ET115 CH 3 Quiz

1.
ISC2 was formed for which of the following purposes

A) certifying industry professionals and practitioners in an international IS st
andard
B) all of the above
C) ensuring credentials are maintained, primarily through continuing education
D) maintaining a Common Body of Knowledge for network and information security
Feedback: See page 41.
Feedback: See page 41.Points Earned: 0.0/1.0
Correct Answer(s): B
2. The Business Continuity domain includes:

A) plans for recovering business operations in the event of loss of access by pe
rsonnel
B) documented plans for interacting with law enforcement
C) maintenance of current versions of all software in use by the organization
D) management practices to determine business risks
Correct Answer(s): A
3. The Physical Security domain includes:

A) a code of conduct for employees
B) perimeter security controls and protection mechanisms
C) data center controls and specifications for physically secure operations
D) Both answers "B" and "C"
Feedback: See pages 44 and 45.Points Earned: 0.0/1.0
Correct Answer(s): D
4. The Network Security Architecture and Models domain includes:

A) concepts and principles for secure designs of computing
B) concepts and principles for secure application development
C) concepts and principles for secure programs
D) concepts and principles for secure operations
5. People more interested in certifying themselves as security technical prac

titioners should consider preparing for which of the following?
A) CISA
B) CISSP
C) CISM
D) GAIC
6. The CBK contains:
A) 9 domains
B) 7 domains
C) 5 domains
D) 3 domains
E) 10 domains
F) 11 domains
G) 6 domains
Correct Answer(s): E
7. The Application Development Security domain includes:

A) a quality assurance testing of custom-developed software
B) a recipe book for developers to follow in building secure applications
C) a language guide on programming security functions
D) an outline for the software development environment to address security conce
rns
8. The Access Control Systems and Methodology domain includes:

A) a methodology for applications development
B) instructions on how to install perimeter door security
C) a methodology for secure network/data center operations
D) a collection of mechanisms to create secure architectures for asset protectio
n
9. Security Management Practices domain includes:

A) identification of security products
B) documented policies, standards, procedures, and guidelines
C) management of risks to corporate assests
D) answers B and C only
10. The Operation Security domain includes:

A) a mechanism to detect a physical intrusion into a data center
B) identification of procedural controls over hardware, media, and personnel
C) evidence collection and preservation for computer crimes
D) password management
11. The Telecommunications, Network, and Internet Security domain includes:
A) technology, principles, and best practices to secure telephone networks
B) technology, principles, and best practices to secure corporate data networks
C) technology, principles, and best practices to secure Internet attached networ
ks
D) All of the above
12. The Law, Investigation, and Ethics domain includes:

A) a council to determine the ethical behavior of security personnel
B) methods to investigate computer crime incidents
C) teams of lawyers to determine the legality of security decisions
D) private law enforcement personnel
13. People more interested in certifying themselves as security experts in a

business context should consider preparing for which certification?
A) CompTIA's Security + and GIAC
B) Symantec Technology Architect and CompTIA's Security +
C) CISA and CISM
D) GAIC and Cisco Firewall Specialist
Correct Answer(s): C
14. The network/information security Common Body of Knowledge is

ISC2
A) a compilation and distillation of all security information collected internat
ionally of relevance to network/information security professionals
B) a volume of books published by ISC2
C) an encyclopedia of information security principles, best practices, and regul
ations
D) a reference list of books and other publications put together by practitioner
s in network/information security
Feedback: See Page 42.Points Earned: 0.0/1.0
15. The Cryptological domain includes:

A) tools and techniques to intercept competitor's secrets
B) principles, means, and methods to disguise information to assure confidential
ity, integrity, and authenticity
C) procedures on how to protect Internet communications
D) procedures on how to discover cryptographic keys
Feedback: See page 46
Feedback: See page 46Points Earned: 0.0/1.0

ET115 CH 3 Quiz

Cargado por

Información del documento

Título original

Derechos de autor

Formatos disponibles

Compartir este documento

Compartir o incrustar documentos

Opciones para compartir

¿Le pareció útil este documento?

¿Este contenido es inapropiado?

Copyright:

Formatos disponibles

ET115 CH 3 Quiz

Cargado por

Copyright:

Formatos disponibles

1.

ISC2 was formed for which of the following purposes

2. The Business Continuity domain includes:

3. The Physical Security domain includes:

4. The Network Security Architecture and Models domain includes:

5. People more interested in certifying themselves as security technical prac

7. The Application Development Security domain includes:

8. The Access Control Systems and Methodology domain includes:

9. Security Management Practices domain includes:

10. The Operation Security domain includes:

12. The Law, Investigation, and Ethics domain includes:

13. People more interested in certifying themselves as security experts in a

14. The network/information security Common Body of Knowledge is

15. The Cryptological domain includes:

También podría gustarte