Quiz CISSP

Quiz CISSP, Certified Information Systems Security Professional (update September 5th,2013)

Which of the following is not a purpose of doing risk analysis?

How do you calculate residual risk?

Which statement is true when looking at security objectives in the private business sector versus the military sector?

A security function defines the expected behavior from a security mechanism, and assurance defines:

An effective security program requires a balanced application of:

What is the definition of a security exposure?

Tactical planning is:

Which best describes the purpose of the ALE calculation?

Which is the most valuable technique when determining if a specific security control should be implemented?

What are security policies?