CISSP Study Questions - Master
QUESTION: 10 A control to protect from a Denial-of-Service (DoS) attach has been determined to stop 50% of attacks, and additionally reduces the impact of an attack by 50%. What is the residual risk? A. 25% B. 50% C. 75% D. 100%
A
QUESTION: 100 Which of the following must be part of a contract to support electronic discovery of data stored in a cloud environment? A. identification of data location B. integration with organizational directory services for authentication C. accommodation of hybrid deployment models D. tokenization of data
A
QUESTION: 101 Which of the following is part of a Trusted Platform Module (TPM)? A. A non-volatile tamper-resistant storage for storing both data and signing keys in a secure fashion B. A protected Pre-Basic Input/Output System (BIOS) which specifies a method or a metric for "measuring" the state of a computing platform C. A secure processor targeted at managing digital keys and accelerating digital signing D. A platform-independent software interface for accessing computer functions
A
QUESTION: 11 In The Open System Interconnection (OSI) model, which layer is responsible for the transmission of binary data over a communications network? A. Physical Layer B. Application Layer C. Data-Link Layer D. Network Layer
A
QUESTION: 13 Which of the following entails identification of data and links to business processes, applications, and data stores as well as assignment of ownership responsibilities? A. Security governance B. Risk management C. Security portfolio management D. Risk assessment
A
QUESTION: 20 What is the primary purpose for an organization to conduct a security audit? A. To ensure the organization is adhering to a well-defined standard B. To ensure the organization is applying security controls to mitigate identified risks C. To ensure the organization is configuring information systems efficiently D. To ensure the organization is documenting findings
A
QUESTION: 24 Which of the following is the most critical success factor in the security patch management process? A. Tracking and reporting on inventory B. Supporting documentation C. Management review of reports D. Risk and impact analysis
A
QUESTION: 33 When implementing a data classification program, why is it important to avoid too much granularity? A. The process will require too many resources B. It will be difficult to apply to both hardware and software C. It will be difficult to assign ownership to the data D. The process will be perceived as having value
A
QUESTION: 40 An organization recently conducted a review of the security of its network applications. One of the vulnerabilities found was that the session key used in encrypting sensitive information to a third party server had been hard-coded in the client and server applications. Which of the following would be most effective in mitigating this vulnerability? A. Diffle-Hellman (DH) algorithm B. Elliptic Curve Cryptography (ECC) algorithm C. Digital Signature algorithm (DSA) D. Rivest-Shamir-Adleman (RSA) algorithm
A
QUESTION: 41 Which of the following methods of suppressing a fire is environmentally friendly and the most appropriate for a data center? A. Inert gas fire suppression system B. Halon gas fire suppression system C. Dry-pipe sprinklers D. Wet-pipe sprinklers
A
QUESTION: 42 Unused space in a disk cluster is important in media analysis because it may contain which of the following? A. Residual data that has not been overwritten B. Hidden viruses and Trojan horses C. Information about the File Allocation table (FAT) D. Information about patches and upgrades to the system
A
QUESTION: 43 A company seizes a mobile device suspected of being used in committing fraud. What would be the best method used by a forensic examiner to isolate the powered-on device from the network and preserve the evidence? A. Put the device in airplane mode B. Suspend the account with the telecommunication provider C. Remove the SIM card D. Turn the device off
A
QUESTION: 46 What is the most significant benefit of an application upgrade that replaces randomly generated session keys with certificate based encryption for communications with backend servers? A. Non-repudiation B. Efficiency C. Confidentially D. Privacy
A
QUESTION: 47 A user has infected a computer with malware by connecting a Universal Serial Bus (USB) storage device. Which of the following is most effective to mitigate future infections? A. Develop a written organizational policy prohibiting unauthorized USB devices B. Train users on the dangers of transferring data in USB devices C. Implement centralized technical control of USB port connections D. Encrypt removable USB devices containing data at rest
A
QUESTION: 5 A company whose Information Technology (IT) services are being delivered from a Tier 4 data center, is preparing a companywide Business Continuity Planning (BCP). Which of the following failures should the IT manager be concerned with? A. Application B. Storage C. Power D. Network
A
QUESTION: 53 Data remanence is the biggest threat in which of the following scenarios? A. A physical disk drive has been overwritten and reused within a datacenter B. A physical disk drive has been degaussed, verified, and released to a third party for destruction C. A flash drive has been overwritten, verified, and reused within a datacenter D. A flash drive has been overwritten and released to a third party for destruction
A
QUESTION: 56 Which of the following is the most effective countermeasure against data remanence? A. Destruction B. Clearing C. Purging D. Encryption
A
QUESTION: 6 When assessing an organization's security policy according to standards established by the International Organization for Standardization (ISO) 27001 and 27002, when can management responsibilities be defined? A. Only when assets are clearly defined B. Only when standards are defined C. Only when controls are put in place D. Only procedures are defined
A
QUESTION: 61 What is a common mistake in records retention? A. Adopting a retention policy with the longest requirement period B. Having the Human Resource (HR) department create a retention policy C. Adopting a retention policy based on applicable organization requirements D. Having the organization legal department create a retention policy
A
QUESTION: 63 What should an auditor do when conducting a periodic audit on media retention? A. Check electronic storage media to ensure records are not retained past their destruction date B. Ensure authorized personnel are in possession of paper copies containing Personally Identifiable Information (PII) C. Check that hard disks containing backup data that are still within a retention cycle are being destroyed correctly D. Ensure that data shared with outside organizations is no longer on a retention schedule
A
QUESTION: 72 Which of the following objects should be removed first prior to uploading code to public code repositories? A. Security credentials B. Inefficient algorithms C. Coding mistakes D. Known vulnerabilities
A
QUESTION: 76 Digital non-repudiation requires which of the following? A. A trusted third-party B. Appropriate corporate policies C. Symmetric encryption D. Multifunction access cards
A
QUESTION: 78 Which of the following mobile code security models relies only on trust? A. Code signing B. Class authentication C. Sandboxing D. Type safety
A
QUESTION: 79 Which technique can be used to make an encryption scheme more resistant to a known plaintext attack? A. Hashing the data before encryption B. Hashing the data after encryption C. Compressing the data after encryption D. Compressing the data before encryption
A
QUESTION: 82 Who in the organization is accountable for classification of data information assets? A. Data owner B. Data architect C. Chief Information Security Officer (CISO) D. Chief Information Officer (CIO)
A
QUESTION: 83 The use of private and public encryption keys is fundamental in the implementation of which of the following? A. Diffie-Hellman algorithm B. Secure Sockets Layer (SSL) C. Advanced Encryption Standard (AES) D. Message Digest 5 (MD5)
A
QUESTION: 87 A minimal implementation of endpoint security includes which of the following? A. Trusted platforms B. Host-based firewalls C. Token-based authentication D. Wireless Access Points (AP)
A
QUESTION: 9 Intellectual property rights are primary concerned with which of the following? A. Owner's ability to realize financial gain B. Owner's ability to maintain copyright C. Right of the owner to enjoy their creation D. Right of the owner to control delivery method
A
QUESTION: 91 Mandatory Access Controls (MAC) are based on: A. security classification and security clearance B. data segmentation and data classification C. data labels and user access permissions D. user roles and data encryption
A
QUESTION: 94 Which of the following methods protects Personally Identifiable Information (PII) by use of a full replacement of the data element? A. Data tokenization B. Volume encryption C. Transparent Data Encryption (TDE) D. Column level database encryption
A
QUESTION: 96 Which of the following management process allows only those services required for users to accomplish their tasks, change default user passwords, and set servers to retrieve antivirus updates? A. Configuration B. Identity C. Compliance D. Patch
A
QUESTION: 97 Which security access policy contains fixed security attributes that are used by the system to determine a user's access to a file or object? A. Mandatory Access Control (MAC) B. Access Control List (ACL) C. Discretionary Access Control (DAC) D. Authorized user control
A
QUESTION: 98 Which of the following is a common characteristic of privacy? A. Provision for maintaining an audit trail of access to the private data B. Notice to the subject of the existence of a database containing relevant credit card data C. Process for the subject to inspect and correct personal data on-site D. Database requirements for integration of privacy data
A
QUESTION: 99 At a minimum, audits of permissions to individual or group accounts should be scheduled A. annually B. to correspond with staff promotions C. to correspond with terminations D. continually
A
QUESTION: 32 An organization has doubled in size due to a rapid market share increase. The size of the Information Technology (IT) staff has maintained pace with this growth. The organization hires several contractors whose onsite time is limited. The IT department has pushed its limits building servers and rolling out workstations and has a backlog of account management requests. Which contract is best in offloading the task from the IT staff? A. Platform as a Service (PaaS) B. Identity as a Service (IDaaS) C. Desktop as a Service (DaaS) D. Software as a Service (SaaS)
B
QUESTION: 34 In a data classification scheme, the data is owned by the A. system security managers B. business managers C. Information Technology (IT) managers D. end users
B
QUESTION: 35 Which of the following is an initial consideration when developing an information security management system? A. Identify the contractual security obligations that apply to the organizations B. Understand the value of the information assets C. Identify the level of residual risk that is tolerable to management D. Identify relevant legislative and regulatory compliance requirements
B
QUESTION: 37 Which factors must be considered when classifying information and supporting assets for risk management, legal discovery, and compliance? A. System owner roles and responsibilities, data handling standards, storage and secure development lifecycle requirements B. Data stewardship roles, data handling and storage standards, data lifecycle requirements C. Compliance office roles and responsibilities, classified material handling standards, storage system lifecycle requirements D. System authorization roles and responsibilities, cloud computing standards, lifecycle requirements
B
QUESTION: 39 Which of the following is the most appropriate action when reusing media that contains sensitive data? A. Erase B. Sanitize C. Encrypt D. Degauss
B
QUESTION: 44 Which of the following is most appropriate for protecting confidentially of data stored on a hard drive? A. Triple Data Encryption Standard (3DES) B. Advanced Encryption Standard (AES) C. Message Digest 5 (MD5) D. Secure Hash Algorithm 2(SHA-2)
B
QUESTION: 45 Which of the following is the most effective method to mitigate Cross-Site Scripting (XSS) attacks? A. Use Software as a Service (SaaS) B. Whitelist input validation C. Require client certificates D. Validate data output
B
QUESTION: 48 An organization has a short-term agreement with a public Cloud Service Provider (CSP). Which of the following best protects sensitive data once the agreement expires and the assets are reused? A. Recommend that the business data owners use continuous monitoring and analysis of applications to prevent data loss B. Recommend that the business data owners use internal encryption keys for data-at-rest and data-in-transit to the storage environment C. Use a contractual agreement to ensure the CSP wipes and data from the storage environment D. Use a National Institute of Standards and Technology (NIST) recommendation for wiping data on the storage environment
B
QUESTION: 54 Which of the following is used to ensure that data mining activities will NOT reveal sensitive data? A. Implement two-factor authentication on the underlying infrastructure B. Encrypt data at the field level and tightly control encryption keys C. Preprocess the databases to see if information can be disclosed from the learned patterns D. Implement the principle of least privilege on data elements so a reduced number of users can access the database
B
QUESTION: 55 How long should the records on a project be retained? A. For the duration of the project, or at the discretion of the record owner B. Until they are no longer useful or required by policy C. Until five years after the project ends, then move to archives D. For the duration of the organization fiscal year
B
QUESTION: 57 The application owner of a system that handles confidential data leaves an organization. It is anticipated that a replacement will be hired in approximately six months. During that time, which of the following should the organization do? A. Grant temporary access to the former application owner's account B. Assign a temporary application owner to the system C. Restrict access to the system until a replacement application owner is hired D. Prevent changes to the confidential data until a replacement application owner is hired
B
QUESTION: 64 How should the retention period for an organization's social media content be defined? A. By the retention policies of each social media service B. By the records retention policy of the organization C. By the Chief Information Officer (CIO) D. By the amount of available storage space
B
QUESTION: 68 Which of the following is the best defense against password guessing? A. Limit external connections to the network B. Disable the account after a limited number of unsuccessful attempts C. Force the password to be changed after an invalid password has been entered D. Require a combination of letters, numbers, and special characters in the password
B
QUESTION: 69 Which of the following is the most secure password technique? A. Passphrase B. One-time password C. Cognitive password D. Cipthertext
B
QUESTION: 71 An organization has implemented a new backup process which protects confidential data by encrypting the information stored on backup tapes. Which of the following is a major data confidentiality concern after the implementation of this new backup process? A. Tape backup rotation B. Pre-existing backup tapes C. Tape backup compression D. Backup tape storage location
B
QUESTION: 75 Which inherent password weakness does a One Time Password (OTP) generator overcome? A. Static passwords are too predictable B. Static passwords must be changed frequently C. Static passwords are difficult to generate D. Static passwords are easily disclosed
B
QUESTION: 77 Which security service is served by the process of encryption plaintext with the sender's private key and decrypting cipher text with the sender's public key? A. Confidentiality B. Integrity C. Identification D. Availability
B
QUESTION: 81 Which component of the Security Content Automation Protocol (SCAP) specification contains the data required to estimate the severity of vulnerabilities identified automated vulnerability assessments? A. Common Vulnerabilities and Exposures (CVE) B. Common Vulnerability Scoring System (CVSS) C. Asset Reporting Format (ARF) D. Open Vulnerability and Assessment Language (OVAL)
B
QUESTION: 90 Why is planning in Disaster Recovery (DR) an interactive process? A. It details off-site storage plans B. It identifies omissions in the plan C. It defines the objectives of the plan D. It forms part of the awareness process
B
QUESTION: 93 What is the foundation of cryptographic functions? A. Encryption B. Cipher C. Hash D. Entropy
B
QUESTION: 50 The personal laptop of an organization executive is stolen from the office, complete with personnel and project records. Which of the following should be done first to mitigate future occurrences? A. Encrypt disks on personal laptops B. Issue cable locks for use on personal laptops C. Create policies addressing critical information on personal laptops D. Monitor personal laptops for critical information
C
QUESTION: 51 Which one of the following can be used to detect an anomaly in a system by keeping track of the state of files that do not normally change? A. System logs B. Anti-spyware C. Integrity checker D. Firewall logs
C
QUESTION: 58 Assume that a computer was powered off when an information security professional arrived at a crime scene. Which of the following actions should be performed after the crime scene is isolated? A. Turn the computer on and collect volatile data B. Turn the computer on and collect network information C. Leave the computer off and prepare the computer for transportation to the laboratory D. Remove the hard drive, prepare it for transportation, and leave the hardware at the scene
C
QUESTION: 59 Which of the following is a major concern when there is a need to preserve or retain information for future retrieval? A. Laws and regulations may change in the interim, making it unnecessary to retain the information B. The expense of retaining the information could become untenable for the organization C. The organization may lose track of the information and not dispose of it securely D. The technology needed to retrieve the information may not be available in the future
C
QUESTION: 62 Of the following, which best provides non-repudiation with regards to access to a server room? A. Fob and Personal Identification Number (PIN) B. Locked and secured cages C. Biometric readers D. Proximity readers
C
QUESTION: 65 What is the first step required in establishing a records retention program? A. Classify records based on sensitivity B. Identify and inventory all records storage locations C. Identify and inventory all records D. Draft a records retention policy
C
QUESTION: 67 Which of the following will help prevent improper session handling? A. Ensure JavaScript and plugin support is disabled B. Ensure that certificates are valid and fail closed C. Ensure that tokens are sufficiently long, complex, and pseudo-random D. Ensure that all UIWebView calls do not execute without proper input validation
C
QUESTION: 7 Which of the following types of technologies would be the most cost-effective method to provide a reactive control for protecting personnel in public areas? A. Install mantraps at the building entrances B. Enclose the personnel entry area with polycarbonate plastic C. Supply a duress alarm for personnel exposed to the public D. Hire a guard to protect the public area
C
QUESTION: 70 To prevent inadvertent disclosure of restricted information, which of the following would be the least effective process for eliminating data prior to the media being discarded? A. Multiple-pass overwriting B. Degaussing C. High-level formatting D. Physical destruction
C
QUESTION: 8 An important principle of defense in depth is that achieving information security requires a balanced focus on which primary elements? A. Development, testing, and deployment B. Prevention, detection, and remediation C. People, technology, and operations D. Certification, accreditation, and monitoring
C
QUESTION: 84 Which of the following must be in place to recognize a system attack? A. Stateful firewall B. Distributed antivirus C. Log analysis D. Passive honeypot
C
QUESTION: 89 Which security modes is most commonly used in a commercial environment because it protects the integrity of financial and accounting data? A. Biba B. Graham-Denning C. Clark-Wilson D. Beil-LaPadula
C
QUESTION: 85 Which of the following is the greatest benefit of implementing a Role Based Access Control (RBAC) system? A. Integration using Lightweight Directory Access Protocol (LDAP) B. Form-based user registration process C. Integration with the organizations Human Resources (HR) system D. A considerably simpler provisioning process
D
QUESTION: 86 Which Identity and Access Management (IAM) process can be used to maintain the principle of least privilege? A. identity provisioning B. access recovery C. multi-factor authentication (MFA) D. user access review
D
QUESTION: 88 What is the expected outcome of security awareness in support of a security awareness program? A. Awareness activities should be used to focus on security concerns and respond to those concerns accordingly B. Awareness is not an activity or part of the training but rather a state of persistence to support the program C. Awareness is training. The purpose of awareness presentations is to broaden attention of security. D. Awareness is not training. The purpose of awareness presentation is simply to focus attention on security.
D
QUESTION: 92 In Disaster Recovery (DR) and Business Continuity (DC) training, which best describes a functional drill? A. a functional evacuation of personnel B. a specific test by response teams of individual emergency response functions C. an activation of the backup site D. a full-scale simulation of an emergency and the subsequent response functions.
D
QUESTION: 95 The organization would like to deploy an authorization mechanism for an Information Technology (IT) infrastructure project with high employee turnover. Which access control mechanism would be preferred? A. Attribute Based Access Control (ABAC) B. Discretionary Access Control (DAC) C. Mandatory Access Control (MAC) D. Role-Based Access Control (RBAC)
D
QUESTION: 73 Which media sanitization methods should be used for data with a high security categorization? A. Clear or destroy B. Clear or purge C. Destroy or delete D. Purge or destroy
D
QUESTION: 14 Which of the following mandates the amount and complexity of security controls applied to a security risk? A. Security vulnerabilities B. Risk tolerance C. Risk mitigation D. Security staff
B
QUESTION: 18 Which of the following would minimize the ability of an attacker to exploit a buffer overflow? A. Memory review B. Code review C. Message division D. Buffer division
B
QUESTION: 2 Which of the following actions will reduce risk to a laptop before traveling to a high risk area? A. Examine the device for physical tampering B. Implement more stringent baseline configurations C. Purge or re-image the hard disk drive D. Change access codes
B
QUESTION: 28 A security professional is assessing the risk in an application and does not take into account any mitigating or compensating controls. This type of risk rating is an example of which of the following? A. Transferred risk B. Inherent risk C. Residual risk D. Avoided risk
B
QUESTION: 74 How is it possible to extract private keys securely stored on a cryptographic smartcard? A. Bluebugging B. Focused ion-beam C. Bluejacking D. Power analysis
D
QUESTION: 29 Which of the following is most important when assigning ownership of an asset to a department? A. The department should report to the business owner B. Ownership of the asset should be periodically reviewed C. Individual accountability should be ensured D. All members should be trained on their responsibilities
B
QUESTION: 21 How does security in a distributed file system using mutual authentication differ from file security in a multi-user host? A. Access control can rely on the Operating System (OS), but eavesdropping is not a risk B. Access control cannot rely on the Operating System (OS), and eavesdropping is a risk C. Access control can rely on the Operating System (OS), and eavesdropping is a risk D. Access control cannot rely on the Operating System (OS), and eavesdropping is not a risk
C
QUESTION: 22 When defining a set of security controls to mitigate a risk, which of the following actions must occur? A. Each control's effectiveness must be evaluated individually B. Each control must completely mitigate the risk C. The control set must adequately mitigate the risk D. The control set must evenly divide the risk
C
QUESTION: 27 What is the main objective of risk analysis in Disaster Recovery (DR) planning? A. Establish Maximum Tolerable Downtime (MTD) Information Systems (IS) B. Define the variable cost for extended downtime scenarios C. Identify potential threats to business availability D. Establish personnel requirements for various downtime scenarios
C
QUESTION: 31 Which of the following best describes the responsibilities of a data owner? A. Ensuring quality and validation through periodic audits for ongoing data integrity B. Maintaining fundamental data availability, including data storage and archiving C. Ensuring accessibility to appropriate users, maintaining appropriate levels of data security D. Determining the impact the information has on the mission of the organization
C
QUESTION: 80 What is the second phase of Public Key Infrastructure (PKI) key/certificate life-cycle management? A. Implementation Phase B. Initialization Phase C. Cancellation Phase D. Issued Phase
D
QUESTION: 4 What is the most important consideration from a data security perspective when an organization plans to relocate? A. Ensure the fire prevention and detection systems are sufficient to protect personnel B. Review the architectural plans to determine how many emergency exits are present C. Conduct a gap analysis of a new facilities against existing security requirements D. Revise the Disaster Recovery and Business Continuity (DR/BC) plan
C
QUESTION: 17 Which of the following is a direct monetary cost of a security incident? A. Morale B. Reputation C. Equipment D. Information
C
QUESTION: 19 Which of the following mechanisms will best prevent a Cross-Site Request Forgery (CSRF) attack? A. parameterized database queries B. whitelist input values C. synchronized session tokens D. use strong ciphers
C
QUESTION: 36 Which of the following is an effective control in preventing electronic cloning of Radio Frequency Identification (RFID) based access cards? A. Personal Identity Verification (PIV) B. Cardholder Unique Identifier (CHUID) authentication C. Physical Access Control System (PACS) repeated attempt detection D. Asymmetric Card Authentication Key (CAK) challenge-response
D
QUESTION: 38 When network management is outsourced to third parties, which of the following is the most effective method of protecting critical data assets? A. Log all activities associated with sensitive systems B. Provide links to security policies C. Confirm that confidentially agreements are signed D. Employ strong access controls
D
QUESTION: 49 The main task of promoting security for Personal Computers (PC) is: A. understanding the technical controls and ensuring they are correctly installed B. understanding the required systems and patching processes for different Operating Systems (OS) C. making sure that users are using only valid, authorized software, so that the chance of virus infection is reduced D. making users understand the risks to the machines and data, so they will take appropriate steps to protect them
D
QUESTION: 52 Which attack defines a piece of code that is inserted into software to trigger a malicious function? A. Phishing B. Salami C. Back door D. Logic bomb
D
QUESTION: 60 Which of the following is the best way to protect against Structured Query Language (SQL) injection? A. Enforce boundary checking B. Restrict use of SELECT command C. Restrict HyperText Markup Language (HTML) source code access D. Use stored procedures
D
QUESTION: 66 An organization is considering outsourcing applications and data to a Cloud Service Provider (CSP). Which of the following is the most important concern regarding privacy? A. The CSP determines data criticality B. The CSP provides end-to-end encryption services C. The CSP's privacy policy may be developed by the organization D. The CSP may not be subject to the organization's country legislation
D
QUESTION: 12 What is the term commonly used to refer to a technique of authentication one machine to another by forging packets from a trusted source? A. Smurfing B. Man-in-the-Middle (MITM) attack C. Session redirect D. Spoofing
D
QUESTION: 15 When determining who can accept the risk associated with a vulnerability, which of the following is most important? A. Countermeasure effectiveness B. Type of potential loss C. Incident likelihood D. Information ownership
D
QUESTION: 16 A security professional determines that a number of outsourcing contracts inherited from a previous merger do not adhere to the current security requirements. Which of the following best minimizes the risk of this happening again? A. Define additional security controls directly after the merger B. Include a procurement officer in the merger team C. Verify all contracts before a merger occurs D. Assign a compliancy officer to review the merger conditions
D
QUESTION: 23 Which of the following provides the best method to verify that security baseline configurations are maintained? A. Perform regular system security testing B. Design security early in the development cycle C. Analyze logs to determine user activities D. Perform quarterly risk assessments
D
QUESTION: 25 Which of the following is most important when determining appropriate countermeasures for an identified risk? A. Interaction with existing controls B. Organizational risk tolerance C. Patch availability D. Cost
D
QUESTION: 26 What is the main reason to ensure the appropriate retention periods are enforced for data stored on electronic media? A. To reduce the carbon footprint by eliminating paper B. To create an inventory of data assets stored on disk for backup recovery C. To declassify information that has been improperly classified D. To reduce the risk of loss, unauthorized access, use, modification, and disclosure
D
QUESTION: 3 Which of the following represents the greatest risk to data confidentiality? A. Network redundancies are not implemented B. Security awareness training is not completed C. Backup tapes are generated unencrypted D. Users have administrative privileges
D
QUESTION: 30 Which one of the following affects the classification of data? A. Assigned security label B. Multilevel Security (MLS) architecture C. Minimum query size D. Passage of time
D