the definition of a “threat”?
A Any event that produces an undesirable outcome.
B A weakness present in a control or countermeasure.
C An act of aggression that causes harm.
D An individual likely to violate security policy.
80 04:c6:d1:45:87:E8 is a:
A MAC address
B IPv4 address
C Subnet mask
D IPv6 address
81 Which of the following is NOT a natural disaster?
A Tsunami
B Pandemic
C Flood
D Communications outage
82 Smart cards, fences, guard dogs, and card key access are known as:
A Mandatory controls
B Physical controls
C Preventive controls
D Detective controls
83 The main improvement of the Waterfall software life cycle model over earlier process models is:
A System and software requirements are combined into one step.
B Developers can back up one step in the process for rework.
C Coding and testing is combined into one step.
D The need for rework was eliminated.
84 Non-repudiation refers to:
A The technology that shoots down the “I didn’t send that message” excuse
B Re-verification of all Certificate Authority (CA) certificate servers
C The annual competency review of system authentication mechanisms
D The annual competency review of network authentication mechanisms
85 Intellectual property laws apply to:
A Trade secrets, trademarks, copyrights, and patents
B Trademarks, copyrights, and patents
C Trademarks only
D Patents only
86 The process of reviewing and approving changes in production systems is known as:
A Availability management
B Configuration management
C Change management
D Resource control
87 A water sprinkler system that’s characterized as always having water in the pipes is known as:
A Dry-pipe
B Wet-pipe
C Preaction
D Discharge
88 The mechanism that overlaps hardware instructions to increase performance is known as:
A RISC
B Pipeline
C Pipe dream
D Multitasking
89 A weakness in a security control is called a:
A Risk
B Vulnerability
C Threat
D Hole
90 The “ping” command sends:
A IGRP Echo Reply packets
B IGRP Echo Request packets
C ICMP Echo Request packets
D UDP Echo Request packets
91 The term remote journaling refers to:
A A mechanism that transmits transactions to an alternative processing site
B A procedure for maintaining multiple copies of change control records
C A procedure for maintaining multiple copies of configuration management records
D A mechanism that ensures the survivability of written records
92 Is identification weaker than authentication?
A Yes: Identity is based only on the assertion of identity without providing proof.
B Yes: Identification uses ASCII data, whereas authentication uses binary data.
C No: Identification and authentication provide the same level of identity.
D No: They are used in different contexts and have nothing to do with each other.
93 A project team is at the beginning stages of a new software development project. The team wants to ensure that security features are present in the completed software application. In what stage should security be introduced?
A Requirements development
B Test plan development
C Application coding
D Implementation plan development
94 The amount of effort required to break a given ciphertext is known as:
A The Work function
B The Effort function
C Cryptanalysis
D Extraction
95 In order to be admissible, electronic evidence must:
A Be legally permissible
B Not be copied
C Have been in the custody of the investigator at all times
D Not contain viruses
96 The process of maintaining and documenting software versions and settings is known as:
A Availability management
B Configuration management
C Change management
D Resource control
97 A water sprinkler system that charges the pipes when it receives a heat or smoke alarm, and then discharges the water when a higher ambient temperature is reached, is known as:
A Dry-pipe
B Wet-pipe
C Preaction
D Discharge
98 FORTRAN, BASIC, and C are known as:
A Structured languages
B Nested languages
C Second-generation languages
D Third-generation languages
99 A security control intended to reduce risk is called a:
A Safeguard
B Threat
C Countermeasure
D Partition
100 SMTP is used to:
A Manage multiple telnet sessions.
B Tunnel private sessions through the Internet.
C Simulate modems.
D Transport e-mail.
101 Backing up data by sending it through a communications line to a remote location is known as:
A Transaction journaling
B Off-site storage
C Electronic vaulting
D Electronic journaling
102 Two-factor authentication is so called because:
A It requires two of the three authentication types.
B Tokens use two-factor encryption to hide their secret algorithms.
C Authentication difficulty is increased by a factor of two.
D It uses a factor of two prime numbers algorithm for added strength.
103 Which of the following is NOT a value of change control in the software development life cycle?
A Changes are documented and subject to approval.
B Scope creep is controlled.
C It gives the customer veto power over proposed changes.
D The cost of changes is considered.
104 What’s one disadvantage of an organization signing its own certificates?
A The certificate-signing function is labor intensive.
B Anyone outside the organization will receive warning messages.
C The user-identification process is labor intensive.
D It’s much more expensive than having certificates signed by a Certification Authority (CA).
105 Which agency has jurisdiction over computer crimes in the United States?
A The Department of Justice
B The Electronic Crimes Task Force
C Federal, state, or local jurisdiction
D The FBI and the Secret Service
106 Configuration Management is used to:
A Document the approval process for configuration changes.
B Control the approval process for configuration changes.
C Ensure that changes made to an information system don’t compromise its security.
D Preserve a complete history of the changes to software or data in a system.
107 Why would a dry-pipe sprinkler be preferred over a wet-pipe sprinkler?
A Dry-pipe systems put out a fire more quickly.
B Dry-pipe systems consume less water.
C Dry-pipe systems have a smaller likelihood of rust damage.
D Dry-pipe systems have a potentially useful time delay before water is discharged.
108 The purpose of an operating system is to:
A Manage hardware resources.
B Compile program code.
C Decompile program code.
D Present graphic display to users.
109 The purpose of risk analysis is:
A To qualify the classification of a potential threat.
B To quantify the likelihood of a potential threat.
C To quantify the net present value of an asset.
D To quantify the impact of a potential threat.
110 Which of the following is a disadvantage of SSL?
A It requires a certificate on every client system.
B It is CPU intensive.
C All clients must be retrofitted with HTTP v3 browsers.
D An eavesdropper can record and later play back an SSL session.
111 Which of the following is NOT a method used to create an online redundant data set?
A Remote journaling
B Off-site storage
C Electronic vaulting
D Database mirroring
112 The phrase something you are refers to:
A A user’s security clearance
B A user’s role
C Type 2 authentication
D Type 3 authentication
113 How does the Waterfall software development life cycle help to assure that applications will be secure?
A Security requirements can be included early on and verified later in testing.
B The testing phase includes penetration testing.
C The Risk Analysis phase will uncover flaws in the feasibility model.
D A list of valid users must be approved prior to production.
114 The ability for a government agency to wiretap a data connection was implemented in the:
A Skipjack chip
B Magic lantern
C Cutty chip
D Clipper chip
115 Under what circumstance may evidence be seized without a warrant?
A If it’s in the public domain
B If it’s believed that its destruction is imminent
C In international incidents
D If it’s on a computer
116 The traces of original data remaining after media erasure are known as:
A Data remanence
B Data traces
C Leakage
D Data particles
117 Why should a datacenter’s walls go all the way to the ceiling and not just stop as high as the suspended ceiling?
A The walls will serve as an effective fire break.
B The HVAC will run more efficiently.
C The walls will be stronger.
D The high wall will block more noise.
118 Protection rings are used for:
A Implementing memory protection
B Creating nested protection domains
C Modeling layers of protection around an information object
D Shielding systems from EMF
119 Annualized Rate of Occurrence refers to:
A The exact frequency of a threat.
B The estimated frequency of a threat.
C The estimated monetary value of a threat.
D The exact monetary value of a threat.
120 An access control list is NOT used by:
A A firewall or screening router to determine which packets should pass through.
B A router to determine which administrative nodes may access it.
C A bastion host to determine which network services should be permitted.
D A client system to record and save passwords.
121 A DRP that has a high RPO and a low RTO will result in:
A A system that takes more time to recover but has recent data
B A system that recovers quickly but has old data
C A system that recovers quickly and has recent data
D A system that has never been tested
122 Two-factor authentication is stronger than single-factor authentication because:
A It uses a factor of two prime numbers algorithm for added strength.
B It relies on two factors, such as a password and a smart card.
C Authentication difficulty is increased by a factor of two.
D The user must be physically present to authenticate.
123 The main purpose of configuration management is to:
A Require cost justification for any change in a software product.
B Require approval for any desired change in a software product.
C Maintain a detailed record of changes for the lifetime of a software product.
D Provide the customer with a process for requesting configuration changes.
124 The cipher device used by Germany in World War II is known as:
A M-922
B M-902
C Enigma
D Turing
125 Motive, means, and opportunity:
A Are required prior to the commission of a crime
B Are the required three pieces of evidence in any criminal trial
C Are the three factors that help determine whether someone may have committed a crime
D Are the usual ingredients in a sting operation
126 Software controls are used to:
A Perform input checking to ensure that no buffer overflows occur.
B Keep running programs from viewing or changing other programs’ memory.
C Perform configuration management-like functions on software.
D Ensure the confidentiality and integrity of software.
127 Which of the following are NOT fire detectors?
A Dial-up alarms
B Heat-sensing alarms
C Flame-sensing alarms
D Smoke-sensing alarms
128 The TCSEC document is known as the Orange Book because
A It’s orange in color.
B It covers the major classes of computing system security, D through A.
C Its coverage of security was likened to the defoliant Agent Orange.
D No adequate model of computing system security was available at the time.
129 Single Loss Expectancy refers to:
A The expectation of the occurrence of a single loss.
B The monetary loss realized from an individual threat.
C The likelihood that a single loss will occur.
D The annualized monetary loss from a single threat.
130 What is the purpose of the DHCP protocol?
A It’s used to diagnose network problems.
B It assigns IP addresses to servers.
C It assigns IP addresses to stations that join the network.
D It’s used to dynamically build network routes.
131 The purpose of a BIA is:
A To determine the criticality of business processes
B To determine the impact of disasters on critical processes
C To determine the impact of software defects on critical business processes
D To determine which software defects should be fixed first
132 An organization has recently implemented a palm-scan biometric system to control access to sensitive zones in a building. Some employees have objected to the biometric system for sanitary reasons. The organization should:
A Switch to a fingerprint-scanning biometric system.
B Educate users about the inherent cleanliness of the system.
C Allow users who object to the system to be able to bypass it.
D Require employees to use a hand sanitizer prior to using the biometric system.
133 A security specialist has discovered that an application her company produces has a JavaScript injection vulnerability. What advice should the security specialist give to the application’s developers?
A Implement input filtering to block JavaScript and other script languages.
B Upgrade to the latest release of Java.
C Re-compile the application with safe input filtering turned on.
D Re-compile the application by using UTF-8 character set support.
134 Cryptography can be used for all the following situations EXCEPT:
A Performance
B Confidentiality
C Integrity
D Authentication
135 The burden of proof in U.S. civil law is:
A The preponderance of the evidence
B Beyond a reasonable doubt
C Beyond all doubt
D Based on the opinion of the presiding judge
136 An organization may choose to perform periodic background checks on its employees for all the following reasons EXCEPT:
A To determine whether the employee has earned any additional educational degrees
B To determine whether a detrimental change in an employee’s financial situation might entice him or her to steal from the employer
C To determine whether a criminal offense has occurred since the person was hired that would impact the risk of continued employment
D To uncover any criminal offenses that weren’t discovered in the initial background check
137 Which class of hand-held fire extinguisher should be used in a datacenter?
A Class B
B Class C
C Class A
D Class D
138 All the following CPUs are CISC design EXCEPT:
A PDP-11
B Intel x86
C SPARC
D Motorola 68000
139 A system architect has designed a system that is protected with redundant parallel firewalls. This follows which security design principle?
A Avoidance of a single point of failure
B Defense in depth
C Fail open
D Fail closed
140 The type of cable that is best suited for high RF and EMF environments is:
A Fiber-optic
B Shielded twisted-pair
C Coaxial
D Thinnet
141 A Disaster Recovery Planning team has been told by management that the equipment required to meet RTO and RPO targets is too costly. What’s the best course of action to take?
A Classify the system as being out of scope.
B Reduce the RTO and RPO targets.
C Look for less expensive methods for achieving targets and report to management if no alternatives can be found.
D Ask for more budget for recovery systems.
142 A security manager is planning a new video surveillance system. The manager wants the video surveillance system to be both a detective control and a deterrent control. What aspect of the system’s design will achieve this objective?
A Include a video-recording capability in the system.
B Make video cameras conspicuously visible and post warning notices.
C Hide video cameras and don’t post warning notices.
D Make video monitors conspicuously visible.
143 Privacy advocacy organizations are concerned about the practice of aggregation, which involves:
A Selling highly sensitive data to the highest bidder
B Distributing highly sensitive data to third parties
C Combining low-sensitivity data elements that results in highly sensitive data
D Disclosing highly sensitive data to government agencies
144 A cipher uses a table to replace plaintext characters with ciphertext characters. This type of cipher is known as:
A Stream
B Block
C Substitution
D Transposition
145 Under U.S. law, the amount of a fine and the length of imprisonment are based on:
A The opinion of the judge
B The opinion of the jury
C The evidence introduced in a trial
D Federal sentencing guidelines
146 An organization has identified a high-risk activity that’s performed by a single individual. The organization will change the activity so that two or more individuals are required to perform the task. This new setup is known as:
A Single point of failure
B Shared custody
C Split custody
D Separation of duties
147 An organization wants to erect fencing around its property to keep out determined intruders. What are the minimum specifications that the organization should consider?
A Eight feet in height and three strands of barbed wire at the top
B Twelve feet in height and three strands of barbed wire at the top
C Eight feet in height
D Twelve feet in height