[Free] New Updated (October) ISC SSCP Real Exam 501-510

Ensurepass

 

QUESTION 501

Most access violations are:

 

A.

Accidental

B.

Caused by internal hackers

C.

Caused by external hackers

D.

Related to Internet

 

Correct Answer: A

Explanation:

The most likely source of exposure is from the uninformed, accidental or unknowing person, although the greatest impact may be from those with malicious or fraudulent intent.

Source: Informa
tion Systems Audit and Control Association, Certified Information Systems Auditor 2002 review manual, Chapter 4: Protection of Information Assets (page 192).

 

 

QUESTION 502

What is the MOST critical piece to disaster recovery and continuity planning?

 

A.

Security policy

B.

Management support

C.

Availability of backup information processing facilities

D.

Staff training

 

Correct Answer: B

Explanation:

The keyword is ‘ MOST CRITICAL ‘ and the correct answer is ‘ Management Support ‘ as the management must be convinced of its necessity and that’s why a business case must be made. The decision of how a company should recover from any disaster is purely a business decision and should be treated as so.

 

The other answers are incorrect because:

 

Security policy is incorrect as it is not the MOST CRITICAL piece.

Availability of backup information processing facilities is incorrect as this comes once the organization has BCP Plans in place and for a BCP Plan , management support must be there.

Staff training comes after the plans are in place with the support from management.

 

Reference:

Shon Harris , AIO v3 , Chapter-9: Business Continuity Planning , Page: 697.

 

 

QUESTION 503

Which of the following best describes remote journaling?

 

A.

Send hourly tapes containing transactions off-site.

B.

Send daily tapes containing transactions off-site.

C.

Real-time capture of transactions to multiple storage devices.

D.

Real time transmission of copies of the entries in the journal of transactions to an alternate site.

 

Correct Answer: D

Explanation:

Remote Journaling is a technology to facilitate sending copies of the journal of transaction entries from a production system to a secondary system in realtime. The remote nature of such a connection is predicated upon having local journaling already established. Local journaling on the production side allows each change that ensues for a journal-eligible object e.g., database physical file, SQL table, data area, data queue, byte stream file residing within the IFS) to be recorded and logged. It’s these local images that flow to the remote system. Once there, the journal entries serve a variety of purposes, from feeding a high availability software replay program or data warehouse to offering an offline, realtime vault of the most recent database changes.

 

Reference(s) used for this question:

 

The Essential Guide to Remote Journaling by IBM

TIPTON, Hal, (ISC)2, Introduction to the CISSP Exam presentation.

KRUTZ, Ronald L.& VINES, Russel D., The CISSP Prep Guide: Mastering the Ten Domains of Computer Security, John Wiley & Sons, 2001, Chapter 8: Business Continuity Planning and Disaster Recovery Planning (page 286).

 

 

QUESTION 504

What is a hot-site facility?

 

A.

A site with pre-installed computers, raised flooring, air conditioning, telecommunications and networking equipment, and UPS.

B.

A site in which space is reserved with pre-installed wiring and raised floors.

C.

A site with raised flooring, air conditioning, telecommunications, and networking equipment, and UPS.

D.

A site with ready made work space with telecommunications equipment, LANs, PCs, and terminals for work groups.

 

Correct Answer: A

Explanation:

Source: TIPTON, Hal, (ISC)2, Introduction to the CISSP Exam presentation.

 

 

QUESTION 505

Which backup method usually resets the archive bit on the files after they have been backed up?

 

A.

Incremental backup method.

B.

Differential backup method.

C.

Partial backup method.

D.

Tape backup method.

 

Correct Answer: A

Explanation:

The incremental backup method usually resets the archive bit on the files after they have been backed up.

 

An Incremental Backup will backup all the files that have changed since the last Full Backup (the first time it is run after a full backup was previously completed) or after an Incremental Backup (for the second backup and subsequent backups) and sets the archive bit to 0. This type of backup take less time during the backup phase but it will take more time to restore.

 

The other answers are all incorrect choices.

 

The following backup types also exists:

Full Backup – All data are backed up. The archive bit is cleared, which means that it is set to 0.

Differential Backup – Backup the files that have been modified since the last Full Backup. The archive bit does not change. Take more time while the backup phase is performed and take less time to restore.

 

Reference(s) used for this question:

KRUTZ, Ronald L.& VINES, Russel D., The CISSP Prep Guide: Mastering the Ten Domains of Computer Security, 2001, John Wiley & Sons, Page 69.

 

 

QUESTION 506

Which of the following backup methods makes a complete backup of every file on the server every time it is run?

 

A.

full backup method.

B.

incremental backup method.

C.

differential backup method.

D.

tape backup method.

 

Correct Answer: A

Explanation:

The Full Backup Method makes a complete backup of every file on the server every time it is run.

Source: KRUTZ, Ronald L.& VINES, Russel D., The CISSP Prep Guide: Mastering the Ten Domains of Computer Security, 2001, John Wiley & Sons, Page 69.

 

 

QUESTION 507

A Business Continuity Plan should be tested:

 

A.

Once a month.

B.

At least twice a year.

C.

At least once a year.

D.

At least once every two years.

 

Correct Answer: C

Explanation:

It is recommended that testing does not exceed established frequency limits. For a plan to be effective, all components of the BCP should be tested at least once a year. Also, if there is a major change in the operations of the organization, the plan should be revised and tested not more than three months after the change becomes operational.

Source: BARNES, James C.& ROTHSTEIN, Philip J., A Guide to Business Continuity Planning, John Wiley & Sons, 2001 (page 165).

 

 

QUESTION 508

A weakness or lack of a safeguard, which may be exploited by a threat, causing harm to the information systems or networks is called a ?

 

A.

Vulnerability

B.

Risk

C.

Threat

D.

Overflow

 

Correct Answer: A

Explanation:

The Correct Answer: Vulnerability; Vulnerability is a weakness or lack of a safeguard, which may be exploited by a threat, causing harm to the information systems or networks.

Source: KRUTZ, Ronald L.& VINES, Russel D., The CISSP Prep Guide: Mastering the Ten Domains of Computer Security, 2001, John Wiley & Sons, Pages 16, 32.

 

 

QUESTION 509

Which of the following is NOT a part of a risk analysis?

 

A.

Identify risks

B.

Quantify the impact of potential threats

C.

Provide an economic balance between the impact of the risk and the cost of the associated countermeasure

D.

Choose the best countermeasure

 

Correct Answer: D

Explanation:

This step is not a part of RISK ANALYSIS. A risk analysis has three main goals: identify risks, quantify the impact of potential threats, and provide an economic balance between the impact of the risk and the cost of the associated countermeasure. Choosing the best countermeasure is not part of the risk analysis.

Source: HARRIS, Shon, All-In-One CISSP Certification Exam Guide, McGraw- Hill/Osborne, 2002, chapter 3: Security Management Practices (page 73). HARRIS, Shon, Mike Meyers’ CISSP(R) Certification Passport, 2002, McGraw-Hill, page 12.

 

 

QUESTION 510

In the course of responding to and handling an incident, you work on determining the root cause of the incident. In which step are you in?

 

A.

Recovery

B.

Containment

C.

Triage

D.

Analysis and tracking

 

Correct Answer: D

Explanation:

In this step, your main objective is to examine and analyze what has occurred and focus on determining the root cause of the incident.

Recovery is incorrect as recovery is about resuming operations or bringing affected systems back into production

Containment is incorrect as containment is about reducing the potential impact of an incident.

Triage is incorrect as triage is about determining the seriousness of the incident and filtering out false positives

 

Reference:

Official Guide to the CISSP CBK, pages 700-704

Free VCE & PDF File for ISC SSCP Real Exam

Instant Access to Free VCE Files: ISC | ISC | SAP …
Instant Access to Free PDF Files: ISC | ISC | SAP …

This entry was posted in SSCP Real Exam (October) and tagged , , , , , , . Bookmark the permalink.