What is the highest amount a company should spend annually on countermeasures for protecting an asset valued at $1,000,000 from a threat that has an annualized rate of occurrence (ARO) of once every five years and an exposure factor (EF) of 30%?
Correct Answer: C
Section: Risk, Response and Recovery Explanation/Reference: The cost of a countermeasure should not be greater in cost than the risk it mitigates (ALE). For a quantitative risk assessment, the equation is ALE = ARO x SLE where the SLE is calculated as the product of asset value x exposure factor. An event that happen once every five years would have an ARO of .2 (1 divided by 5). SLE = Asset Value (AV) x Exposure Fact (EF) SLE = 1,000,000 x .30 = 300,000 ALE = SLE x Annualized Rate of Occurance (ARO) ALE = 300,000 x .2 = 60,000 Know your acronyms: ALE -- Annual loss expectancy ARO -- Annual rate of occurrence SLE -- Single loss expectancy The following are incorrect answers: $300,000 is incorrect. See the explanation of the correct answer for the correct calculation. $150,000 is incorrect. See the explanation of the correct answer for the correct calculation. $1,500 is incorrect. See the explanation of the correct answer for the correct calculation. Reference(s) used for this question: Mc Graw Hill, Shon Harris, CISSP All In One (AIO) book, Sixth Edition , Pages 87-88 and Official ISC2 Guide to the CISSP Exam, (OIG), Pages 60-61
Question 727
Which of the following virus types changes some of its characteristics as it spreads?
Correct Answer: D
A Polymorphic virus produces varied but operational copies of itself in hopes of evading anti-virus software. The following answers are incorrect: boot sector. Is incorrect because it is not the best answer. A boot sector virus attacks the boot sector of a drive. It describes the type of attack of the virus and not the characteristics of its composition. parasitic. Is incorrect because it is not the best answer. A parasitic virus attaches itself to other files but does not change its characteristics. stealth. Is incorrect because it is not the best answer. A stealth virus attempts to hide changes of the affected files but not itself.
Question 728
Which of the following are required for Life-Cycle Assurance?
Correct Answer: C
Explanation/Reference: Security testing and trusted distribution are required for Life-Cycle Assurance. The following answers are incorrect: System Architecture and Design specification. Is incorrect because System Architecture is not requried for Life-Cycle Assurance. Security Testing and Covert Channel Analysis. Is incorrect because Covert Channel Analysis is not requried for Life-Cycle Assurance. Configuration Management and Trusted Facility Management. Is incorrect because Trusted Facility Management. is not requried for Life-Cycle Assurance.
Question 729
Which of the following is NOT a task normally performed by a Computer Incident Response Team (CIRT)?
Correct Answer: A
Explanation/Reference: Writing a corporate security policy is normally a task of upper management in an organization. Other tasks would usually be performed by a Computer Incident Response Team. Source: KRUTZ, Ronald L. & VINES, Russel D., The CISSP Prep Guide: Mastering the Ten Domains of Computer Security, John Wiley & Sons, 2001, Chapter 3: Telecommunications and Network Security (page 64).
Question 730
At which layer of ISO/OSI does the fiber optics work?
Correct Answer: D
Physical layer The Physical layer is responsible for the transmission of the data through the physical medium. This includes such things as cables. Fiber optics is a cabling mechanism which works at Physical layer of OSI model All of the other answers are incorrect. The following reference(s) were/was used to create this question: Shon Harris all in one - Chapter 7 (Cabling)
