O'Reilly logo

CISSP Official (ISC)2 Practice Tests by David Seidl, Mike Chapple

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Appendix Answers to Review Questions

Chapter 1: Security and Risk Management (Domain 1)

  1. D. The final step of a quantitative risk analysis is conducting a cost/benefit analysis to determine whether the organization should implement proposed countermeasure(s).
  2. A. Spoofing attacks use falsified identities. Spoofing attacks may use false IP addresses, email addresses, names, or, in the case of an evil twin attack, SSIDs.
  3. C. The DMCA states that providers are not responsible for the transitory activities of their users. Transmission of information over a network would qualify for this exemption. The other activities listed are all nontransitory actions that require remediation by the provider.
  4. A. The Notice principle says that organizations ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required