Jumat, 12 Desember 2014

CISSP Exam Preparation (Question 274)

(274) A significant action has a state that enables actions on an ADP system to be traced to individuals who may then be held responsible. The action does NOT include:

A. Violations of security policy.
B. Attempted violations of security policy.
C. Non-violations of security policy.
D. Attempted violations of allowed actions.

Correct Answer: C


Explanation/Reference:

- Idham Azhari

Jumat, 05 Desember 2014

CISSP Exam Preparation (Question 273)

(273) Which of the following embodies all the detailed actions that personnel are required to follow?

A. Standards
B. Guidelines
C. Procedures
D. Baselines

Correct Answer: C


Explanation/Reference:

- Idham Azhari

Jumat, 28 November 2014

CISSP Exam Preparation (Question 272)

(272) In an organization, an Information Technology security function should:

A. Be a function within the information systems functions of an organization
B. Report directly to a specialized business unit such as legal, corporate security or insurance
C. Be lead by a Chief Security Officer and report directly to the CEO
D. Be independent but report to the Information Systems function

Correct Answer: C


Explanation/Reference:

- Idham Azhari

Jumat, 21 November 2014

CISSP Exam Preparation (Question 271)

(271) Which of the following choices is NOT part of a security policy?

A. definition of overall steps of information security and the importance of security
B. statement of management intend, supporting the goals and principles of information security
C. definition of general and specific responsibilities for information security management
D. description of specific technologies used in the field of information security

Correct Answer: D


Explanation/Reference:

- Idham Azhari

Jumat, 14 November 2014

CISSP Exam Preparation (Question 270)

(270) Which must bear the primary responsibility for determining the level of protection needed for information systems resources?

A. IS security specialists
B. Senior Management
C. Seniors security analysts
D. system auditors

Correct Answer: B


Explanation/Reference:

- Idham Azhari

Selasa, 08 April 2014

CISSP Exam Preparation (Question 1 ~ 5)

(1) During development, testing, and maintenance of the disaster recovery and continuity plan, a high degree of interaction and communication is crucial to the process. Why?
A. This is a regulatory requirement of the process.
B. The more people talk about it and get involved, the more awareness will increase
C. This is not crucial to the plan and should not be interactive because it will most likely affect operations
D. Management will more likely support it.

Explanation:
Communication not only provides awareness of these plans and their contents, but also allows more people to discuss the possible threats and solutions that the original team may not uncover.
(2) Which of the following is not one of the stages of the DHCP lease process?
i. Discover
ii. Offer
iii. Request
iv. Acknowledgment
A. All of them
B. None of them
C. i
D. ii

Explanation:
The four-step DHCP lease process is:
- DHCPDISCOVER message: This message is used to request an IP address lease from a
DHCP server.
- DHCPOFFER message: This message is a response to a DHCPDISCOVER message, and is
sent by one or numerous DHCP servers.
- DHCPREQUEST message: The client sends the initial DHCP server which responded to
its request a DHCP Request message.
- DHCPACK message: The DHCP Acknowledge message is sent by the DHCP server to the
DHCP client and is the process whereby which the DHCP server assigns the IP address
lease to the DHCP client.
(3) The World Wide Web is a _______ network that is an overlay on top of the Internet.
A. Virtual
B. Private
C. Trusted
D. Analog

Explanation:
The World Wide Web and the Internet are two terms commonly interchanged
as the same thing by the average computer user. They are not the same thing,
however. The Web exists on top of the Internet and is a series of pages connected to
one another by hyperlinks.
(4) Switches marry the technologies of _____ and ______.
A. Hubs and bridges
B. Bridges and routers
C. Network adapters and hubs
D. Bridges and network adapters

Explanation:
Switches combine the technologies of hubs and bridges. They act as hubs
by enhancing performance and act as bridges by distributing traffic to different
networks.
(5) A switch is a multi-functional networking device that can operate within several OSI layers. Which layer can a switch not function in?
A. 1
B. 2
C. 3
D. 4


Explanation:
Switches do not operate in the Physical layer, OSI Layer 1. They make
packet forwarding decisions (Layer 2), and specific switches exist that make
decisions based upon Layer 3 and Layer 4 data information.

- Muhammad Idham Azhari