Skip survey header

CISSP Practice Quiz: Domain 7: Security Operations Quiz 2

CISSP Practice Quiz: Domain 7: Security Operations Quiz 2 (10 Questions)

1. Gary would like to implement a consolidated analysis platform that allows him to aggregate logs from a wide variety of security devices and correlate the results.

What type of system would best meet his needs?
2. Zac recently changed positions in his organization and was given a new set of permissions covering his new duties. The old permissions that he no longer needs were never revoked.

What security principle was definitely violated?
3. Which one of the following disaster recovery tests is the most disruptive to business activity?
4. Rob is conducting a business impact assessment of the risk of wildfire damaging his data center in Northern California. The facility’s replacement value is $5 million and Rob believes that a fire would completely destroy the facility.

His insurance company estimates that there is a 0.5 percent chance that a fire would destroy the facility in any given year. What is the annualized loss expectancy for this risk?
5. Drew is working with a service provider to establish a set of expectations for the amount of downtime that is acceptable each month. What type of agreement most commonly documents this type of expectation?
6. Tom is the CIO of a mid-sized college and is working with other colleges to establish a cloud computing environment accessible only to partner institutions. What type of cloud computing arrangement is Tom creating?
7. Which one of the following security controls is primarily designed to uncover ongoing fraudulent activity?
8. Will is concerned about the threat that tailgating poses to his organization’s physical security. Which one of the following controls would best prevent tailgating from occurring?
9. Ricky is configuring a directory server that must be accessible to users passing through a firewall. He would like to allow only encrypted LDAPS sessions through the firewall.

What port should Ricky enable?
10. Colin is preparing to testify in court about a forensic examination that he conducted. He plans to bring a confiscated computer into court with him. What type of evidence is this?