September 09 [Wed], 2015, 11:54

Learning Objectives
Understand and apply the concepts of risk assessment, risk analysis, data classification, and security awareness and Implement risk management and the principles used to support it (Risk avoidance, Risk acceptance, Risk mitigation, Risk transference)

Apply a comprehensive and rigorous method for describing a current and/or future structure and behavior for an organization's security processes, information security systems, personnel, and organizational sub-units so that these practices and processes align with the organization's core goals and strategic direction and address the frameworks and policies, concepts, principles, structures, and standards used to establish criteria for the protection of information assets, as well as to assess the effectiveness of that protection and establish the foundation of a comprehensive and proactive security program to ensure the protection of an organization’s information assets

NO.1 Several analysis methods can be employed by an IDS, each with its own strengths and
weaknesses, and their applicability to any given situation should be carefully considered. There are
two basic IDS analysis methods that exists. Which of the basic method is more prone to false
A. Pattern Matching (also called signature analysis)
B. Anomaly Detection
C. Host-based intrusion detection
D. Network-based intrusion detection
Answer: B

ISCプログラム   CISSP入門   CISSP対応

NO.2 Which access control model is also called Non Discretionary Access Control (NDAC)?
A. Lattice based access control
B. Mandatory access control
C. Role-based access control
D. Label-based access control
Answer: C

ISC書籍   CISSP関連資料   CISSP教育

NO.3 Which of the following biometrics methods provides the HIGHEST accuracy and is LEAST
accepted by users?
A. Palm Scan
B. Hand Geometry
C. Fingerprint
D. Retina scan
Answer: D


NO.4 What can be defined as: It confirms that users' needs have been met by the supplied solution?
A. Accreditation
B. Certification
C. Assurance
D. Acceptance
Answer: D


NO.5 Which of the following methods of providing telecommunications continuity involves the use
of an alternative media?
A. Alternative routing
B. Diverse routing
C. Long haul network diversity
D. Last mile circuit protection
Answer: A

ISC   CISSP模擬試験   CISSPバージョン   CISSPフリーク
Alternative routing is a method of routing information via an alternate medium such as copper cable
or fiber optics. This involves use of different networks, circuits or end points should the normal
network be unavailable. Diverse routing routes traffic through split cable facilities or duplicate cable
facilities. This can be accomplished with different and/or duplicate cable sheaths. If different cable
sheaths are used, the cable may be in the same conduit and therefore subject to the same
interruptions as the cable it is backing up. The communication service subscriber can duplicate the
facilities by having alternate routes, although the entrance to and from the customer premises may
be in the same conduit. The subscriber can obtain diverse routing and alternate routing from the
local carrier, including dual entrance facilities. This type of access is time-consuming and costly. Long
haul network diversity is a diverse long-distance network utilizing T1 circuits among the major long-
distance carriers. It ensures long-distance access should any one carrier experience a network failure.
Last mile circuit protection is a redundant combination of local carrier T1s microwave and/or coaxial
cable access to the local communications loop. This enables the facility to have access during a local
carrier communication disaster. Alternate local carrier routing is also utilized. Source: Information
Systems Audit and Control Association, Certified Information Systems Auditor 2002 review manual,
chapter 5: Disaster Recovery and Business Continuity (page 259).

NO.6 Which of the following protects Kerberos against replay attacks?
A. Tokens
B. Passwords
C. Cryptography
D. Time stamps
Answer: D

A replay attack refers to the recording and retransmission of packets on the
network. Kerberos uses time stamps, which protect against this type of attack.
Source: HARRIS, Shon, All-In-One CISSP Certification Exam Guide, McGraw-Hill/Osborne, 2002,
chapter 8: Cryptography (page 581).

NO.7 Which of the following is often implemented by a one-for-one disk to disk ratio?
A. RAID Level 1
B. RAID Level 0
C. RAID Level 2
D. RAID Level 5
Answer: A

ISC   CISSP練習   CISSP   CISSPサンプル問題集
This is often implemented by a one-for-one disk-to-disk ratio.
RAID Level 2 provides redundancy by writing all data to two or more drives set. The performance
of a level 1 array tends to be faster on reads and slower on writes compared to a single drive, but
if either of the drive sets fails, no data is lost. This is a good entry-level redundant system, since
only two drives are required as a minimum; however, since one drive is used to store a duplicate
of the data, the cost per megabyte is high. This level is commonly referred to as mirroring.
Please visit for a nice overview of RAID Levels.
For the purpose of the exam you must be familiar with RAID 0 to 5, 10, and 50.
KRUTZ, Ronald L. & VINES, Russel D., The CISSP Prep Guide: Mastering the Ten Domains of
Computer Security, 2001, John Wiley & Sons, Page 65.

NO.8 Why do buffer overflows happen? What is the main cause?
A. Because buffers can only hold so much data
B. Because of improper parameter checking within the application
C. Because they are an easy weakness to exploit
D. Because of insufficient system memory
Answer: B





試験科目:Certified Information Systems Security Professional
問題と解答:全1275問 CISSP 勉強方法

>> CISSP 勉強方法


JPshikenは最新のC2150-400問題集と高品質のC-HANAIMP142問題と回答を提供します。JPshikenの300-115 VCEテストエンジンとHP2-W103試験ガイドはあなたが一回で試験に合格するのを助けることができます。高品質のMB7-701 PDFトレーニング教材は、あなたがより迅速かつ簡単に試験に合格することを100%保証します。試験に合格して認証資格を取るのはそのような簡単なことです。