Chapter 14 Quiz
How many domains of knowledge are covered by the Certified Information Systems Security Professional (CISSP) exam? 7 8 9 10
8
Jiang is pursuing a career in information security. He wants to eventually achieve the (ISC)2 Certified Information Systems Security Professional (CISSP) certification but does not have the required experience. If he passes the CISSP exam now, which credential will Jiang get? CISSP-ISSAP Systems Security Certified Practitioner (SSCP) Certified Cloud Security Professional (CCSP) Associate of (ISC)2
Associate of (ISC)2
Hajar has been an (ISC)2 Certified Information Systems Security Professional (CISSP) for 10 years. She would like to earn an advanced certification that demonstrates her ability in systems security engineering. Which of the following CISSP concentrations would meet Hajar's needs? CISSP-ISASP CISSP-ISSEP CISSP-ISSMP CISSP-ISSAP
CISSP-ISSEP
Richard would like to earn a certification that demonstrates his ability to manage enterprise security programs. What certification would be most appropriate for Richard? Certified Information Security Manager (CISM) Certified Information Systems Auditor (CISA) Certified in the Governance of Enterprise IT (CGEIT) Certified in Risk and Information Systems Control (CRISC)
Certified Information Security Manager (CISM)
Jim is an experienced security professional who recently accepted a position in an organization that uses Check Point firewalls. What certification can Jim earn to demonstrate his ability to administer these devices? Certified Information Systems Security Professional (CISSP) Cisco Certified Internetwork Expert (CCIE) Security+ Check Point Certified Security Administrator (CCSA)
Check Point Certified Security Administrator (CCSA)
Oscar is a network engineer. He is responsible for the networks and security protections, such as firewalls, in his local government agency. He is beginning a professional development journey and trying to determine an entry-level or associate-level security certification that is a good match with his current knowledge and skills. Which certification should he pursue? Cisco Certified Network Associate (CCNA) Juniper Networks Certified Internet Professional (JNCIP)-Enterprise Administration of Symantec Security Analytics Check Point Certified Security Administrator (CCSA)
Cisco Certified Network Associate (CCNA)
Juan is an experienced information security professional. He has spent a lot of time evaluating computers for evidence of criminal or malicious activity as well as recovering data. Which Global Information Assurance Certification (GIAC) credential focus area is most likely to have certifications that are a good fit for Juan's skills and knowledge? Management, Legal, and Audit Industrial Control Systems Digital Forensics & Incident Response Cloud Security
Digital Forensics & Incident Response
Which of the following is not true of U.S. Department of Defense/military Directive (DoDD) 8140? DoDD 8140 includes training and certification in cybersecurity to prepare Department of Defense (DoD) personnel to meet the demands of cyberwarfare. DoDD 8140 is more role based than the 8570.01 directive. DoDD 8140 is an operationally focused cybersecurity training framework. DoDD 8140 certifications are unique and will not include commercial certifications.
DoDD 8140 certifications are unique and will not include commercial certifications.
True or False? CompTIA Security+ is an expert-level security certification.
False
True or False? Symantec offers vendor-neutral certifications as well as certifications for its product lines. Question 4 options:
False
True or False? The (ISC)2 Certified Secure Software Lifecycle Professional (CSSLP) credential measures the knowledge and skills necessary for professionals involved in the process of authorizing and maintaining information systems.
False
True or False? The ISACA Certified in Risk and Information Systems Control (CRISC) certification targets security professionals who ensure that their organization satisfies IT governance requirements.
False
Fran is interested in learning more about the popular Certified Ethical Hacker (CEH) credential. What organization should she contact? High Tech Crime Network International Council of E-Commerce Consultants (EC-Council) Software Engineering Institute—Carnegie Mellon University The International Society of Forensic Computer Examiners
International Council of E-Commerce Consultants (EC-Council)
Ben is working toward a position as a senior security administrator. He would like to earn his first International Information Systems Security Certification Consortium (ISC)2 certification. Which certification is most appropriate for his needs? Systems Security Certified Practitioner (SSCP) Certified Information Systems Security Professional (CISSP) Certified Secure Software Lifecycle Professional (CSSLP) Certified Cloud Security Professional (CCSP)
Systems Security Certified Practitioner (SSCP)
True or False? A certification is an official statement that validates that a person has satisfied specific job requirements.
True
True or False? Certified Internet Web Professional (CIW) offers several credentials that focus on both general and web-related security.
True
True or False? Juniper Networks offers vendor-specific certifications for its networking product line.
True
True or False? One requirement of the GIAC Security Expert (GSE) credential is that candidates must hold three GIAC credentials, with two of the credentials being Gold.
True
True or False? RSA provides security, risk, and compliance solutions for enterprise environments.
True
True or False? The (ISC)2 Certified Cloud Security Professional (CCSP) certification was created by both (ISC)2 and the Cloud Security Alliance (CSA).
True
