0% found this document useful (0 votes)

126 views4 pages

Sample Exam: Exam Name - Certified Information Systems Security Tester (CISST) ™ Exam Code - CISST-001

Uploaded by

sora yumemia

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as PDF, TXT or read online on Scribd

0% found this document useful (0 votes)

126 views4 pages

Sample Exam: Exam Name - Certified Information Systems Security Tester (CISST) ™ Exam Code - CISST-001

Uploaded by

sora yumemia

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as PDF, TXT or read online on Scribd

You are on page 1/ 4

Exam Name – Certified Information Systems Security Tester (CISST)™

Exam Code – CISST-001

Sample Exam

(Question): Which of the following is a purpose of a security audit?

(A): To prevent users from using simple passwords

(B): To reveal insufficient patch updates provided by the vendor
(C): To halt unauthorized intruders from accessing the system
(D): To require users to change their password after a predetermined set of days

(Correct): B

(Question): You are responsible for ensuring that new vendors brought on
externally for the project are fully compliant with government mandated
guidelines as part of your risk assessment. On which stakeholders should you
primarily focus to ensure these outside vendors continue to comply?

(A): Customers, users, and vendors to ensure there is good communication

between them
(B): Public users and vendors who will follow the law as it applies to the source of
information
(C): Federal and local agencies that communicate guidelines to follow
(D): Both internal and external sources that will use the information for further
analyzing the risk

(Correct): C

 Global Association for Quality Management (GAQM)

(Question): Which of the following is a consequence of a policy that minimizes
access to a system or device to acceptable levels?

(A): More devices are added to mitigate the impact

(B): Proper controls of self-provisioning devices such as routers are prohibited
(C): Devices that do not conform are removed from the wireless network
(D): Access to the VPN is severely restricted

(Correct): C

(Question): Your role as the Security Administrator is to help your organization

understand the effectiveness of security policies and procedures across the
enterprise. You will report your effectiveness findings to Senior Management
after your analysis has been completed. Which of the following is the optimum
strategy to accomplish this?

(A): Implement a static analysis evaluation independently for both policies and
procedures
(B): Analyze the results from a security test to validate effectiveness
(C): Evaluate security test results that focus on current threats and attacks
(D): Evaluate the static test results for new and emerging software threats

(Correct): B

 Global Association for Quality Management (GAQM)

(Question): If an organization experiences a security breach and legal action
results, how does it help the organization to have done security testing?

(A): It can show that the organization has done due diligence to try to prevent
such an incident
(B): The documentation from the security testing can be used to track down the
perpetrator
(C): Since any important information would have been backed up before security
testing, this backup can be used to restore any compromised information
(D): By tracing through the documented tests, the security testing team can
discover how the breach was possible

(Correct): A

(Question): You are working at a bank as part of the security testing team. During
a recent security audit it was noted that the user's passwords were not strong
enough. Since that time, a new set of requirements has been issued to ensure
password strength. Given this information, what would be a reasonable set of
security objectives for general password rule testing?

1. Verify that passwords meet the requirements for length

2. Verify that passwords meet the requirements for usage of characters, numbers,
letters and capitalization

3. Verify that passwords can be retried three times

4. Verify that passwords cannot be re-used within a one year timeframe

5. Verify that passwords must be reset every three months

6. Verify that the user can request to have their password emailed to them

 Global Association for Quality Management (GAQM)

(Question): Verify that the system administrator can reset a locked password

(A): 1, 2, 3, 4
(B): 1, 2, 4, 5
(C): 3, 4, 6, 7
(D): 4, 5, 6, 7

(Correct): B

(Question): Which of the following would be revealed during an audit of security

practices?

(A): Misconfiguration of a firewall zone

(B): Inadequate application of security updates from a software vendor
(C): Levels of risk for digital and physical assets
(D): Stakeholder responsibilities in information security practices

(Correct): B

 Global Association for Quality Management (GAQM)

Test Bank for Computer Security Principles and Practice, 5th Edition by William Stallings Lawrie Brown 2
No ratings yet
Test Bank for Computer Security Principles and Practice, 5th Edition by William Stallings Lawrie Brown 2
145 pages
Is Awareness Quiz Answers Final
No ratings yet
Is Awareness Quiz Answers Final
36 pages
MIDTERM EXAM - Attempt Review
67% (3)
MIDTERM EXAM - Attempt Review
12 pages
Exam Format Score Multiple Choice Questions (60 Score)
100% (5)
Exam Format Score Multiple Choice Questions (60 Score)
14 pages
Enabling TLS in Oracle Apps R12.2
100% (1)
Enabling TLS in Oracle Apps R12.2
41 pages
Cissp: Question & Answers
No ratings yet
Cissp: Question & Answers
27 pages
Chapter 8 - Securing Information Systems
No ratings yet
Chapter 8 - Securing Information Systems
16 pages
Smplex 7991
No ratings yet
Smplex 7991
3 pages
300+ (UPDATED) CISSP MCQs and Answers (PDF)
0% (1)
300+ (UPDATED) CISSP MCQs and Answers (PDF)
25 pages
CISSP - Certified Information Systems Security Professional Exam Preparation Study Guide
From Everand
CISSP - Certified Information Systems Security Professional Exam Preparation Study Guide
Georgio Daccache
5/5 (1)
Ismp 1-0
No ratings yet
Ismp 1-0
13 pages
57 Soal Last Exam FCNS
No ratings yet
57 Soal Last Exam FCNS
15 pages
Gaddisa Asign
No ratings yet
Gaddisa Asign
6 pages
Exam FCNS
No ratings yet
Exam FCNS
11 pages
ISF
No ratings yet
ISF
6 pages
Sample Exam Advanced Level Syllabus Security Testing: International Software Testing Qualifications Board
No ratings yet
Sample Exam Advanced Level Syllabus Security Testing: International Software Testing Qualifications Board
16 pages
CISM D3 Questions
No ratings yet
CISM D3 Questions
7 pages
Cissp Exam Questions 3
No ratings yet
Cissp Exam Questions 3
351 pages
50 Practice Questions - Security+ Certification SY0-701
No ratings yet
50 Practice Questions - Security+ Certification SY0-701
9 pages
Tutorial Letter 204/0/2020: Information Security
No ratings yet
Tutorial Letter 204/0/2020: Information Security
7 pages
Sec+ 1 - CertPreps
No ratings yet
Sec+ 1 - CertPreps
1 page
Delos Santos_Roan_Assignment_March 21
No ratings yet
Delos Santos_Roan_Assignment_March 21
3 pages
CISM EXAM Preparation Questions
100% (2)
CISM EXAM Preparation Questions
5 pages
Isfs 3-0
No ratings yet
Isfs 3-0
25 pages
CS205 MCQs Mids 2024 Mam Mehwish
No ratings yet
CS205 MCQs Mids 2024 Mam Mehwish
16 pages
Security
No ratings yet
Security
23 pages
Test Bank for Computer Security: Principles and Practice, 4th Edition, William Stallings, Lawrie Brown pdf download
100% (4)
Test Bank for Computer Security: Principles and Practice, 4th Edition, William Stallings, Lawrie Brown pdf download
39 pages
Kenya Stanley Ch8 HMWK Acc564
100% (1)
Kenya Stanley Ch8 HMWK Acc564
3 pages
Communicating A Security Strategy
No ratings yet
Communicating A Security Strategy
7 pages
Pass Sy0 501
33% (3)
Pass Sy0 501
106 pages
Website: VCE To PDF Converter: Facebook: Twitter:: ISFS - Exam.44q
No ratings yet
Website: VCE To PDF Converter: Facebook: Twitter:: ISFS - Exam.44q
21 pages
CISM June 2024 Upd 220724
No ratings yet
CISM June 2024 Upd 220724
48 pages
Test Bank for Computer Security: Principles and Practice, 4th Edition, William Stallings, Lawrie Brown - Available For One-Click Instant Download
100% (10)
Test Bank for Computer Security: Principles and Practice, 4th Edition, William Stallings, Lawrie Brown - Available For One-Click Instant Download
37 pages
Mock Test 2 Ko PDF Ho La
No ratings yet
Mock Test 2 Ko PDF Ho La
25 pages
The Answer Is B.: A. A Preliminary Monthly Closing File Was Used
No ratings yet
The Answer Is B.: A. A Preliminary Monthly Closing File Was Used
362 pages
exam 1
No ratings yet
exam 1
49 pages
CISM June 2024 Upd 180724
No ratings yet
CISM June 2024 Upd 180724
46 pages
CISSP Exam Prep V10.5-Answers
No ratings yet
CISSP Exam Prep V10.5-Answers
33 pages
Test Bank for Computer Security: Principles and Practice, 4th Edition, William Stallings, Lawrie Brown pdf download
100% (4)
Test Bank for Computer Security: Principles and Practice, 4th Edition, William Stallings, Lawrie Brown pdf download
40 pages
Sic Final (E-Next - In) (E-Next - In)
No ratings yet
Sic Final (E-Next - In) (E-Next - In)
56 pages
Lab 3
No ratings yet
Lab 3
4 pages
Cissp Exam Questions 4
No ratings yet
Cissp Exam Questions 4
381 pages
Information Assurance and Security 2 (Source 2)
No ratings yet
Information Assurance and Security 2 (Source 2)
12 pages
Information Technology Management, Audit and Control: Page 1 of 7
No ratings yet
Information Technology Management, Audit and Control: Page 1 of 7
7 pages
Test Bank for Computer Security: Principles and Practice, 4th Edition, William Stallings, Lawrie Brown instant download
100% (3)
Test Bank for Computer Security: Principles and Practice, 4th Edition, William Stallings, Lawrie Brown instant download
45 pages
Test Questions
No ratings yet
Test Questions
18 pages
CISSP Exam Insights: Practice Questions & Explanations
From Everand
CISSP Exam Insights: Practice Questions & Explanations
SUJAN
No ratings yet
712-50 EC-Council Certified CISO (CCISO) Exam Free Dumps
No ratings yet
712-50 EC-Council Certified CISO (CCISO) Exam Free Dumps
13 pages
Cissp Q1
No ratings yet
Cissp Q1
6 pages
Operational Security Is The Underlying Technical Features and Functions That Relate Collectively To The Achievement and Preservation of Security
No ratings yet
Operational Security Is The Underlying Technical Features and Functions That Relate Collectively To The Achievement and Preservation of Security
28 pages
Data security revision
No ratings yet
Data security revision
21 pages
Ais July 2020 PDF
No ratings yet
Ais July 2020 PDF
10 pages
L7 Cyber Security for Business
No ratings yet
L7 Cyber Security for Business
8 pages
4_5859317947117341942-1-1
No ratings yet
4_5859317947117341942-1-1
134 pages
Review_IAP301
No ratings yet
Review_IAP301
45 pages
Test Bank for Computer Security: Principles and Practice, 4th Edition, William Stallings, Lawrie Brown instant download
100% (6)
Test Bank for Computer Security: Principles and Practice, 4th Edition, William Stallings, Lawrie Brown instant download
38 pages
MIS5206 Week 12 Quiz Solutions1
No ratings yet
MIS5206 Week 12 Quiz Solutions1
6 pages
Test Bank for Computer Security: Principles and Practice, 4th Edition, William Stallings, Lawrie Brown instant download
100% (1)
Test Bank for Computer Security: Principles and Practice, 4th Edition, William Stallings, Lawrie Brown instant download
35 pages
Vendor: ISACA Exam Code: CISA Exam Name: Certified Information Systems Auditor Version: DEMO
No ratings yet
Vendor: ISACA Exam Code: CISA Exam Name: Certified Information Systems Auditor Version: DEMO
6 pages
CAS-005-Exam-Dumps
No ratings yet
CAS-005-Exam-Dumps
9 pages
mit_5110_assignment
No ratings yet
mit_5110_assignment
9 pages
Computer system security
No ratings yet
Computer system security
16 pages
Chapter 4 Database
No ratings yet
Chapter 4 Database
23 pages
Xin Zhou 2011
No ratings yet
Xin Zhou 2011
4 pages
Cyber Security Career Path
No ratings yet
Cyber Security Career Path
1 page
Cyber Security Training Presentation
No ratings yet
Cyber Security Training Presentation
19 pages
Word Search Puzzle-1711216028
No ratings yet
Word Search Puzzle-1711216028
1 page
Final Project
No ratings yet
Final Project
13 pages
Cyber Security Countermeasures
No ratings yet
Cyber Security Countermeasures
8 pages
Web Application Security Adithyan AK
No ratings yet
Web Application Security Adithyan AK
64 pages
ESOFT Admin Module-Assessment Resource 8311 8311-1723612790046-Unit 05 Security Assignment(2024 Update)
No ratings yet
ESOFT Admin Module-Assessment Resource 8311 8311-1723612790046-Unit 05 Security Assignment(2024 Update)
17 pages
USAO Motion in Slaughter / Gottfried Case
No ratings yet
USAO Motion in Slaughter / Gottfried Case
10 pages
Cybersecurity Education and Career Development
No ratings yet
Cybersecurity Education and Career Development
3 pages
Clave de licencia de Kaspersky Internet Security
No ratings yet
Clave de licencia de Kaspersky Internet Security
3 pages
An Introduction To BioMetrics
No ratings yet
An Introduction To BioMetrics
26 pages
Network_Detection_and_Response_NDR_Standard_Template_1742912746
No ratings yet
Network_Detection_and_Response_NDR_Standard_Template_1742912746
13 pages
Cloud Computing Security Risk: (Chapter Five)
No ratings yet
Cloud Computing Security Risk: (Chapter Five)
7 pages
SMALL Hackers Epoch Print and Play Cybersecurity Card Game 06JAN2021
No ratings yet
SMALL Hackers Epoch Print and Play Cybersecurity Card Game 06JAN2021
20 pages
Trend Vision One Email Security
No ratings yet
Trend Vision One Email Security
4 pages
OSCP-Exam-Report Mukesh
No ratings yet
OSCP-Exam-Report Mukesh
17 pages
10900121064__SouvikPal
No ratings yet
10900121064__SouvikPal
6 pages
Incident Response Plan
No ratings yet
Incident Response Plan
5 pages
Defense in Depth Checklist Controls: 50 Easy-to-Implement Controls To Strengthen Your Security
No ratings yet
Defense in Depth Checklist Controls: 50 Easy-to-Implement Controls To Strengthen Your Security
8 pages
CEHv6 Module 48 Corporate Espionage by Insiders
No ratings yet
CEHv6 Module 48 Corporate Espionage by Insiders
45 pages
Lec 01
No ratings yet
Lec 01
107 pages
Cyber Crime Quiz Question
100% (1)
Cyber Crime Quiz Question
5 pages
Xtream Code 2021
No ratings yet
Xtream Code 2021
5 pages
Cybersecurity Final Exam
No ratings yet
Cybersecurity Final Exam
6 pages
Story Res Pose India
No ratings yet
Story Res Pose India
37 pages
Red Team Training
100% (2)
Red Team Training
16 pages