CISSP exam

FOR THIS QUESTION, REFER TO THE FOLLOWING INFORMATION A user of a web application notices that it is possible to bookmark the application and return to it, even after shutting down the computer and without having to log-on. The user also notices that the user ID is embedded in the...

In biometric identification systems, at the beginning, it was soon apparent that truly positive identification could only be based on physical attributes of a person. This raised the necessity of answering 2 questions :A .  what was the sex of a person and his ageB .  what part of body...

Which of the following represents the columns of the table in a relational database?A .  attributesB .  relationC .  record retentionD .  records or tuplesView AnswerAnswer: A Explanation: The rows of the table represent records or tuples and the columns of the table represent the attributes. Source: KRUTZ, Ronald L....

A Business Continuity Plan/Disaster Recovery Plan (BCP/DRP) will provide which of the following?A . Guaranteed recovery of all business functionsB . Minimization of the need decision making during a crisisC . Insurance against litigation following a disasterD . Protection from loss of organization resourcesView AnswerAnswer: D

An access control policy for a bank teller is an example of the implementation of which of the following?A .  Rule-based policyB .  Identity-based policyC .  User-based policyD .  Role-based policyView AnswerAnswer: D Explanation: The position of a bank teller is a specific role within the bank, so you would...

Which access control type has a central authority that determine to what objects the subjects have access to and it is based on role or on the organizational security policy?A .  Mandatory Access ControlB .  Discretionary Access ControlC .  Non-Discretionary Access ControlD .  Rule-based Access controlView AnswerAnswer: C Explanation: Non...

An employee of a retail company has been granted an extended leave of absence by Human Resources (HR). This information has been formally communicated to the access provisioning team. Which of the following is the BEST action to take?A . Revoke access temporarily.B . Block user access and delete user...

Which of the following would be less likely to prevent an employee from reporting an incident?A . They are afraid of being pulled into something they don't want to be involved withB . The process of reporting incidents is centralizedC . They are afraid of being accused of something they...

What is the PRIMARY reason for implementing change management?A . Certify and approve releases to the environmentB . Provide version rollbacks for system changesC . Ensure that all applications are approvedD . Ensure accountability for changes to the environmentView AnswerAnswer: D

In biometrics, "one-to-many" search against database of stored biometric images is done in:A .  AuthenticationB .  IdentificationC .  IdentitiesD .  Identity-based access controlView AnswerAnswer: B Explanation: In biometrics, identification is a "one-to-many" search of an individual's characteristics from a database of stored images. Source: KRUTZ, Ronald L. & VINES, Russel...