CISSP 管理题目.doc

安全管理知识域练习题 Related to information security, availability is the opposite of which of the following? delegation distribution documentation destruction D Related to information security, the guarantee that the message sent is the message received is an example of which of the following? integrity confidentiality availability identity A Which of the following is NOT an administrative control? Logical access control mechanisms Screening of personnel Development of policies, standards, procedures and guidelines Change control procedures A Which of the following describe elements that create reliability and stability in networks and systems and which assures that connectivity is accessible when needed? Availability Acceptability Confidentiality Integrity A Which one of the following individuals has PRIMARY responsibility for determining the classification level of information? Security manager User Owner Auditor C Which of the following groups represents the leading source of computer crime losses? hackers industrial saboteurs foreign intelligence officers employees D What is the main responsibility of information owner? making the determination to decide what level of classification the information requires running regular backups audit the users when they access to the information periodically checking the validity and accuracy for all data in the information system A What can be defined as an event that could cause harm to the information systems? A risk A threat A vulnerability A weakness B Which of the following is less likely to assist in ensuring availability? Backups and redundant disk systems Regular system and security audits Reliable and interoperable security processes and network security mechanisms Acceptable log-ins and operating process performances B Which of the following provides a minimum level of security acceptable for an environment? A baseline A standard A procedure A guideline A Who should provide access authorization to computerized information?