Chapter 1 Security and Risk Management (Domain 1)

  1. What is the final step of a quantitative risk analysis?

    1. Determine asset value.
    2. Assess the annualized rate of occurrence.
    3. Derive the annualized loss expectancy.
    4. Conduct a cost/benefit analysis.
  2. An evil twin attack that broadcasts a legitimate SSID for an unauthorized network is an example of what category of threat?

    1. Spoofing
    2. Information disclosure
    3. Repudiation
    4. Tampering
  3. Under the Digital Millennium Copyright Act (DMCA), what type of offenses do not require prompt action by an Internet service provider after it receives a notification of infringement claim from a copyright holder?

    1. Storage of information by a customer on a provider’s server
    2. Caching of information by the provider ...

Get CISSP Official (ISC)2 Practice Tests now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.