Quiz-summary
0 of 10 questions completed
Questions:
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
Information
practice questions
You have already completed the quiz before. Hence you can not start it again.
Quiz is loading...
You must sign in or sign up to start the quiz.
You have to finish following quiz, to start this quiz:
Results
0 of 10 questions answered correctly
Your time:
Time has elapsed
You have reached 0 of 0 points, (0)
Categories
- Not categorized 0%
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- Answered
- Review
-
Question 1 of 10
1. Question
A company has an e-commerce website that carries out 60 percent of its yearly income. Beneath the current circumstances, the annualized loss anticipation for the website against the danger of assault is $92,000. After actualizing a new application-layer firewall, the unused annualized misfortune anticipation would be $30,000. The firewall costs $65,000 per year to actualize and maintain. Which of the following depicts the company’s approach to change management?
Correct
Hazard relief includes utilizing controls in an endeavor to diminish either the likelihood or harm related with an occurrence or both. The four ways of managing risk are acknowledged, dodge, exchange, and moderate (decrease). A firewall may be a countermeasure installed to diminish the hazard of a risk
Incorrect
Hazard relief includes utilizing controls in an endeavor to diminish either the likelihood or harm related with an occurrence or both. The four ways of managing risk are acknowledged, dodge, exchange, and moderate (decrease). A firewall may be a countermeasure installed to diminish the hazard of a risk
-
Question 2 of 10
2. Question
A little inaccessible office for a company is valued at $800,000. It is evaluated, based on chronicled information, that a fire is likely to happen once every ten long times at an office in this zone. It is evaluated that such a fire would crush 60 percent of the office beneath the current circumstances and with the current analyst and preventive controls input. What is the single loss expectancy for the office suffering from a fire?
Correct
$480,000 is the right reply. The equation for single misfortune anticipation (SLE) is asset value × introduction calculate (EF) = SLE. In this circumstance the equation would work out as asset value ($800,000) × presentation calculate (60%) = $480,000. This implies that the company has potential misfortune esteem of $480,000 relating to this one resource (office) and this one threat type (fire).
Incorrect
$480,000 is the right reply. The equation for single misfortune anticipation (SLE) is asset value × introduction calculate (EF) = SLE. In this circumstance the equation would work out as asset value ($800,000) × presentation calculate (60%) = $480,000. This implies that the company has potential misfortune esteem of $480,000 relating to this one resource (office) and this one threat type (fire).
-
Question 3 of 10
3. Question
A little inaccessible office for a company is valued at $800,000. It is evaluated, based on chronicled information, that a fire is likely to happen once every ten long times at an office in this zone. It is evaluated that such a fire would crush 60 percent of the office beneath the current circumstances and with the current analyst and preventive controls input. What is the annualized rate of occurrence?
Correct
The annualized rate event (ARO) is the recurrence that danger will most likely occur inside a 12-month period. It may be esteem utilized within the Lager equation, which is SLE × ARO = ALE.
Incorrect
The annualized rate event (ARO) is the recurrence that danger will most likely occur inside a 12-month period. It may be esteem utilized within the Lager equation, which is SLE × ARO = ALE.
-
Question 4 of 10
4. Question
A little inaccessible office for a company is valued at $800,000. It is evaluated, based on chronicled information, that a fire is likely to happen once every ten long times at an office in this zone. It is evaluated that such a fire would crush 60 percent of the office beneath the current circumstances and with the current analyst and preventive controls input. What is the annualized loss expectancy?
Correct
$48,000 is the proper reply. The annualized misfortune hope equation (SLE × ARO = ALE) is utilized to calculate the misfortune potential for one resource encountering one danger in a 12- month period. The coming about Brew esteem makes a difference to decide the amount that can reasonably be going through within the assurance of that resource. In this circumstance, the company ought to not spend over $48,000 on securing this resource from the danger of fire. Brew values offer assistance organizations rank the seriousness level of the dangers they confront so they know which ones to bargain with, to begin with, and how much to spend on each.
Incorrect
$48,000 is the proper reply. The annualized misfortune hope equation (SLE × ARO = ALE) is utilized to calculate the misfortune potential for one resource encountering one danger in a 12- month period. The coming about Brew esteem makes a difference to decide the amount that can reasonably be going through within the assurance of that resource. In this circumstance, the company ought to not spend over $48,000 on securing this resource from the danger of fire. Brew values offer assistance organizations rank the seriousness level of the dangers they confront so they know which ones to bargain with, to begin with, and how much to spend on each.
-
Question 5 of 10
5. Question
What happens in the session layer?
Correct
It is the duty of the session layer to monitor how applications communicate, not how computers communicate. Not all systems use session-layer protocols, so this layer is not often used for networking functions. A protocol of the session layer will logically set up the connection to the other application and control the dialog going back and forth. The protocols of the session layer allow applications to keep track of the dialog.
Incorrect
It is the duty of the session layer to monitor how applications communicate, not how computers communicate. Not all systems use session-layer protocols, so this layer is not often used for networking functions. A protocol of the session layer will logically set up the connection to the other application and control the dialog going back and forth. The protocols of the session layer allow applications to keep track of the dialog.
-
Question 6 of 10
6. Question
Which of the following technologies, in order to provide simplicity, centralized control, and simplified procedures, integrates previously independent security solutions?
Correct
Managing the long laundry list of security solutions almost every network has to have in place has become very difficult. Firewalls, antimalware, antispam, IDS\IPS, content filtering, data leak prevention, VPN capabilities, and continuous monitoring and reporting are included, but not limited to, in this list. Appliance products have been developed for unified threat management (UTM) that include all In a single network appliance, all (or many) of these functionalities. Simplicity, streamlined installation and maintenance, unified control, and the ability to consider the security of a network from a holistic point of view are UTM’s objectives.
Incorrect
Managing the long laundry list of security solutions almost every network has to have in place has become very difficult. Firewalls, antimalware, antispam, IDS\IPS, content filtering, data leak prevention, VPN capabilities, and continuous monitoring and reporting are included, but not limited to, in this list. Appliance products have been developed for unified threat management (UTM) that include all In a single network appliance, all (or many) of these functionalities. Simplicity, streamlined installation and maintenance, unified control, and the ability to consider the security of a network from a holistic point of view are UTM’s objectives.
-
Question 7 of 10
7. Question
Todd may be a modern security supervisor and has the duty of actualizing workforce security controls inside the monetary institution where he works. Todd knows that numerous representatives don’t completely get how their actions can put the institution at a chance; hence, a mindfulness program must be created. He has determined that the bank tellers ought to get a supervisory supersede when clients have checked over $3,500 that has to be cashed. He has too revealed that a few workers have remained in their specific positions inside the company for over three a long time. Todd would like to be able to investigate some of the bank’s staff exercises to see on the off chance that No false exercises have taken put. Todd is as of now guaranteeing that two individuals must utilize isolated keys at the same time to open the bank vault. Todd documents a few fraud opportunities that the workers have at the financial institution so that management gets these dangers and allocates the funds and resources for his recommended solutions. Which of the following best describes the control Todd should put into place to be able to carry out false examination movement?
Correct
An obligatory get-away is a regulatory analyst control that permits an organization to explore an employee’s everyday trade exercises to reveal any potential fraud which will be taking put. The worker ought to be constrained to be absent from the organization for a two-week period and another individual ought to be put into that part. The idea is that the individual who was pivoted into that position may be able to distinguish suspicious activities.
Incorrect
An obligatory get-away is a regulatory analyst control that permits an organization to explore an employee’s everyday trade exercises to reveal any potential fraud which will be taking put. The worker ought to be constrained to be absent from the organization for a two-week period and another individual ought to be put into that part. The idea is that the individual who was pivoted into that position may be able to distinguish suspicious activities.
-
Question 8 of 10
8. Question
Todd may be a modern security supervisor and has the duty of actualizing workforce security controls inside the monetary institution where he works. Todd knows that numerous representatives don’t completely get how their actions can put the institution at a chance; hence, a mindfulness program must be created. He has determined that the bank tellers ought to get a supervisory supersede when clients have checked over $3,500 that has to be cashed. He has too revealed that a few workers have remained in their specific positions inside the company for over three a long time. Todd would like to be able to investigate some of the bank’s staff exercises to see on the off chance that No false exercises have taken put. Todd is as of now guaranteeing that two individuals must utilize isolated keys at the same time to open the bank vault. What does Todd put into place if the financial institution wants to compel collusion to enable a location for fraud to occur successfully in this situation?
Correct
Partition of obligations is an authoritative control that’s put into put to guarantee that one person cannot carry out a basic errand by himself. In case an individual was able to carry out a critical assignment alone, this seems to put the organization at a chance. Collaboration is when two or more people come together to carry out extortion. So in case, an assignment was part between two people, they would get to carry out conspiracy (working together) to total that one assignment and carry out fraud.
Incorrect
Partition of obligations is an authoritative control that’s put into put to guarantee that one person cannot carry out a basic errand by himself. In case an individual was able to carry out a critical assignment alone, this seems to put the organization at a chance. Collaboration is when two or more people come together to carry out extortion. So in case, an assignment was part between two people, they would get to carry out conspiracy (working together) to total that one assignment and carry out fraud.
-
Question 9 of 10
9. Question
Todd may be a modern security supervisor and has the duty of actualizing workforce security controls inside the monetary institution where he works. Todd knows that numerous representatives don’t completely get how their actions can put the institution at a chance; hence, a mindfulness program must be created. He has determined that the bank tellers ought to get a supervisory supersede when clients have checked over $3,500 that has to be cashed. He has too revealed that a few workers have remained in their specific positions inside the company for over three a long time. Todd would like to be able to investigate some of the bank’s staff exercises to see on the off chance that No false exercises have taken put. Todd is as of now guaranteeing that two individuals must utilize isolated keys at the same time to open the bank vault. Todd needs to be able to anticipate extortion from taking put, but he knows that a few people may get around the sorts of controls he puts into put. In those circumstances, he needs to be able to recognize when a representative is doing something suspicious. Which of the following incorrectly depicts what Todd is implementing in this situation and what those specific controls give?
Correct
Double control is an regulatory preventive control. It guarantees that two individuals must carry out an errand at the same time, as in two individuals having partitioned keys when opening the vault. It isn’t a criminologist’s control. Take note that the address asks what Todd isn’t doing. Remember that on the exam you wish to choose the most excellent reply. In numerous circumstances, you will not just like the address or the comparing answers on the CISSP exam, so prepare yourself. The questions can be precarious, which is one reason why the exam itself is so difficult.
Incorrect
Double control is an regulatory preventive control. It guarantees that two individuals must carry out an errand at the same time, as in two individuals having partitioned keys when opening the vault. It isn’t a criminologist’s control. Take note that the address asks what Todd isn’t doing. Remember that on the exam you wish to choose the most excellent reply. In numerous circumstances, you will not just like the address or the comparing answers on the CISSP exam, so prepare yourself. The questions can be precarious, which is one reason why the exam itself is so difficult.
-
Question 10 of 10
10. Question
Susan has been told by her boss that she will be supplanting the current security chief inside her company. Her boss clarified to her that operational security measures have not been carried out in a standard design, so some systems have appropriate security setups and a few don’t. Her boss must get it how dangerous it is to have a few of the frameworks misconfigured, besides what to do in this situation. Which of the following better defines what Susan must promise that the operations workers build for proper standardization of arrangements?
Correct
The operations staff must know what least level of security is required per system inside the organization. This least level of security is alluded to as a baseline. Once a standard is set per framework, at that point, the staff has something to compare the system against to know on the off chance that changes have not taken put legitimately, which might make the system vulnerable.
Incorrect
The operations staff must know what least level of security is required per system inside the organization. This least level of security is alluded to as a baseline. Once a standard is set per framework, at that point, the staff has something to compare the system against to know on the off chance that changes have not taken put legitimately, which might make the system vulnerable.