CISSP官方习题集(中英对照)场景套题整理

1、Refer to the information below to answer the question.A new employee is given a laptop computer with full administrator access. This employee does not have a personal computer at home and has a child that uses the computer to send and receive email, search the web, and use instant messaging. The org

2、anizations Information Technology (IT) department discovers that a peer-to-peer program has been installed on the computer using the employees access. Which of the following could have MOST likely prevented the Peer-toPeer (P2P) program from being installed on the computer?一名新员工拿到了具有管理员全权访问权限的笔记本电脑。

3、他家里没有个人电脑，有个孩子 也使用这台电脑发送和接受电子邮件，搜索网页，并使用即时消息。机构信息技术(IT)部 门发现有个对等程序已通过该员工的访问权安装在了电脑上。以下哪一项最有可能阻止对等(P2P, Peer-to-Peer)程序在计算机上的安装？Removing employees full access to the computer 去除员工对计算机的完全访问权Supervising their childs use of the computer 监督员工孩子对计算机的使用Limiting computers access to only the employee 限制计算机只能

4、由员工使用Ensuring employee understands their business conduct guidelines 确保员工理解公司的业务 行为准那么Answer: ARefer to the information below to answer the question.A new employee is given a laptop computer with full administrator access. This employee does not have a personal computer at home and has a child that

5、uses the computer to send and receive email, search the web, and use instant messaging. The organizations Information Technology (IT) department discovers that a peer-to-peer program has been installed on the computer using the employees access. Which of the following solutions would have MOST likel

6、y detected the use of peer-to-peer programs when the computer was connected to the office network?一名新员工拿到了具有管理员全权访问权限的笔记本电脑。他家里没有个人电脑，有个孩子 也使用这台电脑发送和接受电子邮件，搜索网页，并使用即时消息。机构信息技术(IT)部 门发现有个对等程序已通过该员工的访问权安装在了电脑上。以下哪一个解决方案最有可能检测到计算机与办公室网络连接时使用了对等程序？Anti-virus software 防病毒软件Intrusion Prevention System (IP

7、S)入侵防御系统(IPS)Anti-spyware software 反间谍软件Integrity checking so代ware 完整性检查软件Answer: BRefer to the information below to answer the question.A new employee is given a laptop computer with full administrator access. This employee does not have a personal computer at home and has a child that uses the com

8、puter to send and receive email, search the web, and use instant messaging. The organizations Information Technology (IT) department discovers that a peer-to-peer program has been installed on the computer using the employees access. Which of the following methods is the MOST effective way of removi

9、ng theTable BTable AUserClearance LevelARestrictedBConfidentialCSecretDTop SecretFilesSecurity Class1Restricted2Confidential3Secret4Top SecretIn a Bell-LaPadula system, which user cannot write to File 3?在Bell-LaPadula系统中，哪个用户无法写入文件3?User AUser BUserCUser DAnswer: DRefer to the information below to a

10、nswer the question.In a Multilevel Security (MLS) system, the following sensitivity labels are used in increasing levels of sensitivity: restricted, confidential, secret, top secret. Table A lists the clearance levels for four users, while Table B lists the security classes of four different files.在

11、多级平安(MLS)系统中，以下灵敏度标签用于增加灵敏度级别：受限，机密，秘密，最 高机密。表A列出了四个用户的清除级别，而表B列出了四个不同文件的平安级别。Table ATable BUserClearance LevelARestrictedBConfidentialCSecretDTop SecretUserClearance LevelARestrictedBConfidentialCSecretDTop SecretFilesSecurity Class1Restricted2Confidential3Secret4Top SecretIn a Bell-LaPadula system

12、, which user has the MOST restrictions when writing data to any of the four files?在Bell-LaPadula系统中，哪个用户在向四个文件中的任何一个写入数据时都最受限制？User AUser BUserCUser DAnswer: DRefer to the information below to answer the question.Desktop computers in an organization were sanitized for re-use in an equivalent securit

13、y environment. The data was destroyed in accordance with organizational policy and all marking and other external indications of the sensitivity of the data that was formerly stored on the magnetic drives were removed.某机构对桌面计算机进行消毒，以便在相等的平安性环境下重新使用。 数据以符合该机构政策的方式加以销毁，所有标记以及此前存储在磁盘驱动器上的其他外部 数据其敏感性标志均

14、以消除。After magnetic drives were degaussed twice according to the product manufacturers directions, what is the MOST LIKELY security issue with degaussing?按照产品制造商的指示对磁盘驱动器进行两次消磁后，以下哪一项为哪一项与消磁相关的最可能的 平安问题？Commercial products often have serious weaknesses of the magnetic force available in the degausser

15、 product.商业化消磁器产品中的可用磁力往往具有严重缺陷Degausser products may not be properly maintained and operated. 可能没有正确维护和操 作消磁产品The inability to turn the drive around in the chamber for the second pass due to human error. 由于人为错误而导致第二次消磁时驱动器无法在腔室内转动Inadequate record keeping when sanitizing media.在消毒介质时记录保存不当 Answer:

16、BRefer to the information below to answer the question.Desktop computers in an organization were sanitized for re-use in an equivalent security environment. The data was destroyed in accordance with organizational policy and all marking and other external indications of the sensitivity of the data t

17、hat was formerly stored on the magnetic drives were removed.某机构对桌面计算机进行消毒，以便在相等的平安性环境下重新使用。数据以符合该机构政 策的方式加以销毁，所有标记以及此前存储在磁盘驱动器上的其他外部数据其敏感性标志均 以消除。Organizational policy requires the deletion of user data from Personal Digital Assistant (PDA) devices before disposal. It may not be possible to delete t

18、he user data if the device is malfunctioning. Which destruction method below provides the BEST assurance that the data has been removed?机构的政策要求在处置个人数字助理(PDA)设备以前从中删除用户数据。如果设备出现故 障，可能无法删除用户数据。以下哪一项销毁方法最有效地确保数据已删除？Knurling 刻痕Grinding 磨碎Shredding 切碎Degaussing 消磁Answer: CRefer to the information below t

19、o answer the question.A large, multinational organization has decided to outsource a portion of their Information Technology (IT) organization to a third-party providers facility. This provider will be responsible for the design, development, testing, and support of several critical, customer-based

20、applications used by the organization.一家大型跨国公司决定将其信息技术(ITJnformation Technology)组织的一局部外包给第三 方供应商。这一供应商将负责设计、开发和测试公司使用的几个基于客户的关键性应用程序, 并负责对应用程序提供支持。The third party needs to have第三方需要具备processes that are identical to that of the organization doing the outsourcing. 与等业务夕卜包 的组织完全相同的流程access to the origi

21、nal personnel that were on staff at the organization, 组织员工的原始人员 访问权限the ability to maintain all of the applications in languages they are familiar with. 使用熟悉的语 言维护所有应用程序的能力access to the skill sets consistent with the programming languages used by the organization. 能访问与组织使用的编程语言一致的技能集Answer: DRefer t

22、o the information below to answer the question.A large, multinational organization has decided to outsource a portion of their Information Technology (IT) organization to a third-party providers facility. This provider will be responsible for the design, development, testing, and support of several

23、critical, customer-based applications used by the organization.一家大型跨国公司决定将其信息技术(ITJnformation Technology)组织的一局部外包给第三 方供应商。这一供应商将负责设计、开发和测试公司使用的几个基于客户的关键性应用程序, 并负责对应用程序提供支持。The organization should ensure that the third partys physical security controls are in place so that they组织应确保第三方的物理平安控制措施到位，以便a

24、re more rigorous than the original controls.比原来的控制措施更严格are able to limit access to sensitive information.能够限制对敏感信息的访问allow access by the organization staff at any time.允许组织员工随时存取cannot be accessed by subcontractors of the third party.不能由第三方的分包商访问 Answer: BRefer to the information below to answer the

25、 question.A large, multinational organization has decided to outsource a portion of their Information Technology (IT) organization to a third-party providers facility. This provider will be responsible for the design, development, testing, and support of several critical, customer-based applications

26、 used by the organization.一家大型跨国公司决定将其信息技术(ITJnformation Technology)组织的一局部外包给第三 方供应商。这一供应商将负责设计、开发和测试公司使用的几个基于客户的关键性应用程序, 并负责对应用程序提供支持。What additional considerations are there if the third party is located in a different country? 如果第三方位于其他国家，有哪些额外的考虑事项？The organizational structure of the third party

27、 and how it may impact timelines within the organization第三方的组织结构以及可能以何种方式影响公司的日程The ability of the third party to respond to the organization in a timely manner and with accurate information第三方对公司作出及时响应和提供准确信息的能力The effects of transborder data flows and customer expectations regarding the storage or

28、 processing of their data跨境数据流的影响以及客户对其数据存储和处理方面的期望The quantity of data that must be provided to the third party and how it is to be used 必须提供 给第三方的数据量及其使用方式Answer: CPeer-to-Peer (P2P) program from the computer?一名新员工拿到了具有管理员全权访问权限的笔记本电脑。他家里没有个人电脑，有个孩子 也使用这台电脑发送和接受电子邮件，搜索网页，并使用即时消息。机构信息技术(IT)部 门发现有个对

29、等程序已通过该员工的访问权安装在了电脑上。以下哪一个方法是从计算机删除对等(P2P, Peer-to-Peer)程序的最有效方式？Run software uninstall 运行软件卸载Re-image the computer重新映像计算机Find and remove all installation files 查找并删除所有安装文件Delete all cookies stored in the web browser cache 删除存储在 WEB 浏览器缓存中的所有 cookieAnswer: BRefer to the information below to answer t

30、he question.A new employee is given a laptop computer with full administrator access. This employee does not have a personal computer at home and has a child that uses the computer to send and receive email, search the web, and use instant messaging. The organization/s Information Technology (IT) de

31、partment discovers that a peer-to-peer program has been installed on the computer using the employees access. Which of the following documents explains the proper use of the organizations assets?一名新员工拿到了具有管理员全权访问权限的笔记本电脑。他家里没有个人电脑，有个孩子 也使用这台电脑发送和接受电子邮件，搜索网页，并使用即时消息、。机构信息技术(IT)部 门发现有个对等程序已通过该员工的访问权安装

32、在了电脑上。以下哪一个文档解释了对机构资产的正确使用？Human resources policy 人力资源政策Acceptable use policy可接受的使用政策Code of ethics 道德准那么Access control policy 访问控制政策Answer: BRefer to the information below to answer the question.A security practitioner detects client-based attacks on the organization/s network. A plan will be neces

33、sary to address these concerns.平安从业者检测到机构网络上基于客户端的攻击，将需 要有一个计划来解决这些顾虑。In the plan, what is the BEST approach to mitigate future internal client-based attacks? 在该计划中，以下哪一项为哪一项减缓未来内部的基于客户端攻击的最正确方法？Block all client side web exploits at the perimeter.在外围拦截所有客户端的 web 漏洞Remove all non-essential client-sid

34、e web services from the network.从网络删除所有非必需 的客户端web服务Screen for harmful exploits of client-side services before implementation. 在实施前筛查客户 端服务的有害漏洞Harden the client image before deployment.在部署前强化客户映像Answer: DRefer to the information below to answer the question.A security practitioner detects client-ba

35、sed attacks on the organizations network. A plan will be necessary to address these concerns.平安从业者检测到机构网络上基于客户端的攻击，将需 要有一个计划来解决这些顾虑。In addition to web browsers, what PRIMARY areas need to be addressed concerning mobile code used for malicious purposes?针对恶意目的所用的移动代码，除了网络浏览器之外，需要解 决以下哪些主要领域Text editor

36、s, database, and Internet phone applications 文本编辑器，数据库和网络 应用 程序Email, presentation, and database applications 电子邮件，演示和数据库应用程序Image libraries, presentation and spreadsheet applications 图像库，演示和电子表格应用程序Email, media players, and instant messaging applications 电子邮件,媒体播放器和即时消息 应用程序Answer: DRefer to the in

37、formation below to answer the question.A security practitioner detects client-based attacks on the organizations network. A plan will be necessary to address these concerns.平安从业者检测到机构网络上基于客户端的攻击，将需 要有一个计划来解决这些顾虑。What MUST the plan include in order to reduce client-side exploitation?为了减少客户端漏洞被 利用，该计划

38、必须包括以下哪一项？Approved web browsers批准的网络浏览器Network firewall procedures 网络防火墙规程Proxy configuration 代理配置Employee education 员工教育Answer: DRefer to the information below to answer the question.A security practitioner detects client-based attacks on the organizations network. A plan will be necessary to addre

39、ss these concerns.平安从业者检测到机构网络上基于客户端的攻击，将需 要有一个计划来解决这些顾虑。What is the BEST reason for the organization to pursue a plan to mitigate client-based attacks? 以 下哪一项为哪一项机构贯彻计划以缓解客户端攻击的最正确理由？Client privilege administration is inherently weaker than server privilege administration. 客户 端权限管理本质上比服务器权限管理更微弱Cli

40、ent hardening and management is easier on clients than on servers.在客户端践彳亍客户强 化和管理比在服务器上更简单Client-based attacks are more common and easier to exploit than server and network based attacks.与基于服务器和网络的攻击相比，基于客户端的攻击更为常见也更容易利用 D. Client-based attacks have higher financial impact.基于客户端的攻击其财务影响更大 Answer: CR

41、efer to the information below to answer the question.A large organization uses unique identifiers and requires them at the start of every system session. Application access is based on job classification. The organization is subject to periodic independent reviews of access controls and violations.

42、The organization uses wired and wireless networks and remote access. The organization also uses secure connections to branch offices and secure backup and recovery strategies for selected information and processes.一个大型组织使用唯一的身份标识，并要求他们在每次系统会话的开始时使用。应用程序访 问是基于工作职责的分类。该组织定期对面问控制和违规进行独立的审核。该组织使用了有 线和无线

43、网络，以及远程访问。该组织还使用了到分支机构的平安连接，以及针对某些选择 的信息和流程实施平安的备份和恢复策略。Which of the following BEST describes the access control methodology used?以下哪项最好的描述了该组织采用的访问控制方法？Least privilege 最小特权Lattice Based Access Control (LBAC)基于栅格的访问控制Role Based Access Control (RBAC)基于角色的访 问控制Lightweight Directory Access Control (LDA

44、P)轻量目录访问控制 Answer: CRefer to the information below to answer the question.A large organization uses unique identifiers and requires them at the start of every system session. Application access is based on job classification. The organization is subject to periodic independent reviews of access cont

45、rols and violations. The organization uses wired and wireless networks and remote access. The organization also uses secure connections to branch offices and secure backup and recovery strategies for selected information and processes.一个大型组织使用唯一的身份标识，并要求他们在每次系统会话的开始时使用。应用程序访 问是基于工作职责的分类。该组织定期对面问控制和违

46、规进行独立的审核。该组织使用了有 线和无线网络，以及远程访问。该组织还使用了到分支机构的平安连接，以及针对某些选择 的信息和流程实施平安的备份和恢复策略。In addition to authentication at the start of the user session, best practice would require reauthentication除了在用户会话开始时进行身份验证，最正确做法应在什么情况下要求重新认证？periodically during a session.在会话期间定期的for each business process.对每个业务流程at syste

47、m sign-off.从系统注销时after a period of inactivity.在(会话)不活跃一段时间之后Answer: DRefer to the information below to answer the question.A large organization uses unique identifiers and requires them at the start of every system session. Application access is based on job classification. The organization is subje

48、ct to periodic independent reviews of access controls and violations. The organization uses wired and wireless networks and remote access. The organization also uses secure connections to branch offices and secure backup and recovery strategies for selected information and processes.一个大型组织使用唯一的身份标识，

49、并要求他们在每次系统会话的开始时使用。应用程序访 问是基于工作职责的分类。该组织定期对面问控制和违规进行独立的审核。该组织使用了有 线和无线网络，以及远程访问。该组织还使用了到分支机构的平安连接，以及针对某些选择 的信息和流程实施平安的备份和恢复策略。Following best practice, where should the permitted access for each department and job classification combination be specified?按照最正确实践，每个部门和工作分类组合的访问许可应在哪里指定？Security procedu

50、res 平安程序Security standards 平安标准Human resource policy 人力资源政策Human resource standards 人力资源标准Answer: BRefer to the information below to answer the question.A large organization uses unique identifiers and requires them at the start of every system session. Application access is based on job classificat

51、ion. The organization is subject to periodic independent reviews of access controls and violations. The organization uses wired and wireless networks and remote access. The organization also uses secure connections to branch offices and secure backup and recovery strategies for selected information

52、and processes.一个大型组织使用唯一的身份标识，并要求他们在每次系统会话的开始时使用。应用程序访 问是基于工作职责的分类。该组织定期对面问控制和违规进行独立的审核。该组织使用了有 线和无线网络，以及远程访问。该组织还使用了到分支机构的平安连接，以及针对某些选择 的信息和流程实施平安的备份和恢复策略。What MUST the access control logs contain in addition to the identifier?那么访问控制日志除了身份标识以外还必须包含什么内容？Time of the access 访 问的时间Security classificati

53、on 平安分类Denied access attempts 拒绝访问尝试Associated clearance相关的身份级别Answer: ARefer to the information below to answer the question.An organization has hired an information security officer to lead their security department. The officer has adequate people resources but is lacking the other necessary comp

54、onents to have an effective security program. There are numerous initiatives requiring security involvement.某机构聘用了平安官来领导其平安部门。这名平安官由足够的人力资源，但是缺少有效平安 计划所的其他必要构成局部。有许多行动方案都要求平安方面的介入。Which of the following is considered the MOST important priority for the information security officer?以下哪一项被认为是信息平安官最重要的

55、优先事项？Formal acceptance of the security strategy 正工1接受平安策W各Disciplinary actions taken against unethical behavior 对不道德行为采取的纪律处分Development of an awareness program for new employees 为新员工制定平安意识培训计划 D. Audit of all organization system configurations for faults 审计机构所有系统配置是否存在过 错Answer: ARefer to the infor

56、mation below to answer the question.An organization has hired an information security officer to lead their security department. The officer has adequate people resources but is lacking the other necessary components to have an effective security program. There are numerous initiatives requiring sec

57、urity involvement. 某机构聘用了平安官来领导其平安部门。这名平安官由足够的人力资源，但是缺少有效平安 计划所的其他必要构成局部。有许多行动方案都要求平安方面的介入。The effectiveness of the security program can PRIMARILY be measured through 衡量平安计划有效性的主要手段是audit findings.审计发现risk elimination.风险消除audit requirements. 审计要求customer satisfaction.客户满意度Answer: ARefer to the infor

58、mation below to answer the question.An organization has hired an information security officer to lead their security department. The officer has adequate people resources but is lacking the other necessary components to have an effective security program. There are numerous initiatives requiring sec

59、urity involvement.某机构聘用了平安官来领导其平安部门。这名平安官由足够的人力资源，但是缺少有效平安 计划所的其他必要构成局部。有许多行动方案都要求平安方面的介入。Given the number of priorities, which of the following will MOST likely influence the selection of top initiatives?考虑到一定数量的优先事项，以下哪一项最有可能影响对顶级举措的选择？Severity of risk风险的严重程度Complexity of strategy 策略的复杂性Frequency

60、of incidents 事故的频率Ongoing awareness不断的平安意识教育Answer: ARefer to the information below to answer the question.An organization has hired an information security officer to lead their security department. The officer has adequate people resources but is lacking the other necessary components to have an e