Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

CISSP > 9 - Physical (Environmental) Security > Flashcards

9 - Physical (Environmental) Security Flashcards

1
Q
  1. If an intruder is able to circumvent physical access security and is able to take over control of internal systems, what principle of security is violated?a. Availabilityb. Integrityc. Accountabilityd. Privacy
A

B: Loss of control over a system is a violation of integrity.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q
  1. Which of the following is not a threat to physical security?a. Sabotageb. Toxic material releasec. Brute force password attacksd. Electromagnetic pulse
A

C: A brute force password attack is a violation of technical or logical security.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q
  1. Which of the following is not considered a form of physical access control?a. Fencingb. Dogsc. Lightingd. CCTV
A

D: CCTV is considered a technical or logical access control.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q
  1. Which of the following is an example of a physical security administrative control?a. Facility constructionb. fencingc. man trapsd. security guards
A

A: Facility construction is an example of a physical security administrative control.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q
  1. Which of the following is not an example of a physical security technical control?a. access controlsb. personnel controlsc. intrusion detectiond. HVAC management
A

B: Personnel controls are an example of a physical security administrative control.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q
  1. Which of the following is an example of a physical security technical control?a. lightingb. facility construction materialsc. fire detection and suppressiond. facility Selection
A

C: Fire detection and suppression is an example of physical security technical control.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q
  1. Physical security is maintained through three types of controls. Which of the following is not one of these?a. Defensiveb. Physicalc. Technicald. Administrative
A

A: Defensive is not a type of physical security control.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q
  1. The study of the facility infrastructure to determine what elements are essential to the support of physical security is known as?a. Risk analysisb. Critical path analysisc. Delphi techniqued. Collusion inspection
A

B: Critical path analysis is the study of the facility infrastructure to determine what elements are essential to the support of physical security.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q
  1. Which of the following is not a physical security administrative control?a. Site constructionb. Personnel trainingc. Intrusion detection systemsd. Emergency response procedures
A

C: Intrusion detection systems is a physical security technical control.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q
  1. When evaluating the security of a new facility or site, which of the following is the least important?a. costb. locationc. fire ratingd. local emergency services
A

A: Cost is the least important aspect when evaluating the security of a new facility or site.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q
  1. Which of the following is the least important aspect of a secured server room?a. fire suppression systemb. human compatibilityc. temperature control systemd. efficient use of space (such as stacking machines)
A

B: Human compatibility is the least important aspect of a secured server room. In fact, server rooms are often very incompatible for humans.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q
  1. When evaluating, selecting, and deploying physical security access controls, what is always the most important?a. costb. ease of maintenancec. protection of human safetyd. reliability
A

C: Protection of human safety is always the most important aspect of any security control.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q
  1. Which of the following is not a physical security physical control?a. Fencingb. Lightingc. Data backupsd. Man traps
A

C: Data backups is a physical security technical control.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q
  1. Which of the following is the least important aspect to consider when selecting a physical location for a highly secured facility?a. Local crime rateb. Access roadsc. Surrounding terraind. Proximity to airport flight path
A

D: The proximity to airport flight path is the least important consideration aspect from this list. In most cases, except for top-secret military facilities, being in a flight path is inconsequential.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q
  1. When constructing a new building for a secure site, which of the following is the least important issue to consider in regards to security?a. The combustibility of the walls and ceilingb. Whether windows can be openedc. The type of fire suppression systemd. The size of the facility
A

D: The size of the facility is the least important security factor to consider.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q
  1. Which of the following is not an example of a physical security physical control?a. guard dogsb. man trapsc. fencingd. data backups
A

D: Data backups are an example of a physical security technical control.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q
  1. Which of the following is an example of a physical security physical control?a. security guardsb. CCTV monitoringc. Power supply managementd. intrusion detection
A

A: Security guards are an example of a physical security physical control.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q
  1. Which of the following is the least important aspect to consider when selecting a security facility location?a. surrounding terrainb. costc. access to emergency servicesd. proximity to residential areas
A

B: Cost is the least important aspect when considering a location for a secure facility (from this list of options).

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q
  1. When should hardware be replaced to maintain availability?a. At the mean time to repairb. Every two yearsc. When capacity reaches 65% utilizationd. Before the mean time between failures
A

D: Hardware should be replaced before it reaches its age of mean time between failures.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q
  1. Which of the following is not an example of a physical security administrative control?a. trainingb. facility managementc. emergency response proceduresd. alarms
A

D: Alarms are examples of physical security technical controls.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q
  1. Which of the following is not a benefit of a human incompatible server/computer room?a. An emergency shelterb. Improved fire suppressionc. Lower temperature settings d. Efficient use of space
A

A: A human incompatible server room cannot serve as an emergency shelter, this is a disadvantage.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q
  1. When physical security is violated and damage occurs to the computer hardware itself, this is a violation of what principle of security?a. Availabilityb. Confidentialityc. Accountabilityd. Integrity
A

A: Physical damage is a violation of availability.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q
  1. Which of the following is the least important aspect to consider when selecting a security facility location?a. access to means of transportationb. frequency of earthquakesc. sized. direction of door openings
A

C: Size is the least important aspect when considering a location for a secure facility (from this list of options).

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q
  1. Which of the following is the least important aspect to consider when designing the interior of a security facility?a. load ratingb. fire resistancec. accessibilityd. consistency in decorating scheme
A

D: Consistency in decorating scheme, such as the color and texture, are the least important aspect of a facility’s interior when designing security.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
Q
  1. Which of the following is not an important physical security factor when considering the security of windows?a. UV reflection or blockingb. translucency vs. opaquenessc. shatterproofd. placement
A

A: UV reflection or blocking is the least important factor in regards to security when considering windows.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
26
Q
  1. Which of the following is a direct threat to maintaining the integrity of hosted data?a. unauthorized disclosureb. termination of power to the supporting systemsc. no input validationd. loss of physical access control of a system
A

C: No input validation is a threat to maintaining the integrity of hosted data.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
27
Q
  1. Which of the following represents a threat to confidentiality, integrity, and availability?a. theft of a notebookb. physical destruction of access terminalsc. unauthorized disclosured. termination of power to the supporting systems
A

A: Theft of a laptop represents a threat to confidentiality, integrity, and availability.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
28
Q
  1. Which of the following is not considered a physical security emergency? a. toxic material releaseb. intrusion attempts through communication linksc. facility fired. flooding
A

B: Intrusion attempts through communication links is a technical or logical security emergency, not physical.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
29
Q
  1. Which of the following is not an important physical security factor when considering the security of flooring?a. load ratingb. texturec. conductivity of the surfaced. combustibility
A

B: The texture of following is the least important physical security factor when considering the security of flooring.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
30
Q
  1. Internal partitions are useful for creating?a. division of work from visitor spacesb. fire barriersc. separate work spacesd. distinction between areas of different sensitivity
A

C: Partitions are useful for creating separate work spaces.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
31
Q
  1. Which of the following should be used to provide sufficient security and separation of areas with various levels of sensitivity and confidentiality?a. partitionsb. windowsc. boundaries outlined by colored taped. floor to ceiling permanent walls
A

D: Floor to ceiling permanent walls should be used to provide sufficient security and separation of areas with various levels of sensitivity and confidentiality.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
32
Q
  1. Which of the following is not a human threat to physical security?a. vandalismb. strikesc. utility lossd. sabotage
A

C: Utility loss is a threat of physical security that can be caused by humans, but it can also be caused by natural disasters. This is the best answer for this question.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
33
Q
  1. The most important factor when designing and implementing physical security solutions is?a. cost effectiveness of mechanismsb. efficiency of solutionsc. automation of controlsd. personnel safety
A

D: Personnel safety is always the most important factor when designing and implementing physical security solutions.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
34
Q
  1. To protect the data center from threats to physical security, what should be done?a. It should be placed in the center or core of the facilityb. It should be located off sitec. It should be placed in the basementd. It should be distributed throughout the facility
A

A: The data center should be placed in the center or core of a facility for the maximum protection from threats to physical security.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
35
Q
  1. When designing a facility to provide protection for sensitive electrical equipment, what is the most important factor?a. load rating of the floorb. electrical conductance of the flooring materialc. whether or not raised flooring is usedd. the physical dimensions of the data center room
A

B: The most important factor when protecting sensitive electrical equipment is the electrical conductance of the flooring material or the likelihood of generation and sparking of static electricity.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
36
Q
  1. Secure and protected computer rooms or data centers should be all but which of the following?a. restricted accessb. electronic equipment compatible fire suppression systemc. human compatibled. located in the center or core of the facility
A

C: A computer room or data center need not be human compatible to be secure and protected.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
37
Q
  1. The momentary increase in power often experienced at the moment when a device or a power system is turned on is known as?a. surgeb. spikec. noised. inrush
A

D: An inrush is the momentary increase in power often experienced at the moment when a device or a power system is turned on.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
38
Q
  1. The short duration of an interfering disturbance in the power line is known as?a. transientb. spikec. noised. sag
A

A: A transient is a short duration of an interfering disturbance in the power line.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
39
Q
  1. The radiation generated by the difference in power of the hot and neutral wires of a circuit is known as?a. transientb. traverse mode noisec. common mode noised. brownout
A

B: Traverse modem noise is the radiation generated by the difference in power of the hot and neutral wires of a circuit.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
40
Q
  1. An important aspect of a physical security mechanism is?a. personnel safetyb. compliance with industry standardsc. similarity with existing solutionsd. user training required
A

A: Personnel safety is an important concern when considering security mechanisms.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
41
Q
  1. Physical security mechanisms should always?a. be invisible to the userb. comply with laws and regulationsc. be automatedd. be approved by all levels of management
A

B: Physical security mechanisms should always comply with laws and regulations.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
42
Q
  1. To control costs while maintaining a reasonable level of protection against the failure of hardware, you should?a. know the locations of several hardware vendors in your cityb. maintain a hot site duplicate facilityc. obtain a service level agreement with a hardware vendord. store replacement parts on site
A

C: Obtaining a service level agreement with a hardware vendor provides a reasonable level of protection against the failure of hardware.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
43
Q
  1. Which of the following is not an effective means to eliminate or reduce power line noise?a. move power lines away from strong magnetic sourcesb. ensure proper groundingc. use cables with fewer twistsd. add cable shielding
A

C: Cables with fewer twists will increase the likelihood of power line noise.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
44
Q
  1. According to the ANSI standard, at what point of a drop in power between the power source and the meter is a brownout declared?a. 1.20%b. 10%c. 3.50%d. 8%
A

D: According to the ANSI standard, at a drop of 8% in power between the power source and the meter is a brownout declared.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
45
Q
  1. Which is not a Water-based Fire protection System?a. Preaction Systemb. Deluge Systemc. Dry Pipe Systemd. Infared Flame Detector
A

D: An Infared flame detector is not a water based fire protection system in itself. It can be used inconjunction with other water based systems. The infared flame detector reacts to emissions from flame.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
46
Q
  1. Hardware components should be replaced when?a. Every yearb. Immediately after their second failurec. On every instance of a failured. Before their mean time between failure time period expires
A

D: Hardware components should be replaced before their mean time between failure (MTBF) time period expires.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
47
Q
  1. The hardware component rating of mean time to repair (MTTR) is used for what purpose?a. to determine how often to expect to replace a deviceb. to determine when to replace a devicec. to determine how long it takes to repair a deviced. to determine the length of time after the first failure before a device must be replaced.
A

C: The mean time to repair (MTTR) is used to determine how long it will take to repair a device.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
48
Q
  1. Which of the following is not considered an adequate protection means for a mission critical server?a. uninterruptible power supplyb. surge protectorc. alternate power supplyd. backup generator
A

B: A surge protector, while useful and recommended, is not the best option from this list of power protection devices for a mission critical server.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
49
Q
  1. A momentary loss of power is known as?a. brownoutb. spikec. faultd. sag
A

C: A fault is a momentary loss of power.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
50
Q
  1. Radio frequency interference (RFI) can be caused by all but which of the following?a. electric cablesb. cement wallsc. fluorescent lightsd. space heaters
A

B: Cement walls do not cause radio frequency interference (RFI), but may actually reduce it.

51
Q
  1. A pre-employment screening process should include all but which of the following?a. reference checksb. drug screeningc. supervisor reviewd. education history verification
A

C: A supervisor review can only occur after a worker has been employed for a length of time. This is not an element of the pre-employment screening process.

52
Q
  1. Which of the following is not an element that should be a part of on-going employee checks?a. security clearance verificationb. supervisor reviewc. drug testingd. termination of physical access
A

D: Termination of physical access should occur as an element of the post-employment or termination procedures, not as part of on-going employee checks.

53
Q
  1. What is the ideal operating humidity for a data center room?a. 20 - 40%b. 40 - 60%c. 60 - 80%d. 80 - 100%
A

B: The ideal operating humidity for a data center room is 40-60%.

54
Q
  1. Static electricity discharges over ___________ volts are possible on low-static carpeting with very low humidity.a. 1,000b. 5,000c. 20,000d. 150,000
A

C: Static electricity discharges over 20,000 volts are possible on low-static carpeting with very low humidity.

55
Q
  1. A static discharge of a 1000, volts is sufficient to cause which of the following forms of damage?a. cause a system shutdownb. destroy data on a hard drivec. permanently damage microchipsd. scramble a monitor display
A

D: A static discharge of a 1000, volts is sufficient to scramble a monitor display.

56
Q
  1. A static discharge of only __________ volts is sufficient to cause a printer jam or serious malfunction?a. 4,000b. 1,000c. 55,000d. 17,000
A

A: A static discharge of only 4,000 volts is sufficient to cause a printer jam or serious malfunction

57
Q
  1. When selecting a fire extinguisher to use against burning liquids, you should not select one which uses?a. CO2b. soda acidc. halond. water
A

D: Water should never be used to attempt to extinguish burning liquids. In most cases, water will help spread the fire rather than suppress it.

58
Q
  1. What is the most effective suppressant for electrical fires?a. CO2b. soda acidc. waterd. soda ash
A

A: CO or Halon are most effective against electrical fires. Type C fire extinguishers use CO, Halon, or a Halon replacement to suppress electrical fires.

59
Q
  1. In a data center, what is the best choice for a hand-held fire extinguisher? a. A bucket of sandb. Type Cc. A bucket of waterd. Type B
A

B: Type C fire extinguishers use CO, Halon, or a Halon replacement to suppress electrical fires. Type C is the best choice for a data center.

60
Q
  1. The termination procedure may include all but which of the following?a. issuing of photo IDb. escort off the premisesc. review of non-disclosure agreementsd. return of equipment
A

A: The issuing of photo ID is an element of the employment or hiring procedures, not the termination procedures.

61
Q
  1. Which of the following is not an administrative control for maintaining physical security?a. fire drillsb. assigning a user account logon rightsc. exit interviewd. employment record verification
A

B: Assigning a user account logon rights is a logical or technical control for maintaining logical or technical security.

62
Q
  1. When maintaining administrative controls to protect physical security in the event of a disaster or emergency, all but which of the following should be performed?a. clearly document the steps of the procedures of the recovery planb. personnel training and drillsc. perform a detailed risk analysisd. periodic review of the recovery plan
A

C: Risk analysis is not an element of maintaining administrative controls to protect physical security. Instead, risk analysis is used to select the safeguards to implement and re-evaluate their effectiveness, not in the maintenance of a selected security solution.

63
Q
  1. The most appropriate form of fire suppression mechanism for data centers is?a. preactionb. gas dischargec. deluged. dry pipe
A

B: A gas discharge system is most appropriate for data centers since a gas can be selected that will cause the least damage to the equipment in the event of a real or a false alarm release of the suppression medium.

64
Q
  1. A CO2 gas discharge system suppresses fires by what means?a. heat reductionb. fuel removalc. oxygen displacementd. interrupting the chemical reaction of burning
A

C: A gas discharge system suppresses fires by means of oxygen displacement.

65
Q
  1. Why is Halon being replaced whenever possible and not being used when new fire suppression gas-discharge systems are installed?a. Halon is not effective against electrical fires.b. Halon is expensive.c. Halon is too difficult to manage in most data center environments.d. Halon degrades into toxic chemicals at 900 degrees.
A

D: Halon degrades into toxic chemicals at 900 degrees.

66
Q
  1. A benefit of security guards is what?a. offer discriminating judgmentb. not usable in all environmentsc. fraudulent information on job application or resumed. illness
A

A: A benefit of security guards is their ability to offer discriminating judgment on site.

67
Q
  1. The most suitable replacement for security guards is?a. lightingb. dogsc. fencingd. proximity detectors
A

B: For certain situations, dogs are the most suitable replacement or alternative for security guards.

68
Q
  1. The benefit of guards dogs is?a. costb. maintenancec. perimeter security controld. insurance and liability issues
A

C: Guard dogs are excellent tools for perimeter security control.

69
Q
  1. Fire detectors respond to a fire through a sensor that detects one of all but which of the following?a. heatb. lightc. soundd. smoke
A

C: Fire detectors do not sense the sound of fire. Intrusion detection alarms or certain types of motion detectors use sound (such as glass breaking or the change in a steadily broadcast frequency) to detect movement.

70
Q
  1. What type of flame or fire detector is considered the most expensive but also the fastest in detecting fires?a. smoke actuatedb. fixed temperature heat actuatedc. rate of rise heat actuatedd. flame actuated
A

D: Flame actuated fire detectors are considered the most expensive but also the fastest in detecting fires.

71
Q
  1. What form of water-based fire suppression systems is considered the most inappropriate for data centers?a. delugeb. preactionc. dry piped. wet pipe
A

A: Deluge systems are a form of dry pipe system, but with a larger volume of water. Deluge systems are not recommended for data centers.

72
Q
  1. What physical security mechanism is the most recognized means of defining the outer perimeter of a secured or controlled area?a. lightingb. proximity detectorsc. locked doorsd. fencing
A

D: Fencing is the most recognized physical security mechanism used to define the outer perimeter of a secured or controlled area

73
Q
  1. Casual trespassers are usually deterred by what?a. a fence 3 to 4 feet highb. a lighted perimeterc. a wooden fence 6 feet highd. posted authorized entry only signs
A

A: Casual trespassers are usually deterred by a fence a minimum of 3 to 4 feet high. They are also deterred by stronger or higher means, such as a fence feet high. However, this question asked only for a deterrent against just casual trespassers, not stronger mechanisms of trespassing protection.

74
Q
  1. The most effective means to contain a subject while the authentication process is performed so that in the event of a failure a security guard response can result in the capture of the subject is what?a. a gateb. a mantrapc. a turnstiled. a proximity detector
A

B: A mantrap is the most effective means to contain a subject while the authentication process is performed so that in the event of a failure a security guard response can result in the capture of the subject. In a mantrap, a subject must enter a small room that has both doors locked. Only after a successful authentication is the inner door opened for entry. If the authentication fails, a security guard is notified and the subject is detained within the enclosure.

75
Q
  1. The most commonly used ecological replacement for Halon in gas discharge systems is?a. FM-200b. low pressure water mistsc. CO2d. Halon 1301
A

A: FM-200 is the most commonly used ecological replacement for Halon in gas discharge systems.

76
Q
  1. Which of the following is not an ecological replacement for Halon in gas discharge fire suppression systems?a. Argonb. Neonc. Inergend. NAF-S-III
A

B: Neon is not a fire suppression medium.

77
Q
  1. When a Halon or equivalent gas discharge fire suppression system is triggered to stop a fire, which of the following is responsible for causing the lease amount of damage to the computer equipment?a. smokeb. combustionc. suppression mediumd. heat
A

C: The suppression medium, Halon or its replacement equivalents, are designed to cause little or no damage to electrical equipment.

78
Q
  1. The benefits of a security guard include all but which of the following?a. able to respond to changing situationsb. able to detect unique intrusions and attacksc. can make value judgments in the midst of an incidentd. can be socially engineered
A

D: Being susceptible to social engineering or any form of intrusion or attack is a disadvantage of any security mechanism, include security guards.

79
Q
  1. Information on magnetic media can be destroyed by all but which of the following?a. degaussingb. OS based formattingc. overwriting the media seven timesd. purging
A

B: OS based formatting will not destroy the data on media in most cases.

80
Q
  1. The only way to absolutely prevent data remenance from being extracted from electronic media is to?a. purgeb. formatc. destroy by cremationd. overwrite at least seven times
A

C: The only way to absolutely prevent data remenance from being extracted from electronic media is to destroy it by cremation.

81
Q
  1. When a media is to be re-used in the same environment, which of the following is minimally sufficient to prevent unnecessary disclosure?a. purgingb. destroy by cremationc. overwrite at least seven timesd. clearing
A

D: Clearing is the process of overwriting a media so it can be re-used in the same environment. It is not as thorough as a purge, but sufficient as long as the security classification remains constant.

82
Q
  1. The most commonly deployed form of perimeter protection is?a. fencingb. guard dogsc. lightingd. CCTV
A

C: The most commonly deployed form of perimeter protection lighting.

83
Q
  1. Which of the following is correct?a. The NIST standard for perimeter protection provided by light is that critical areas should be illuminated by 8 candle feet power at 2 feet in height.b. The NIST standard for perimeter protection provided by fencing is that critical areas should be bounded by chain link fencing 3 to 4 feet tall without barbed wire.c. The NIST standard for perimeter protection provided by fencing is that critical areas should be bounded by chain link fencing 6 feet tall with 2 strands of barbed wire.d. The NIST standard for perimeter protection provided by light is that critical areas should be illuminated by 2 candle feet power at 8 feet in height.
A

D: This statement is correct. The NIST standard for perimeter protection provided by light is that critical areas should be illuminated by 2 candle feet power at 8 feet in height.

84
Q
  1. The use of closed circuit television (CCTV) for monitoring live events is considered what form or type of security control?a. preventativeb. detectivec. responsived. corrective
A

A: The use of closed circuit television (CCTV) for monitoring live events is considered a preventative form of security control.

85
Q
  1. What is a sag?a. momentary power lossb. Momentary low voltage c. Steady interfering disturbanced. A short burst of power
A

B: A sag is momentary low voltage.

86
Q
  1. An initial surge of power at the startup of a device or system is known as?a. Spikeb. Surgec. Inrushd. Noise
A

C: An inrush is an initial surge of power at the startup of a device or system.

87
Q
  1. The radiation generated by the electrical difference between the hot and neutral wires is known as?a. Attenuationb. Common-mode noisec. Crosstalkd. Traverse-mode noise
A

D: Traverse-mode noise is the radiation generated by the electrical difference between the hot and neutral wires.

88
Q
  1. Which of the following is not an effective protection measure against electrical noise?a. Increase voltageb. Line conditioningc. Proper groundingd. Cable shielding
A

A: Increasing voltage is not an effective means to reduce noise, often increased voltage creates more noise.

89
Q
  1. What is always the most important aspect of physical security?a. Protection of backupsb. Collection of evidencec. Safety of peopled. Business continuity
A

C: Safety of people is always the most important.

90
Q
  1. All but which of the following should be true of physical security mechanisms?a. Comply with laws and regulationsb. Should be appropriate to provide required securityc. Should protect human safetyd. Will be obvious and apparent
A

D: Physical security should employ both obvious and apparent as well as subtle and unseen mechanisms, but is not always necessary.

91
Q
  1. To ensure ongoing operation and to maintain security (especially availability), hardware components should be replaced how often?a. Before the mean time between failures has expiredb. Before the mean time between repairs has expiredc. Every six monthsd. Immediately after the first failure
A

A: To maintain security and operation, hardware should be replaced just before or at the end of the time period defined by the mean time between failures.

92
Q
  1. Static electricity generated by a human on non-static carpeting in a low humidity environment can exceed __________ volts.a. 40,000b. 20,000c. 10,000d. 1,000
A

B: Static electricity generated by a human on non-static carpeting in a low humidity environment can exceed 20,000 volts.

93
Q
  1. Which of the following is not an important aspect of candidate screening when hiring a new employee?a. Awareness trainingb. Checking referencesc. Verifying educational historyd. Drug testing
A

A: Awareness training is not an aspect of candidate screening, it is an aspect of post-hiring job training.

94
Q
  1. Which of the following is the least important aspect of employee termination in relation to security?a. Review of non-disclosure agreementsb. Exit interviewc. Return of personal belongingsd. Escorting the terminate employee off of the premises
A

C: Return of personal belongings should be performed, but is the least important aspect of employee termination from a security perspective.

95
Q
  1. The definition of a brownout according to the ANSI standards is the condition when there is an _________ drop between the power source and the meter or a __________ drop between the meter and the wall.a. 10%, 5%b. 8%, 3.5%c. 3.5%, 9%d. 3%, 12%
A

B: The definition of a brownout according to the ANSI standards is the condition when there is an 8% drop between the power source and the meter or a 3.5% drop between the meter and the wall.

96
Q
  1. The ideal operating humidity for electronic components is?a. 0 - 20%b. 20 - 40%c. 40 - 60%d. 60 - 80%
A

C: The ideal operating humidity for electronic components is 40 - 60 %.

97
Q
  1. Low humidity causes?a. Corrosionb. Power sagsc. Staticd. Condensation
A

C: Low humidity causes static.

98
Q
  1. At what voltage of a static discharge will permanent chip damage occur?a. 1,000 voltsb. 1,500 voltsc. 2,000 voltsd. 17,000 volts
A

D: 17,000 volts can cause permanent chip damage.

99
Q
  1. Why is halon no longer available for newly installed fire suppression systems?a. It degrades into toxic chemicals at high temperaturesb. It is not effective against electrical firesc. It is too expensived. It is only available in a liquid form
A

A: Halon has been removed from the market for new systems because it degrades into toxic chemicals at high temperatures.

100
Q
  1. What type of fence or boundary is minimally required to deter casual trespassers?a. 8 foot fence with 3 strands of barbed wireb. A 4 to 7 foot fencec. A 3 to 4 foot fenced. A no trespassing sign every 100 feet along a perimeter.
A

C: A to 3 to 4 foot fence is minimally required to deter casual trespassers.

101
Q
  1. What is the most common from of physical security control deployed on the perimeter of a facility?a. Lightingb. Fencingc. Guardsd. CCTV
A

A: Lighting is the most common form of perimeter security control.

102
Q
  1. What is the most important aspect of emergency response and reaction procedures?a. Periodic testingb. Integration with disaster recovery and business continuity planning c. Easily accessible documentation d. Protection of personnel safety
A

D: Protection of personnel safety is always the most important factor.

103
Q
  1. What is the order in which security controls should function in the protection of a physical asset?a. Deter, deny, detect, then delayb. Deny, detect, delay, then deterc. Detect, delay, deter, then denyd. Delay, deter, detect, then deny
A

A: Physical security controls should be deployed so that initial attempts to access physical assets is deterred (i.e, boundary restrictions). If deterrence fails, then direct access to the physical asset should be denied (i.e. locked vault doors). If denial fails, then the intrusion should be detected (i.e. motion detectors). Then the intrusion should be delayed sufficiently for response by authorities (i.e. a cable lock on the asset).

104
Q
  1. Which of the following results in the violation of all three principles of the CIA triad?a. Failure of a keyboard lock on a serverb. Failure of a cable lock on a laptopc. Failure of a power lock on a desktop systemd. Failure of a BIOS boot password
A

B: Theft of a laptop due to a cable lock failure causes a violation of all three principles of CIA.

105
Q
  1. What is the NIST standard for lighting when it is used for perimeter protection?a. 4 foot-candles of power at 12 ft highb. 2 foot-candles of power at 8 ft highc. 1 foot-candles of power at 8 ft highd. 1 foot-candles of power at 16 ft high
A

B: The NIST standard is 2 foot-candles of power at 8 ft high for perimeter security lighting.

106
Q
  1. What is the most secure location to store backup media?a. In the backup deviceb. In the server roomc. On-site in a fire-proof containerd. Off-site
A

D: Off-site is always the most secure location to store backup media. However, security controls at the offsite location must be maintained. The security of off-site storage is to prevent the backup media from being affected by the same disaster that destroys or damages the primary facility.

107
Q
  1. When an unauthorized person gains access into a facility by following an authorized person through a controlled access point, this is called?a. Spoofingb. Piggybackingc. Social engineeringd. Detection avoidance
A

B: Piggybacking occurs when an unauthorized person gains access into a facility by following an authorized person through a controlled access point.

108
Q
  1. A Class C fire extinguisher may employ which of the following suppression mediums?a. Halonb. Soda acidc. Waterd. Acetone
A

A: A Class C fire extinguisher may contain CO, halon, or a halon equivalent or replacement.

109
Q
  1. Which form of fire suppression system would be the best choice for a computer center?a. Wet pipeb. pipe filled with waterc. Preactiond. Deluge
A

C: Preaction is a combination of wet and dry pipe. The dry pipe would be used in the computer center. With these choices preaction would be the most correct.

110
Q
  1. Which of the following is not one of the three elements or aspects of a fire that can be removed to extinguish a flame?a. Fuelb. Heatc. Humidityd. Oxygen
A

C: Removing humidity will not extinguish a flame.

111
Q
  1. Which type of fire detection and suppression systems is most prone to false alarms?a. Fixed temperatureb. Flame actuatedc. Rate of rised. Smoke actuated
A

C: Rate of rise systems are most prone to false alarms (i.e. sprinkler triggering).

112
Q
  1. Which of the following does not require secure destruction to prevent re-use when it is no longer required or needed within a secured environment?a. CD-ROMsb. Printoutsc. Video cardsd. Hard drives
A

C: Video cards do not need to be destroyed.

113
Q
  1. Which of the following is a benefit of dogs?a. Costb. More reliable than guardsc. Maintenance requirementsd. Liability issues
A

B: Dogs are often more reliable than guards, this is a benefit.

114
Q
  1. A room that is both secure and safe should have what?a. A single access doorb. No more than two doorsc. No windowsd. Removable floor and ceiling panels
A

B: A secure and safe room has no more than two doors. This allows to avenues of safe escape in the event of an emergency while limiting the number of access points that must be monitored.

115
Q
  1. When closed circuit television is used to record live events, this is what type of physical security control? a. Preventativeb. Deterrentc. Detectived. Corrective
A

C: CCTV recording is a detective security control.

116
Q
  1. A double set of doors used to protect an entry into a highly secured area which is often monitored by a guard is known as?a. One way doorb. Turn stilec. TEMPEST caged. Man-trap
A

D: A man-trap is a double-door system used to control entry into a secured area often monitored by a guard.

117
Q
  1. If an intrusion detection and alarm system is to employ a local audible alarm, from what distance must the alarm be heard?a. 400 ftb. 100 metersc. 1 miled. 200 yards
A

A: An audible alarm must be heard from at least 400 ft.

118
Q
  1. An electrical fire can be safely and properly extinguished using what class of fire extinguisher?a. Class Ab. Class Bc. Class Cd. Class A or C
A

C: Only class C extinguishers are rated for electrical fires.

119
Q
  1. Which of the following is not a benefit of using guards for perimeter security?a. Reliabilityb. Ability to learnc. Can respond to changing conditionsd. Can recognize new patterns of intrusion
A

A: Guards are overall unreliable due to the fact that they are human, pre-screening may have failed, they could be improperly trained, they take vacations, become ill, may perform substance abuse, and are vulnerable to social engineering.

120
Q
  1. What fire detection system acts as a early warning mechanism?a. Sprinkler headsb. Thermal detectorsc. Class C fire extinguishersd. Ionization detector
A

D: An ionization detector can serve as an early warning system for fire detection.

121
Q
  1. Which of the following is not a replacement for halon?a. FM-200b. CEA-410c. Halon 1301d. Argon
A

C: Halon 1301 is just a gaseous form of halon, it is not a halon replacement.

122
Q
  1. When an FM- fire suppression system is discharged to manage a fire in a computer center, which of the following elements would be least responsible for causing physical damage to the equipment?a. Heatb. Smokec. Combustiond. Suppression medium
A

D: The suppression medium of FM- will be the cause of the least amount of damage to equipment since it does not leave a residue on equipment.

123
Q
  1. Which of the following is not an element in an automatic intrusion detection and alarm system designed to monitor for facility breaches?a. Photoelectric sensorsb. Dry contact switchesc. Motion detectorsd. CCTV
A

D: CCTV requires a human and therefore is not used as part of an automated intrusion detection and alarm system.

CISSP (10 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions