ISC2 Information Systems Security Management Professional CISSP-ISSMP Exam Practice Test

Answer : B, D

The Biba model is a formal state transition system of computer security policy that describes a set of access control rules designed to ensure data integrity. Data and subjects are grouped into ordered levels of integrity. The model is designed so that subjects may not corrupt data in a level ranked higher than the subject, or be corrupted by data from a lower level than the subject.

The Clark-Wilson security model provides a foundation for specifying and analyzing an integrity policy for a computing system.

Answer option C is incorrect. The Bell-LaPadula access control model is mainly used in military systems.

Answer option A is incorrect. There is no such access control model as Clark-Biba.

Answer : B

A trademark is a name, symbol, or slogan with which a product is identified. Its uniqueness makes the product noticeable among the same type of products. For example, Pentium and Athlon are brand names of the CPUs that are manufactured by Intel and AMD, respectively.

The trademark law protects a company's trademark by making it illegal for other companies to use it without taking prior permission of the trademark owner. A trademark is registered so that others cannot use identical or similar marks.

Answer option C is incorrect. A trade secret is a formula, practice, process, design, instrument, pattern, or compilation of information which is not generally known. It helps a business to obtain an economic advantage over its competitors or customers. In some jurisdictions, such secrets are referred to as confidential information or classified information.

Answer option A is incorrect. A copyright is a form of intellectual property, which secures to its holder the exclusive right to produce copies of his or her works of original expression, such as a literary work, movie, musical work or sound recording, painting, photograph, computer program, or industrial design, for a defined, yet extendable, period of time. It does not cover ideas or facts. Copyright laws protect intellectual property from misuse by other individuals.

Answer option D is incorrect. A patent is a set of exclusive rights granted to anyone who invents any new and useful machine, process, composition of matter, etc. A patent enables the inventor to legally enforce his right to exclude others from using his invention.

Answer : B

Tunneling is a process used by remote users to make a secure connection to internal resources after establishing an Internet connection. The tunnel is created between the two ends by encapsulating the data in a mutually agreed-upon protocol for transmission.

Answer option A is incorrect. Packet filtering is a method that allows or restricts the flow of specific types of packets to provide security. It analyzes the incoming and outgoing packets and lets them pass or stops them at a network interface based on the source and destination addresses, ports, or protocols. Packet filtering provides a way to define precisely which type of IP traffic is allowed to cross the firewall of an intranet. IP packet filtering is important when users from private intranets connect to public networks, such as the Internet.

Answer option C is incorrect. Packet sniffing is a process of monitoring data packets that travel across a network. The software used for packet sniffing is known as sniffers. There are many packet-sniffing programs that are available on the Internet. Some of these are unauthorized, which can be harmful for a network's security.

Answer option D is incorrect. Spoofing is a technique that makes a transmission appear to have come from an authentic source by forging the IP address, email address, caller ID, etc. In IP spoofing, a hacker modifies packet headers by using someone else's IP address to hide his identity. However, spoofing cannot be used while surfing the Internet, chatting on-line, etc. because forging the source IP address causes the responses to be misdirected.

Answer : B

The change management plan defines how the change control system works and the proper channels and procedures manages changes within the project. Change control system, a part of the configuration management system, is a collection of formal documented procedures that

define how project deliverables and documentation will be controlled, changed, and approved.

Answer option C is incorrect. The issue log is a document that records all issues, their characteristics, and status.

Answer option A is incorrect. The communications management plan defines who needs what information, when the information is needed, and the modality the information is to be communicated in.

Answer option D is incorrect. The risk management plan defines how risk will be managed within the project.

Answer : C

Performance measurement is the process whereby an organization establishes the parameters within which programs, investments, and acquisitions reach the desired results. This process of measuring performance often requires the use of statistical evidence to determine progress toward specific defined organizational objectives. Fundamental purpose behind measures is to improve performance. This is conducted with the same rigor as for other enterprise business units, functions, and processes.

Answer option D is incorrect. Risk management is the identification, assessment, and prioritization of risks followed by coordinated and economical application of resources to minimize, monitor, and control the probability or impact of unfortunate events or to maximize the realization of opportunities.

Answer option B is incorrect. Ethics are the rules of personal behavior.

Answer option A is incorrect. Information sharing includes ensuring that the right information is collected, retained, and communicated to the right parties at the right time.

Answer : A, B, D

The following methods can be helpful to eliminate social engineering threat.

Password policies

Vulnerability assessments

Data classification

Password policy should specify that how the password can be shared.

Company should implement periodic penetration and vulnerability assessments. These assessments usually consist of using known hacker tools and common hacker techniques to breach a network security. Social engineering should also be used for an accurate assessment.

Since social engineers use the knowledge of others to attain information, it is essential to have a data classification model in place that all employees know and follow. Data classification assigns level of sensitivity of company information. Each classification level specifies that who can view and edit data, and how it can be shared.

Answer : A, B, C

The following steps are generally followed in computer forensic examinations.

1.Acquire. In this step, the examiner gets an exact duplicate copy of the original data for investigation. The examiner leaves the original copy intact.

2.Authenticate. In this step, the investigator shows that the data is unchanged and has not been tampered.

3.Analyze. In this step, the examiner analyzes data carefully. The examiner recovers evidence by examining hard disk drives, hidden files, swap data, the Internet cache, and the Recycle bin.

Answer option D is incorrect. Encrypt is not a step followed in computer forensic examinations.