cissp exam cram

Download Cissp Exam Cram

Post on 21-Oct-2015

96 views

Category:

Documents

1 download

Embed Size (px)

DESCRIPTION

3rd Edition

TRANSCRIPT

  • CISSP PracticeQuestions

    Third Edition

    Michael Gregg

  • CISSP Practice Questions Exam Cram, Third Edition

    Copyright 2013 by Pearson Education, Inc.All rights reserved. No part of this book shall be reproduced, stored in a retrieval sys-tem, or transmitted by any means, electronic, mechanical, photocopying, recording, orotherwise, without written permission from the publisher. No patent liability isassumed with respect to the use of the information contained herein. Although everyprecaution has been taken in the preparation of this book, the publisher and authorassume no responsibility for errors or omissions. Nor is any liability assumed for dam-ages resulting from the use of the information contained herein.ISBN-13: 978-0-7897-4959-8ISBN-10: 0-7897-4959-9Library of Congress Cataloging-in-Publication data is on file.Printed in the United States of AmericaFirst Printing: September 2012

    TrademarksAll terms mentioned in this book that are known to be trademarks or service markshave been appropriately capitalized. Pearson IT Certification cannot attest to the accu-racy of this information. Use of a term in this book should not be regarded as affectingthe validity of any trademark or service mark.

    Warning and DisclaimerEvery effort has been made to make this book as complete and as accurate as possi-ble, but no warranty or fitness is implied. The information provided is on an as isbasis. The author and the publisher shall have neither liability nor responsibility to anyperson or entity with respect to any loss or damages arising from the information con-tained in this book or from the use of the CD or programs accompanying it.

    Bulk SalesPearson IT Certification offers excellent discounts on this book when ordered in quanti-ty for bulk purchases or special sales. For more information, please contact

    U.S. Corporate and Government Sales1-800-382-3419corpsales@pearsontechgroup.com

    For sales outside of the U.S., please contactInternational Salesinternational@pearsoned.com

    Associate PublisherDave Dusthimer

    Acquisitions EditorBetsy Brown

    Senior DevelopmentEditorChristopherCleveland

    Managing EditorSandra Schroeder

    Senior ProjectEditorTonya Simpson

    Copy EditorSheri Cain

    Technical EditorsShawn MerdingerPatrick Ramseier

    PublishingCoordinatorVanessa Evans

    MultimediaDeveloperTimothy Warner

    Interior DesignerGary Adair

    Cover DesignerAlan Clements

    CompositorTnT Design, Inc.

  • Contents at a Glance

    Introduction 1

    CHAPTER 1: Physical (Environmental) Security 5

    CHAPTER 2: Access Control 31

    CHAPTER 3: Cryptography 65

    CHAPTER 4: Security Architecture and Design 99

    CHAPTER 5: Telecommunications and Network Security 135

    CHAPTER 6: Business Continuity and Disaster Recovery Planning 171

    CHAPTER 7: Legal, Regulations, Investigations, and Compliance 209

    CHAPTER 8: Software Development Security 237

    CHAPTER 9: Information Security, Governance, and Risk Management 271

    CHAPTER 10: Security Operations 301

  • iv CISSP Practice Questions Exam Cram

    Table of Contents

    Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1

    Who This Book Is For . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1What You Will Find in This Book . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1Hints for Using This Book . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2Pearson IT Certification Practice Test Engine and

    Questions on the CD . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2Need Further Study? . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4

    Chapter 1:Physical (Environmental) Security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5

    Practice Questions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6Practice Questions (True or False) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19Practice Questions (Mix and Match) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21Quick-Check Answer Key . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22Answers and Explanations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23

    Chapter 2:Access Control . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 31

    Practice Questions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 32Practice Questions (True or False) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 49Practice Questions (Mix and Match) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 51Quick-Check Answer Key . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 52Answers and Explanations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 53

    Chapter 3:Cryptography. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 65

    Practice Questions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 66Practice Questions (True or False) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 83Practice Questions (Mix and Match) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 85Quick-Check Answer Key . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 86Answers and Explanations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 87

  • Contents v

    Chapter 4:Security Architecture and Design . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 99

    Practice Questions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 100Practice Questions (True or False) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 121Practice Questions (Mix and Match) . . . . . . . . . . . . . . . . . . . . . . . . . . . . 121Quick Check Answer Key . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 122Answers and Explanations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 123

    Chapter 5:Telecommunications and Network Security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 135

    Practice Questions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 136Practice Questions (True or False) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 157Practice Questions (Mix and Match) . . . . . . . . . . . . . . . . . . . . . . . . . . . . 157Quick Check Answer Key . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 158Answers and Explanations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 159

    Chapter 6:Business Continuity and Disaster Recovery Planning . . . . . . . . . . . . . . . . . . . . . 171

    Practice Questions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 172Practice Questions (True or False) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 193Practice Questions (Mix and Match) . . . . . . . . . . . . . . . . . . . . . . . . . . . . 194Quick Check Answer Key . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 195Answers and Explanations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 196

    Chapter 7:Legal, Regulations, Investigations, and Compliance . . . . . . . . . . . . . . . . . . . . . 209

    Practice Questions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 210Practice Questions (Mix and Match) . . . . . . . . . . . . . . . . . . . . . . . . . . . . 226Quick Check Answer Key . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 227Answers and Explanations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 228

    Chapter 8:Software Development Security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 237

    Practice Questions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 238Practice Questions (True or False) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 257Practice Questions (Mix and Match) . . . . . . . . . . . . . . . . . . . . . . . . . . . . 258Quick Check Answer Key . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 259Answers and Explanations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 260

  • vi CISSP Practice Questions Exam Cram

    Chapter 9:Information Security, Governance, and Risk Management. . . . . . . . . . . . . . . . . 271

    Practice Questions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 272Practice Questions (True or False) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 290Practice Questions (Mix and Match) . . . . . . . . . . . . . . . . . . . . . . . . . . . . 291Quick Check Answer Key . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 292Answers and Explanations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 293

    Chapter 10:Security Operations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 301

    Practice Questions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 302Practice Questions (True or False) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 320Practice Questions (Mi