Home > CISSP > Quizzes > CISSP Domain 7: Security Operations
CISSP Domain 7: Security Operations
Fast practice, instant feedback. Timer auto-submits when time’s up.
Avg score: 40% Most missed: “Guro is a CISO considering security devices that automatically monitor activitie…”

Domain 7: Security Operations Practice Questions 
Questions relating to the following topics are included in this domain: 
Understanding and complying with investigations
Proper logging and monitoring activities
Performing configuration management 
Applying fundamental security concepts
Conducting resource protection and incident management 

CISSP Domain 7: Security Operations
Time left 00:00
25 Questions

1. When a systems administrator attempts to install a new driver and receives a warning that the driver is unsigned, what should be their next step?
2. Weston is a security administrator required to wear an identification badge while working at the corporate office. What is the security purpose of wearing a company badge?
3. Clusters provide all of these security features Except for which one?
4. When lighting a parking lot, light posts that house lights with a 40-ft (12-meter (m)) radius spread should be how far apart from each other for BEST security?
5. The primary difference between electromechanical alarm systems and volumetric systems is which of the following?
6. Purge Corp has finally returned to normal operations after repairing systems involved in an attack where PII was stolen. What is the next step of the incident management process for the organization?
7. Formiga is a networking engineer securing her Wi-Fi network. Which is the BEST device she can use to mitigate networking threats?
8. A system that attempts to stop threats from entering the parking lot, although the attacker gets past that and then gets stopped by the security guard, but the attacker gets past the guard and then gets stopped at the elevator because they do not know the entry code, but they succeed in circumventing that, yet are ultimately denied because they do not know the elevator exit code, is known as which concept?
9. An important difference between a hot site and a mirrored site is which of the following?
10. Software, hardware, and Information Technology (IT) services deployed within an organization to make the workplace more efficient, but unapproved by the organization, are considered _______.
11. When a system requires forensic investigative techniques to be used, which data is the most volatile and the most difficult to preserve?
12. The user who handles security assessments, manages password policies, and reviews audit logs, should be handled by whom?
13. Which of the following predicts how long an electromechanical system will run until it fails?
14. Which of the following steps are NOT part of forensically protecting evidence from a hard drive?
15. Intrusion detection systems (IDSes) watch and report anomalies in an organization's network. Only when the errors exceed a minimum clipping level are they reported. This clipping level is also known as a _________.
16. Preki is a systems administrator in charge of making backups for the lab. After making backups, he also tests them to verify backups were made. What could be done to improve this process?
17. When comparing scale-out technologies with scale-up technologies, what is the main difference?
18. Surge Corp has detected an attack on their network whereby personally identifiable information (PII) was leaked to an overseas organization. What is the next step in the incident management process?
19. Giulia is a security administrator who notices a workstation is performing abnormally. Using a security toolkit, she determines that a rootkit is on the system. What is the BEST way for her to remove this?
20. Sherida, a systems administrator, was just shocked a third time by one of the systems in the security operations center (SOC). What is her BEST next step?
21. Ante is the finance director of Chi Co. and is requesting bike part designs for financial planning purposes. The engineering director gives him the costs he wants, but not the designs. The engineering director is enforcing which control type?
22. Guro is a CISO considering security devices that automatically monitor activities using behavior analytics. Which is the BEST device for her to consider?
23. Cyber insurance covers all of the following business liabilities Except for which one?
24. Generic Medical College suffers an incident where a male teacher follows ladies into bathrooms, takes a photo, and runs out. He is finally caught, and newspapers are asking employees for information. All staff, except for public relations, should be trained to say which of the following?
25. BRM Corp manufactures buttons for major clothing companies and uses the HAL 3000 computer to manage their designs and other data files. Even though the system is 10 years old, they are purchasing 30 more of the same system. What is the reason for this?