ISC2 ISSMP Information Systems Security Management Professional CISSP-ISSMP Exam Practice Test

Which of the following can be done over telephone lines, e-mail, instant messaging, and any other method of communication considered private.

Which of the following models uses a directed graph to specify the rights that a subject can transfer to an object or that a subject can take from another subject?

Sarah has created a site on which she publishes a copyrighted material. She is ignorant that she is infringing copyright. Is she guilty under copyright laws?

An organization monitors the hard disks of its employees' computers from time to time. Which policy does this pertain to?

Which of the following plans is documented and organized for emergency response, backup operations, and recovery maintained by an activity as part of its security program that will ensure the availability of critical resources and facilitates the continuity of operations in an emergency situation?

Shoulder surfing is a type of in-person attack in which the attacker gathers information about the premises of an organization. This attack is often performed by looking surreptitiously at the keyboard of an employee's computer while he is typing in his password at any access point such as a terminal/Web site. Which of the following is violated in a shoulder surfing attack?

You are the Network Administrator for a college. You watch a large number of people (some not even students) going in and out of areas with campus computers (libraries, computer labs, etc.). You have had a problem with laptops being stolen. What is the most cost effective method to prevent this?