CISSP questions: SQL

Which of the following are placeholders for literal values in a Structured Query Language (SQL) query being sent to the database on a server?

Bind variables
Assimilation variables
Reduction variables
Resolution variables

Question: 476 | Difficulty: 3/5 | Relevancy: 3/3
Correct answer: Bind variables
Details: Bind variables are placeholders for literal values in a Structured Query Language (SQL) query being sent to the database on a server.
Source:: The CISSP Prep Guide: Gold Edition
Study area: CISSP CBK domain: Application and System Development Security
Covered topics: Structured Query Language (SQL)


This question is Sponsor and authorized by CCCURE

CISSP questions: backup method

Which common backup method is the fastest on a daily basis?
Full backup method
Incremental backup method
Fast backup method
Differential backup method

Question 905 | Difficulty level: 3/5 | Relevancy: 3/3
Correct answer: Incremental backup method
Details: The incremental backup method only copies files that have been recently changed or added. Only files with their archive bit set are backed up. This method is fast and uses less tape space but has some inherent vulnerabilities, one being that all incremental backups need to be available and restored from the date of the last full backup to the desired date should a restore be needed.
Study area: CISSP CBK domain: Telecommunication and Network Security
Covered topics: Backups and offsite storage

This question is Sponsor and authorized by CCCURE

CISSP questions: Closed Circuit Television (CCTV)

The recording of events with a closed-circuit TV camera is considered a:
Preventative control.
Detective control.
Compensating control.
Corrective control.

Question 1177 | Difficulty level: 2/5 | Relevancy: 3/3
Correct answer: Detective control
Details: Visual surveillance or recording devices such as closed circuit television are used in conjunction with guards in order to enhance their surveillance ability and to record events for future analysis or prosecution. When events are monitored, it is considered preventative whereas recording of events is considered detective in nature.
Study area: CISSP CBK domain: Physical Security
Covered topics: Administrative physical security controls, Closed Circuit Television (CCTV)

This question is Sponsor and authorized by CCCURE

CISSP questions: Business Continuity Planning (BCP)

Which of the following focuses on sustaining an organization's business functions during and after a disruption?
Business continuity plan
Business recovery plan
Continuity of operations plan
Disaster recovery plan

Question 1154 | Difficulty level: 3/5 | Relevancy: 3/3
Correct answer: Business Continuity Plan BCP
Details: A business continuity plan (BCP) focuses on sustaining an organization's business functions during and after a disruption. Information systems are considered in the BCP only in terms of their support to the larger business processes. The business recovery plan (BRP) addresses the restoration of business processes after an emergency. The BRP is similar to the BCP, but it typically lacks procedures to ensure continuity of critical processes throughout an emergency or disruption. The continuity of operations plan (COOP) focuses on restoring an organization's essential functions at an alternate site and performing those functions for up to 30 days before returning to normal operations. The disaster recovery plan (DRP) applies to major, usually catastrophic events that deny access to the normal facility for an extended period. A DRP is narrower in scope than an IT contingency plan in that it does not address minor disruptions that do not require relocation.
Source: SWANSON, Marianne, & al., National Institute of Standards and Technology (NIST), NIST Special Publication 800-34, Contingency Planning Guide for Information Technology Systems, December 2001 (page 8).
Study area: CISSP CBK domain #8 - Business Continuity Planning and DRP
Covered topics: Business Continuity Planning (BCP) and Disaster Recovery Plan (DRP)

This question is Sponsor and authorized by CCCURE

Tecnorati Tags: Business Continuity Planning (BCP), CISSP, Questions

CISSP questions: Encryption

What encryption algorithm is best suited for communication with handheld wireless devices?
ECC
RSA
SHA
RC4

Question 671 | Difficulty level: 4/5 | Relevancy: 3/3
Correct answer: ECC
Details: The Elliptic Curve Cryptosystems (ECC) are used as asymmetric algorithms and can provide signature, key distribution and encryption functionality. The fact that it uses less resource makes it appropriate for small handheld devices.
Study area: CISSP CBK domain #5 - Cryptography
Covered topics: Elliptic Curve Cryptosystems (ECC), Mobile, wireless and satellite technologies and security

This question is Sponsor and authorized by CCCURE

CISSP questions: Physical Security

Which of the following is the preferred way to suppress an electrical fire?
CO2 or Halon or Halon ozone friendly replacement
CO2, soda acid, or Powder
water or soda acid
Co2 or soda acid

Question 233 | Difficulty level: 2/5 | Relevancy: 3/3
Correct answer: CO2 or Halon or Halon ozone friendly replacement
Source: KRUTZ, Ronald L. & VINES, Russel D., The CISSP Prep Guide: Mastering the Ten Domains of Computer Security, page 335.
Details: It must be noted that Halon is now banned in most country or cities.
Study area: CISSP CBK domain #10 - Physical Security
Covered topic: Fire and smoke detection and suppression systems

This question is Sponsor by CCCURE, authorized by Clement.

CISSP questions: Access Control

In biometrics, "one-to-many" search against database of stored biometric images is done in:
Authentication
Identification
Identities
Identity-based access control

Question 430 Difficulty level: 4/5 Relevancy: 3/3
Correct answer: Identification
Details: In biometrics, identification is a "one-to-many" search of an individual's characteristics from a database of stored images.
Source: KRUTZ, Ronald L. & VINES, Russel D., The CISSP Prep Guide: Mastering the Ten Domains of Computer Security, 2001, John Wiley & Sons, Page 38.
Study area: CISSP CBK domain #1 - Access Control Systems and Methodology
Covered topic: Biometrics

This question is Sponsor by CCCURE, authorized by Clement.