CISSP Practice Test

By allowing storage communications to run on top of Transmission Control
Protocol/Internet Protocol (TCP/IP) with a Storage Area Network (SAN), the

A.

confidentiality of the traffic is protected.

B.

opportunity to sniff network traffic exists.

C.

opportunity for device identity spoofing is eliminated.

D.

storage devices are protected against availability attacks.

What is an effective practice when returning electronic storage media to third parties for repair?

A.

Ensuring the media is not labeled in any way that indicates the organization's name.

B.

Disassembling the media and removing parts that may contain sensitive datA.

C.

Physically breaking parts of the media that may contain sensitive datA.

D.

Establishing a contract with the third party regarding the secure handling of the mediA

What maintenance activity is responsible for defining, implementing, and testing updates to application systems?

A.

Program change control

B.

Regression testing

C.

Export exception control

D.

User acceptance testing

The BEST way to check for good security programming practices, as well as auditing for possible backdoors, is to conduct

A.

log auditing.

B.

code reviews.

C.

impact assessments.

D.

static analysis.

Why is a system's criticality classification important in large organizations?

A.

It provides for proper prioritization and scheduling of security and maintenance tasks.

B.

It reduces critical system support workload and reduces the time required to apply patches.

C.

It allows for clear systems status communications to executive management.

D.

It provides for easier determination of ownership, reducing confusion as to the status of the asset.