CISSP Practice полностью

3. Categorize the information to be disposed of.

4. Assess the nature of the medium on which it is recorded.

a. 1, 2, 3, and 4

b. 2, 3, 4, and 1

c. 3, 4, 1, and 2

d. 4, 3, 2, and 1

104. c. An information system user must first categorize the information to be disposed of, assess the nature of the medium on which it is recorded, assess the risk to confidentiality, and determine the future plans for the media.

105. All the following are examples of normal backup strategies except:

a. Ad hoc backup

b. Full backup

c. Incremental backup

d. Differential backup

105. a. Ad hoc means when needed and irregular. Ad hoc backup is not a well-thought-out strategy because there is no systematic way of backing up required data and programs. Full (normal) backup archives all selected files and marks each as having been backed up. Incremental backup archives only those files created or changed since the last normal backup and marks each file. Differential backup archives only those files that have been created or changed since the last normal backup. It does not mark the files as backed up. The backups mentioned in other three choices have a systematic procedure.

106. Regarding a patch management program, which of the following is not a method of patch remediation?

a. Developing a remediation plan

b. Installing software patches

c. Adjusting configuration settings

d. Removing affected software

106. a. Remediation is the act of correcting vulnerability or eliminating a threat. A remediation plan includes remediation of one or more threats or vulnerabilities facing an organization’s systems. The plan typically covers options to remove threats and vulnerabilities and priorities for performing the remediation.

Three types of remediation methods include installing a software patch, adjusting a configuration setting, and removing affected software. Removing affected software requires uninstalling a software application. The fact that a remediation plan is developed does not itself provide actual remediation work because actions provide remediation work not just plans on a paper.

107. For media sanitization, overwriting cannot be used for which of the following?

1. Damaged media

2. Nondamaged media

3. Rewriteable media

4. Nonrewriteable media

a. 1 only

b. 4 only

c. 1 or 4

d. 2 or 3

107. c. Overwriting cannot be used for media that are damaged or not rewriteable. The media type and size may also influence whether overwriting is a suitable sanitization method.

108. Regarding media sanitization, which of the following is the correct sequence of fully and physically destroying magnetic disks, such as hard drives?

1. Incinerate

2. Disintegrate

3. Pulverize

4. Shred

a. 4, 1, 2, and 3

b. 3, 4, 2, and 1

c. 1, 4, 3, and 2

d. 2, 4, 3, and 1

108. d. The correct sequence of fully and physically destroying magnetic disks such as hard drives (for example, advanced technology attachment (ATA) and serial ATA (SATA) hard drives), is disintegrate, shred, pulverize, and incinerate. This is the best recommended practice for both public and private sector organizations.

Disintegration is a method of sanitizing media and is the act of separating the equipment into component parts. Here, the disintegration step comes first to make the hard drive inoperable quickly. Shredding is a method of sanitizing media and is the act of cutting or tearing into small particles. Shredding cannot be the first step because it is not practical to do for many companies. Pulverization is a method of sanitizing media and is the act of grinding to a powder or dust. Incineration is a method of sanitizing media and is the act of burning completely to ashes done in a licensed incinerator.

Note that one does not need to complete all these methods, but can stop after any specific method and after reaching the final goal based on the sensitivity and criticality of data on the disk.

109. Who initiates audit trails in computer systems?

a. Functional users

b. System auditors

c. System administrators

d. Security administrators