Home > Blogs > CISSP Questions of the Week

CISSP Questions of the Week

These CISSP Questions of the Week questions and answers were developed by Shon Harris and the Logical Security development team. We hope you find this to be a helpful resource. Simply select the "Click Here" under each question to find the answer.

1. Which of the following is not a core principle of the Organization for Economic Co-operation and Development (OECD) Guidelines?

   i.   Collection of personal data should be limited, obtained by lawful and fair means, and with the knowledge of the subject.
   ii.  Personal data should be kept complete and current, and be relevant to the purposes for which it is being used.
   iii. Subjects should not be notified of the reason for the collection of their personal information at the time that it is collected, and organizations should only use it for that stated purpose.
   iv.  Only with the consent of the subject or by the authority of law should personal data be disclosed, made available, or used for purposes other than those previously stated.
   v.   Reasonable safeguards should be put in place to protect personal data against risks such as loss, unauthorized access, modification, and disclosure.
   vi.  Subjects should be able to find out whether an organization has their personal information and what that information is, to correct erroneous data, and to challenge denied requests to do so.


        A. iii
        B. ii, iv
        C. i, v
        D. vi

       Click Here for the Answer


******************************************************************************

2. Which of the following is an incorrect statement?
   i.   A system reboot takes place after the system shuts itself down in an uncontrolled manner in response to a kernel (trusted computing base) failure.
   ii.  An emergency system restart takes place after a system failure happens in an uncontrolled manner.
   iii. A system cold start takes place when an expected kernel or media failure happens and the regular recovery procedure cannot recover the system to a more consistent state.
   iv.  A system warm start takes place when an expected kernel or media failure happens and the regular recovery procedure cannot recover the system to a more consistent state.

   A. i, ii
   B. i, ii, iii
   C. i, iii, iv
   D. iii, iv


       Click Here for the Answer


******************************************************************************

3. When developing a physical security program which of the following is the second step that needs to take place?

   A. Identify a team of internal employees and/or external consultants who will build the physical security program through the following steps.
   B. Work with management to define an acceptable risk level for the physical security program.
   C. Derive the required performance baselines from the acceptable risk level.
   D. Carry out a risk analysis to identify the vulnerabilities and threats and to calculate the business impact of each threat.
   E. Create countermeasure performance metrics.

       Click Here for the Answer

Become an InformIT Member

Take advantage of special member promotions, everyday discounts, quick access to saved content, and more! Join Today.