(ISC)2 CISSP Certified Information Systems Security Professional Official Practice Tests
eBook - ePub

(ISC)2 CISSP Certified Information Systems Security Professional Official Practice Tests

Mike Chapple, David Seidl

Buch teilen
  1. English
  2. ePUB (handyfreundlich)
  3. Über iOS und Android verfügbar
eBook - ePub

(ISC)2 CISSP Certified Information Systems Security Professional Official Practice Tests

Mike Chapple, David Seidl

Angaben zum Buch
Buchvorschau
Inhaltsverzeichnis
Quellenangaben

Über dieses Buch

Full-length practice tests covering all CISSP domains for the ultimate exam prep

The (ISC)2 CISSP Official Practice Tests is a major resource for (ISC)2 Certified Information Systems Security Professional (CISSP) candidates, providing 1300 unique practice questions. The first part of the book provides 100 questions per domain. You also have access to four unique 125-question practice exams to help you master the material. As the only official practice tests endorsed by (ISC)2, this book gives you the advantage of full and complete preparation. These practice tests align with the 2021 version of the exam to ensure up-to-date preparation, and are designed to cover what you will see on exam day. Coverage includes: Security and Risk Management, Asset Security, Security Architecture and Engineering, Communication and Network Security, Identity and Access Management (IAM), Security Assessment and Testing, Security Operations, and Software Development Security.

The CISSP credential signifies a body of knowledge and a set of guaranteed skills that put you in demand in the marketplace. This book is your ticket to achieving this prestigious certification, by helping you test what you know against what you need to know.

  • Test your knowledge of the 2021 exam domains
  • Identify areas in need of further study
  • Gauge your progress throughout your exam preparation
  • Practice test taking with Sybex's online test environment containing the questions from the book, which is supported by Wiley's support agents who are available 24x7 via email or live chat to assist with access and login questions

The CISSP exam is refreshed every few years to ensure that candidates are up-to-date on the latest security topics and trends. Currently-aligned preparation resources are critical, and periodic practice tests are one of the best ways to truly measure your level of understanding.

Häufig gestellte Fragen

Wie kann ich mein Abo kündigen?
Gehe einfach zum Kontobereich in den Einstellungen und klicke auf „Abo kündigen“ – ganz einfach. Nachdem du gekündigt hast, bleibt deine Mitgliedschaft für den verbleibenden Abozeitraum, den du bereits bezahlt hast, aktiv. Mehr Informationen hier.
(Wie) Kann ich Bücher herunterladen?
Derzeit stehen all unsere auf Mobilgeräte reagierenden ePub-Bücher zum Download über die App zur Verfügung. Die meisten unserer PDFs stehen ebenfalls zum Download bereit; wir arbeiten daran, auch die übrigen PDFs zum Download anzubieten, bei denen dies aktuell noch nicht möglich ist. Weitere Informationen hier.
Welcher Unterschied besteht bei den Preisen zwischen den Aboplänen?
Mit beiden Aboplänen erhältst du vollen Zugang zur Bibliothek und allen Funktionen von Perlego. Die einzigen Unterschiede bestehen im Preis und dem Abozeitraum: Mit dem Jahresabo sparst du auf 12 Monate gerechnet im Vergleich zum Monatsabo rund 30 %.
Was ist Perlego?
Wir sind ein Online-Abodienst für Lehrbücher, bei dem du für weniger als den Preis eines einzelnen Buches pro Monat Zugang zu einer ganzen Online-Bibliothek erhältst. Mit über 1 Million Büchern zu über 1.000 verschiedenen Themen haben wir bestimmt alles, was du brauchst! Weitere Informationen hier.
Unterstützt Perlego Text-zu-Sprache?
Achte auf das Symbol zum Vorlesen in deinem nächsten Buch, um zu sehen, ob du es dir auch anhören kannst. Bei diesem Tool wird dir Text laut vorgelesen, wobei der Text beim Vorlesen auch grafisch hervorgehoben wird. Du kannst das Vorlesen jederzeit anhalten, beschleunigen und verlangsamen. Weitere Informationen hier.
Ist (ISC)2 CISSP Certified Information Systems Security Professional Official Practice Tests als Online-PDF/ePub verfügbar?
Ja, du hast Zugang zu (ISC)2 CISSP Certified Information Systems Security Professional Official Practice Tests von Mike Chapple, David Seidl im PDF- und/oder ePub-Format sowie zu anderen beliebten Büchern aus Computer Science & Certification Guides in Computer Science. Aus unserem Katalog stehen dir über 1 Million Bücher zur Verfügung.

Information

Verlag
Sybex
Jahr
2021
ISBN
9781119787648
Auflage
3
Thema
Computer Science
Thema
Certification Guides in Computer Science

Chapter 1
Security and Risk Management (Domain 1)

SUBDOMAINS
  • 1.1 Understand, adhere to, and promote professional ethics
  • 1.2 Understand and apply security concepts
  • 1.3 Evaluate and apply security governance principles
  • 1.4 Determine compliance and other requirements
  • 1.5 Understand legal and regulatory issues that pertain to information security in a holistic context
  • 1.6 Understand requirements for investigation types (i.e., administrative, criminal, civil, regulatory, industry standards)
  • 1.7 Develop, document, and implement security policy, standards, procedures, and guidelines
  • 1.8 Identify, analyze, and prioritize Business Continuity (BC) requirements
  • 1.9 Contribute to and enforce personnel security policies and procedures
  • 1.10 Understand and apply risk management concepts
  • 1.11 Understand and apply threat modeling concepts and methodologies
  • 1.12 Apply Supply Chain Risk Management (SCRM) concepts
  • 1.13 Establish and maintain a security awareness, education, and training program
  1. Alyssa is responsible for her organization's security awareness program. She is concerned that changes in technology may make the content outdated. What control can she put in place to protect against this risk?
    1. Gamification
    2. Computer-based training
    3. Content reviews
    4. Live training
  2. Gavin is creating a report to management on the results of his most recent risk assessment. In his report, he would like to identify the remaining level of risk to the organization after adopting security controls. What term best describes this current level of risk?
    1. Inherent risk
    2. Residual risk
    3. Control risk
    4. Mitigated risk
  3. Francine is a security specialist for an online service provider in the United States. She recently received a claim from a copyright holder that a user is storing information on her service that violates the third party's copyright. What law governs the actions that Francine must take?
    1. Copyright Act
    2. Lanham Act
    3. Digital Millennium Copyright Act
    4. Gramm Leach Bliley Act
  4. FlyAway Travel has offices in both the European Union (EU) and the United States and transfers personal information between those offices regularly. They have recently received a request from an EU customer requesting that their account be terminated. Under the General Data Protection Regulation (GDPR), which requirement for processing personal information states that individuals may request that their data no longer be disseminated or processed?
    1. The right to access
    2. Privacy by design
    3. The right to be forgotten
    4. The right of data portability
  5. After conducting a qualitative risk assessment of her organization, Sally recommends purchasing cybersecurity breach insurance. What type of risk response behavior is she recommending?
    1. Accept
    2. Transfer
    3. Reduce
    4. Reject
  6. Which one of the following elements of information is not considered personally identifiable information that would trigger most United States (U.S.) state data breach laws?
    1. Student identification number
    2. Social Security number
    3. Driver's license number
    4. Credit card number
  7. Renee is speaking to her board of directors about their responsibilities to review cybersecurity controls. What rule requires that senior executives take personal responsibility for information security matters?
    1. Due diligence rule
    2. Personal liability rule
    3. Prudent man rule
    4. Due process rule
  8. Henry recently assisted one of his co-workers in preparing for the CISSP exam. During this process, Henry disclosed confidential information about the content of the exam, in violation of Canon IV of the Code of Ethics: “Advance and protect the profession.” Who may bring ethics charges against Henry for this violation?
    1. Anyone may bring charges.
    2. Any certified or licensed professional may bring charges.
    3. Only Henry's employer may bring charges.
    4. Only the affected employee may bring charges.
  9. Wanda is working with one of her organization's European Union business partners to facilitate the exchange of customer information. Wanda's organization is located in the United States. What would be the best method for Wanda to use to ensure GDPR compliance?
    1. Binding corporate rules
    2. Privacy Shield
    3. Standard contractual clauses
    4. Safe harbor
  10. Yolanda is the chief privacy officer for a financial institution and is researching privacy requirements related to customer checking accounts. Which one of the following laws is most likely to apply to this situation?
    1. GLBA
    2. SOX
    3. HIPAA
    4. FERPA
  11. Tim's organization recently received a contract to conduct sponsored research as a government contractor. What law now likely applies to...

Inhaltsverzeichnis