CISSP Practice Test

A vulnerability test on an Information System (IS) is conducted to

A.

exploit security weaknesses in the IS.

B.

measure system performance on systems with weak security controls.

C.

evaluate the effectiveness of security controls.

D.

prepare for Disaster Recovery (DR) planning.

Which one of the following is a fundamental objective in handling an incident?

A.

To restore control of the affected systems

B.

To confiscate the suspect's computers

C.

To prosecute the attacker

D.

To perform full backups of the system

Which one of the following is the MOST important in designing a biometric access system if it is essential that no one other than authorized individuals are admitted?

A.

False Acceptance Rate (FAR)

B.

False Rejection Rate (FRR)

C.

Crossover Error Rate (CER)

D.

Rejection Error Rate

Which of the following elements MUST a compliant EU-US Safe Harbor Privacy Policy contain?

A.

An explanation of how long the data subject's collected information will be retained for and how it will be eventually disposed.

B.

An explanation of who can be contacted at the organization collecting the information if corrections are required by the data subject.

C.

An explanation of the regulatory frameworks and compliance standards the information collecting organization adheres to.

D.

An explanation of all the technologies employed by the collecting organization in gathering information on the data subject.

The type of authorized interactions a subject can have with an object is

A.

control.

B.

permission.

C.

procedure.

D.

protocol.