(ISC)2 CISSP Certified Information Systems Security Professional Official Practice Tests
Mike Chapple,David Seidl
- English
- ePUB (apto para móviles)
- Disponible en iOS y Android
(ISC)2 CISSP Certified Information Systems Security Professional Official Practice Tests
Mike Chapple,David Seidl
Información del libro
Full-length practice tests covering all CISSP domains for the ultimate exam prep
The (ISC)2 CISSP Official Practice Tests is a major resource for (ISC)2 Certified Information Systems Security Professional (CISSP) candidates, providing 1300 unique practice questions. The first part of the book provides 100 questions per domain. You also have access to four unique 125-question practice exams to help you master the material. As the only official practice tests endorsed by (ISC)2, this book gives you the advantage of full and complete preparation. These practice tests align with the 2021 version of the exam to ensure up-to-date preparation, and are designed to cover what you will see on exam day. Coverage includes: Security and Risk Management, Asset Security, Security Architecture and Engineering, Communication and Network Security, Identity and Access Management (IAM), Security Assessment and Testing, Security Operations, and Software Development Security.
The CISSP credential signifies a body of knowledge and a set of guaranteed skills that put you in demand in the marketplace. This book is your ticket to achieving this prestigious certification, by helping you test what you know against what you need to know.
- Test your knowledge of the 2021 exam domains
- Identify areas in need of further study
- Gauge your progress throughout your exam preparation
- Practice test taking with Sybex's online test environment containing the questions from the book, which is supported by Wiley's support agents who are available 24x7 via email or live chat to assist with access and login questions
The CISSP exam is refreshed every few years to ensure that candidates are up-to-date on the latest security topics and trends. Currently-aligned preparation resources are critical, and periodic practice tests are one of the best ways to truly measure your level of understanding.
Preguntas frecuentes
Información
Chapter 1
Security and Risk Management (Domain 1)
- 1.1 Understand, adhere to, and promote professional ethics
- 1.2 Understand and apply security concepts
- 1.3 Evaluate and apply security governance principles
- 1.4 Determine compliance and other requirements
- 1.5 Understand legal and regulatory issues that pertain to information security in a holistic context
- 1.6 Understand requirements for investigation types (i.e., administrative, criminal, civil, regulatory, industry standards)
- 1.7 Develop, document, and implement security policy, standards, procedures, and guidelines
- 1.8 Identify, analyze, and prioritize Business Continuity (BC) requirements
- 1.9 Contribute to and enforce personnel security policies and procedures
- 1.10 Understand and apply risk management concepts
- 1.11 Understand and apply threat modeling concepts and methodologies
- 1.12 Apply Supply Chain Risk Management (SCRM) concepts
- 1.13 Establish and maintain a security awareness, education, and training program
- Alyssa is responsible for her organization's security awareness program. She is concerned that changes in technology may make the content outdated. What control can she put in place to protect against this risk?
- Gamification
- Computer-based training
- Content reviews
- Live training
- Gavin is creating a report to management on the results of his most recent risk assessment. In his report, he would like to identify the remaining level of risk to the organization after adopting security controls. What term best describes this current level of risk?
- Inherent risk
- Residual risk
- Control risk
- Mitigated risk
- Francine is a security specialist for an online service provider in the United States. She recently received a claim from a copyright holder that a user is storing information on her service that violates the third party's copyright. What law governs the actions that Francine must take?
- Copyright Act
- Lanham Act
- Digital Millennium Copyright Act
- Gramm Leach Bliley Act
- FlyAway Travel has offices in both the European Union (EU) and the United States and transfers personal information between those offices regularly. They have recently received a request from an EU customer requesting that their account be terminated. Under the General Data Protection Regulation (GDPR), which requirement for processing personal information states that individuals may request that their data no longer be disseminated or processed?
- The right to access
- Privacy by design
- The right to be forgotten
- The right of data portability
- After conducting a qualitative risk assessment of her organization, Sally recommends purchasing cybersecurity breach insurance. What type of risk response behavior is she recommending?
- Accept
- Transfer
- Reduce
- Reject
- Which one of the following elements of information is not considered personally identifiable information that would trigger most United States (U.S.) state data breach laws?
- Student identification number
- Social Security number
- Driver's license number
- Credit card number
- Renee is speaking to her board of directors about their responsibilities to review cybersecurity controls. What rule requires that senior executives take personal responsibility for information security matters?
- Due diligence rule
- Personal liability rule
- Prudent man rule
- Due process rule
- Henry recently assisted one of his co-workers in preparing for the CISSP exam. During this process, Henry disclosed confidential information about the content of the exam, in violation of Canon IV of the Code of Ethics: “Advance and protect the profession.” Who may bring ethics charges against Henry for this violation?
- Anyone may bring charges.
- Any certified or licensed professional may bring charges.
- Only Henry's employer may bring charges.
- Only the affected employee may bring charges.
- Wanda is working with one of her organization's European Union business partners to facilitate the exchange of customer information. Wanda's organization is located in the United States. What would be the best method for Wanda to use to ensure GDPR compliance?
- Binding corporate rules
- Privacy Shield
- Standard contractual clauses
- Safe harbor
- Yolanda is the chief privacy officer for a financial institution and is researching privacy requirements related to customer checking accounts. Which one of the following laws is most likely to apply to this situation?
- GLBA
- SOX
- HIPAA
- FERPA
- Tim's organization recently received a contract to conduct sponsored research as a government contractor. What law now likely applies to...
Índice
- Cover
- Table of Contents
- Title Page
- Copyright
- Acknowledgments
- About the Authors
- About the Technical Editors
- Introduction
- Chapter 1: Security and Risk Management (Domain 1)
- Chapter 2: Asset Security (Domain 2)
- Chapter 3: Security Architecture and Engineering (Domain 3)
- Chapter 4: Communication and Network Security (Domain 4)
- Chapter 5: Identity and Access Management (Domain 5)
- Chapter 6: Security Assessment and Testing (Domain 6)
- Chapter 7: Security Operations (Domain 7)
- Chapter 8: Software Development Security (Domain 8)
- Chapter 9: Practice Test 1
- Chapter 10: Practice Test 2
- Chapter 11: Practice Test 3
- Chapter 12: Practice Test 4
- Appendix Answers
- Index
- Online Learning Environment
- End User License Agreement