CISSP Practice Test

A company whose Information Technology (IT) services are being delivered from a Tier 4
data center, is preparing a companywide Business Continuity Planning (BCP). Which of the
following failures should the IT manager be concerned with?

A.

Application

B.

Storage

C.

Power

D.

Network

Which of the following actions will reduce risk to a laptop before traveling to a high risk area?

A.

Examine the device for physical tampering

B.

Implement more stringent baseline configurations

C.

Purge or re-image the hard disk drive

D.

Change access codes

What is the MOST important consideration from a data security perspective when an organization plans to relocate?

A.

Ensure the fire prevention and detection systems are sufficient to protect personnel

B.

Review the architectural plans to determine how many emergency exits are present

C.

Conduct a gap analysis of a new facilities against existing security requirements

D.

Revise the Disaster Recovery and Business Continuity (DR/BC) plan

When assessing an organization’s security policy according to standards established by the International Organization for Standardization (ISO) 27001 and 27002, when can management responsibilities be defined?

A.

Only when assets are clearly defined

B.

Only when standards are defined

C.

Only when controls are put in place

D.

Only procedures are defined

An organization has doubled in size due to a rapid market share increase. The size of the
Information Technology (IT) staff has maintained pace with this growth. The organization
hires several contractors whose onsite time is limited. The IT department has pushed its
limits building servers and rolling out workstations and has a backlog of account
management requests.
Which contract is BEST in offloading the task from the IT staff?

A.

Platform as a Service (PaaS)

B.

Identity as a Service (IDaaS)

C.

Desktop as a Service (DaaS)

D.

Software as a Service (SaaS)