(ISC)² CISSP - Certified Information Systems Security Professional - Uma ajudinha nas perguntas da certificação em CISSP - Parte 2
quinta-feira, 1 de maio de 2014
Bom antes do exame convém sempre, para além da frequência do curso, ter alguma literatura:
- https://umeshume.files.wordpress.com/2013/03/mcgraw-hill-osborne-media-cissp-all-in-one-exam-guide-6th-edition-2012.pdf
Dar uma vista atenta a este link: http://opensecuritytraining.info/CISSP-Main.HTML
Deixo de seguida um dump de questões da certificação:
Question:
Business continuity planning needs to provide several types of functionalities and protection types for an organization. Which of the following is not one of these items?
i. Provide an immediate and appropriate response to emergency situations
ii. Protect lives and ensure safety
iii. Reduce business conflicts
iv. Resume critical business functions
v. Work with outside vendors during the recovery period
vi. Reduce confusion during a crisis
vii. Ensure survivability of the business
viii. Get "up and running" quickly after a disaster
A.ii, iii
B.iii, iv, vi
C.i, ii, vii
D.iii
Answer:
D.iii
Explanation:
Preplanned procedures allow an organization to:
i. Provide an immediate and appropriate response to emergency situations
ii. Protect lives and ensure safety
iii. Reduce business impact
iv. Resume critical business functions
v. Work with outside vendors during the recovery period
vi. Reduce confusion during a crisis
vii. Ensure survivability of the business
viii. Get "up and running" quickly after a disaster
Question:
What procedures should take place to restore a system and its data files after system failure?
A.Restore from storage media backup
B.Perform a parallel test
C.Implement recovery procedures
D.Perform a walk-through test
Answer:
C.Implement recovery procedures
Explanation:
In this and similar situations, recovery procedures should be followed, which most likely includes recovering data from the backup media. Recovery procedures could include proper steps of rebuilding a system from the beginning, applying the necessary patches and configurations, and whatever needs to take place to ensure productivity is not affected. Some type of redundant system may need to be put into place.
Question:
What is the first step in developing a disaster recovery plan?
A.Identify all critical systems and functions of the company
B.Decide if the company needs to perform a walk-through, parallel, or simulation
test
C.Perform a business impact analysis
D.Interview a representative from each department
Answer:
C.Perform a business impact analysis
Explanation:
A business impact analysis includes identifying critical systems and functions of a company and interviewing representatives from each department. Once management’s support is solidified, a business impact analysis needs to be performed to identify the threats the company faces and the potential costs of these threats.
Question:
During a recovery procedure, one important step is to maintain records of important events that happen during the procedure. What other step is just as important?
A.Schedule another test to address issues that took place during that procedure
B.Make sure someone is prepared to talk to the media with the appropriate responses
C.Report the events to management and the appropriate agencies
D.Identify essential business functions
Answer:
C.Report the events to management and the appropriate agencies
Explanation:
When recovery procedures are carried out, the outcome of those procedures should be reported to the individuals who are responsible for this type of activity. This is usually some level of management. If the procedures worked properly, they should know this, and if problems were encountered, they should definitely be made aware of this. They are the ones responsible for fixing the recovery system and will be the ones to delegate this work and provide the necessary funding and resources.
Question:
The purpose of initiating emergency actions right after a disaster takes place is to prevent loss of life, attend to injuries, and __________.
A.Secure the area to ensure that no looting or fraud takes place
B.Mitigate further damage
C.Protect evidence and clues
D.Investigate the extent of the damages
Answer:
B.Mitigate further damage
Explanation:
The main goal of disaster recovery and business continuity plans is to mitigate all risks that could be experienced by a company. Emergency procedures need to be carried out first to protect human life. Then other procedures need to be executed to reduce the damage from further threats.
Question:
Which of the following is the best way to ensure that a company’s backup tapes can be used at a warm site?
A.Retrieve the tapes from the off-site facility and verify that the equipment at the original site can read them
B.Test them on the vendor’s machine, which won’t be used during an emergency
C.Inventory each tape kept at the vendor’s site twice a month
D.Test them on the equipment maintained within the hot site
Answer:
A.Retrieve the tapes from the off-site facility and verify that the equipment at the original site can read them
Explanation:
A warm site is a facility that will not be fully equipped with the company’s main systems. The idea of using a warm site is that if a disaster takes place, the company would bring their systems with them. If they cannot bring the systems with them because they are damaged, the company must purchase new systems that are exactly like their original systems. So to properly test backups, the company needs to test them by recovering the data on their original systems at their main site.
Question:
Which of the following is something that should be required of an off-site backup facility that stores backed-up media for companies?
A.The facility should be within 10 to 15 minutes of the original facility to
ensure easy access.
B.The facility should contain all necessary PCs, servers, and raised flooring.
C.The facility should be protected by an armed guard.
D.The facility should protect against unauthorized access and entry.
Answer:
D.The facility should protect against unauthorized access and entry.
Explanation:
This question is addressing a facility that is used to store backed-up data; it is not talking about an off-site facility used for disaster recovery purposes. The facility should not be 10 to 15 minutes away because if there was some type of disaster, the company’s main facility and this facility could both be destroyed and the company would lose all of their information. The facility should have the same security standards as the company’s security, including protecting against unauthorized access.
Question:
Which item will a business impact analysis not identify?
A.If the company is best suited for a parallel or full-interrupt test
B.What areas would suffer the greatest operational and financial loss in the event of a particular disaster or disruption
C.What systems are critical for the company and must be highly protected
D.What amount of outage time a company can endure before it is permanently crippled
Answer:
A.If the company is best suited for a parallel or full-interrupt test
Explanation:
All of the other answers address the main components of a business impact analysis. Determining the best type of exercise or drill to carry out is not covered under this type of analysis.
Question:
Which areas of a company are business plans recommended for?
A.The most important operational and financial areas
B.The areas that house the critical systems
C.All areas
D.The areas that the company cannot survive without
Answer:
C.All areas
Explanation:
It is best if every department within the company has its own recovery plan and continuity plan and procedures in place. These individual plans would "roll up" into the overall enterprise plan.
Question:
Who has the final approval of the disaster recovery and business continuity plan?
A.The planning committee
B.Each representative of each department
C.Management
D.External authority
Answer:
C.Management
Explanation:
Management has the final approval over everything within a company, including these plans.
Parte 1: http://e-forense.blogspot.com/2014/05/isc-cissp-certified-information-systems.html
Parte 3: http://e-forense.blogspot.com/2014/05/isc-cissp-certified-information-systems_2.html
Parte 4: http://e-forense.blogspot.com/2014/05/isc-cissp-certified-information-systems_5.html
Parte 5: http://e-forense.blogspot.com/2014/05/isc-cissp-certified-information-systems_8.html
Parte 6: http://e-forense.blogspot.com/2014/05/isc-cissp-certified-information-systems_9.html
