This article offers you a solid foundation for the Certified Information Systems Security Professional (CISSP) exam. This article is designed for readers and students who want to study for the CISSP certification exam.
The CISSP exam is governed by the International Information Systems Security Certification Consortium, Inc. (ISC)2 organization.
- CISSP – MCQ – Security Management Practices
- CISSP – MCQ – Access Control Systems
- CISSP – MCQ – Telecommunications and Network Security
- CISSP – MCQ – Cryptography
- CISSP – MCQ – Security Architecture and models
- CISSP – MCQ – Operations Security
- CISSP – MCQ – Applications and Systems Development
- CISSP – MCQ – Business Continuity Planning and Disaster Recovery Planning
- CISSP – MCQ – Law, Investigation and Ethics
- CISSP – MCQ – Physical Security
- CISSP – MCQ – Systems Security Engineering
- CISSP – MCQ – Certification and Accreditation
- CISSP – MCQ – Technical Management
- CISSP – MCQ – U.S. Government Information Assurance (IA) Regulations
(ISC)2 is a global not-for-profit organization. It has four primary mission goals:
- Maintain the Common Body of Knowledge for the field of information systems security
- Provide certification for information systems security professionals and practitioners
- Conduct certification training and administer the certification exams
- Oversee the ongoing accreditation of qualified certification candidates through continued education
In this article, all the questions are related to “Business Continuity Planning and Disaster Recovery Planning” and are as follows:
1) Which choice below is NOT a type of motion-detection system?
- Ultrasonic-detection system
- Microwave-detection system
- Host-based intrusion-detection system
- Sonic-detection system
2) Which type of personnel control below helps prevent piggybacking?
- Back doors
- Brute force
- Maintenance hooks
3) Which choice below most accurately describes the prime benefit of using guards?
- Human guards are less expensive than guard dogs.
- Guards can exercise discretionary judgment in a way that automated systems can’t.
- Automated systems have a greater reliability rate than guards.
- Guard dogs cannot discern an intruder’s intent.
4) The recommended optimal relative humidity range for computer operations is:
5) How many times should a diskette be formatted to comply with TCSEC Orange Book object reuse recommendations?
6) Which of the following more closely describes the combustibles in a Class B-rated fire?
7) Which of the following is NOT the proper suppression medium for a Class B fire?
- Soda Acid
8) What does an audit trail or access log usually NOT record?
- How often a diskette was formatted.
- Who attempted access.
- The date and time of the access attempt.
- Whether the attempt was successful.
9) A brownout can be defined as a:
- Prolonged power loss
- Momentary low voltage
- Prolonged low voltage
- Momentary high voltage
10) Which statement below is NOT accurate about smoke damage to electronic equipment?
- Smoke exposure during a fire for a relatively short period does little immediate damage.
- Continuing power to the smoke-exposed equipment can increase the damage.
- Moisture and oxygen corrosion constitute the main damage to the equipment.
- The primary damage done by smoke exposure is immediate.
11) A surge can be defined as a (n):
- Prolonged high voltage
- Initial surge of power at start
- Momentary power loss
- Steady interfering disturbance
12) Which is NOT a type of a fire detector?
13) Which of the following is NOT considered an acceptable replacement for Halon discharge systems?
- Inergen (IG541)
- Halon 1301
- Argon (IG55)
14) Which type of fire extinguishing method contains standing water in the pipe and therefore generally does not enable shutdown of systems before discharge?
- Dry pipe
- Wet pipe
15) Which type of control below is NOT an example of a physical security access control?
- Retinal scanner
- Guard dog
- Five-key programmable lock
- Audit trail
16) Which is NOT a recommended way to dispose of unwanted used data media?
- Destroying CD-ROMs
- Formatting diskettes seven or more times
- Shredding paper reports by cleared personnel
- Copying new data over existing data on diskettes
17) According to the NFPA, which choice below is NOT a recommended risk factor to consider when determining the need for protecting the computing environment from fire?
- Life safety aspects of the computing function or process
- Fire threat of the installation to occupants or exposed property
- Distance of the computing facility from a fire station
- Economic loss of the equipment’s value
18) Which choice below is NOT an example of a Halocarbon Agent?
19) Which statement below most accurately describes a dry pipe sprinkler system?
- Dry pipe is the most commonly used sprinkler system.
- Dry pipe contains air pressure.
- Dry pipe sounds an alarm and delays water release.
- Dry pipe may contain carbon dioxide.
20) The theft of a laptop poses a threat to which tenet of the C.I.A. triad?
- All of the above
21) Which is a benefit of a guard over an automated control?
- Guards can use discriminating judgment.
- Guards are cheaper.
- Guards do not need training.
- Guards do not need pre-employment screening.
22) Which is NOT considered a preventative security measure?
- Audit trails
- Preset locks
23) Which is NOT a PC security control device?
- A cable lock
- A switch control
- A port control
- A file cabinet lock
24) Which choice below is NOT an example of a clean fire-extinguishing agent?
25) What is the recommended height of perimeter fencing to keep out casual trespassers?
- 1′ to 2′ high
- 3′ to 4′ high
- 6′ to 7′ high
- 8′ to 12′ high
26) Why should extensive exterior perimeter lighting of entrances or parking areas be installed?
- To enable programmable locks to be used
- To create two-factor authentication
- To discourage prowlers or casual intruders
- To prevent data remanence
27) Which of the following is NOT a form of data erasure?
28) Which is NOT considered a physical intrusion detection method?
- Audio motion detector
- Photoelectric sensor
- Wave pattern motion detector
- Line supervision
29) Which choice below represents the BEST reason to control the humidity in computer operations areas?
- Computer operators do not perform at their peak if the humidity is too high.
- Electrostatic discharges can harm electronic equipment.
- Static electricity destroys the electrical efficiency of the circuits.
- If the air is too dry, electroplating of conductors may occur.
30) Which team below refers to a standard used in determining the fire safety of a computer room?
- Fire retardant