CISSP /58 CISSP Practice Exam Questions and Answers For Study 1 / 58 16. What is the main challenge of using facial recognition systems in poorly lit environments? Inability to process data High FRR rate High FAR rate Inaccurate biometric template generation 2 / 58 In addition to the accuracy of the biometric systems, there are other factors that must alsobe considered: These factors include the enrollment time and the throughput rate, but not acceptability These factors do not include the enrollment time, the throughput rate, and acceptability These factors include the enrollment time, but not the throughput rate, neither the acceptability. These factors include the enrollment time, the throughput rate, and acceptability 3 / 58 By requiring the user to use more than one finger to authenticate, you can: Provide statistical improvements in ERR Provide statistical improvements in EAR. Provide statistical improvements in FRR. Provide statistical improvements in MTBF 4 / 58 Which of the following are the valid categories of hand geometry scanning? Mechanical and image-edge detection Electrical and image-edge detection Mechanical and image-ridge detection. Logical and image-edge detection 5 / 58 12. Which of the following is considered a physiological biometric identifier? Gait recognition Voice recognition Retina scanning Keystroke dynamics 6 / 58 In the following choices there is one that is a typical biometric characteristics that is not used to uniquely authenticate an individual's identity? Iris scans Skin scans Retina scans Palm scans 7 / 58 21. Which biometric method uses the geometry of the hand for identification? Retina scanning Fingerprint recognition Hand geometry Palm vein scanning 8 / 58 2. Which of the following is NOT a type of biometric access control? Fingerprint scanning Iris recognition Passwords Retina scanning 9 / 58 A security policy would include all of the following EXCEPT Enforcement Background Audit requirements Scope statement 10 / 58 Which of the following biometrics devices has the highs Crossover Error Rate (CER)? Fingerprints Voice pattern Hang Geometry Iris scan 11 / 58 6. What is a primary disadvantage of biometric systems? They can be expensive to implement They are very slow to process Users often forget how to use them They are too secure 12 / 58 9. Which metric measures the likelihood that a biometric system incorrectly rejects a legitimate user? Equal Error Rate (EER) False Acceptance Rate (FAR) False Rejection Rate (FRR) Cross Error Rate (CER) 13 / 58 Which of the following are the types of eye scan in use today? Retinal scans and body scans. Reflective scans and iris scans Retinal scans and iris scans Retinal scans and reflective scans 14 / 58 Which of the following choices is NOT part of a security policy? definition of general and specific responsibilities for information security management definition of overall steps of information security and the importance of security description of specific technologies used in the field of information security statement of management intend, supporting the goals and principles of information security 15 / 58 Which one of the following is NOT a fundamental component of a Regulatory Security Policy? Why is it to be done When it is to be done. Who is to do it. What is to be done. 16 / 58 18. Which biometric system analyzes the distinctive patterns of blood vessels in the retina for identification? Hand geometry Iris recognition Facial recognition Retina scanning 17 / 58 What is called the percentage of invalid subjects that are falsely accepted? Crossover Error Rate (CER) False Acceptance Rate (FAR) or Type II Error False Rejection Rate (FRR) or Type I Error True Acceptance Rate (TAR) or Type III error 18 / 58 Which of the following department managers would be best suited to oversee thedevelopment of an information security policy? Security administration Business operations Human Resources Information Systems 19 / 58 4. Which biometric system is based on the measurement of blood vessels in the hand? Palm vein scanning Iris recognition Fingerprint scanning Hand geometry 20 / 58 The quality of finger prints is crucial to maintain the necessary: FRR FRR and FAR FAR ERR and FAR 21 / 58 Which of the following biometric parameters are better suited for authentication use over along period of time? Iris pattern Signature dynamics Retina pattern Voice pattern 22 / 58 5. Which of the following terms describes the point where the False Acceptance Rate (FAR) equals the False Rejection Rate (FRR)? Cross Error Rate (CER) Failure to Enroll (FTE) Biometric Error Rate (BER) Crossover Error Rate (CER) 23 / 58 Which of the following defines the intent of a system security policy? A definition of the particular settings that have been determined to provide optimum security. A listing of tools and applications that will be used to protect the system. A definition of those items that must be excluded on the system. A brief, high-level statement defining what is and is not permitted during the operation of the system. 24 / 58 23. What is the typical use case for biometric systems in multi-factor authentication (MFA)? Something you know All of the above Something you are Something you have 25 / 58 Ensuring the integrity of business information is the PRIMARY concern of Encryption Security Logical Security On-line Security Procedural Security. 26 / 58 All of the following are basic components of a security policy EXCEPT the definition of the issue and statement of relevant terms. statement of performance of characteristics and requirements. statement of applicability and compliance requirements. statement of roles and responsibilities 27 / 58 8. What type of biometric system uses the measurement of the unique patterns in the colored ring around the pupil? Hand geometry Fingerprint scanning Iris recognition Retina scanning 28 / 58 You are comparing biometric systems. Security is the top priority. A low is mostimportant in this regard. FAR FRR MTBF ERR 29 / 58 19. What is a significant security risk associated with biometric systems? Physical characteristics can change over time The data can be easily reset like passwords Biometric systems are immune to spoofing Biometric data is hard to replace once compromised 30 / 58 15. Which type of biometric system captures the unique characteristics of the voice for authentication? Signature dynamics Gait recognition Facial recognition Voice recognition 31 / 58 3. What does the term "false acceptance rate (FAR)" refer to in a biometric system? The percentage of unauthorized users incorrectly allowed access The number of retries allowed in case of failure The speed at which the system processes biometric data The percentage of authorized users incorrectly denied access 32 / 58 Which one of the following should NOT be contained within a computer policy? Statement of senior executive support. Definition of management expectations. Responsibilities of individuals and groups for protected information. Definition of legal and regulatory controls. 33 / 58 Which one of the following is an important characteristic of an information security policy? Requires the identification of information owners. Lists applications that support the business function. Quantifies the effect of the loss of the information. Identifies major functional areas of information. 34 / 58 Which of the following methods is more microscopic and will analyze the direction of the ridges of the fingerprints for matching? Ridge matching Minutia matching Flow direct None of the choices 35 / 58 13. In a biometric access system, what does a "template" refer to? The pattern of data flow in the network A record of an individual’s biometric data stored for comparison A reference document used to design the system The physical device used to scan biometric traits 36 / 58 Which of the following is being considered as the most reliable kind of personal identification? Ticket Granting Finger print Token Password 37 / 58 In biometric identification systems, at the beginning, it was soon apparent that truly positiveidentification could only be based on physical attributes of a person. This raised thenecessicity of answering 2 questions: what was the tone of the voice of a person and his habits what part of the body to be used and how to accomplish identification to be viable what was the age of a person and his income level what was the sex of a person and his age 38 / 58 7. Which biometric method is least invasive and often used for user convenience in mobile devices? Facial recognition Retina scanning Fingerprint scanning Iris recognition 39 / 58 25. Which factor is least likely to affect the performance of a fingerprint recognition system? The user's age High temperatures Dirt on the scanner Moisture on the user's finger 40 / 58 Which of the following eye scan methods is considered to be more intrusive? Iris scans Retinal scans Reflective scans Body scans 41 / 58 14. Which of the following biometric methods has the highest accuracy? Iris recognition Fingerprint recognition Voice recognition Hand geometry 42 / 58 What is "Failure to Enroll (FTE)" in biometric systems? The system fails to properly record a user’s biometric data during enrollment A system's inability to correctly recognize a legitimate user A user's failure to provide the correct input at authentication A system's inability to reject an unauthorized user 43 / 58 Which must bear the primary responsibility for determining the level of protection needed forinformation systems resources? IS security specialists system auditors Senior Management Seniors security analysts 44 / 58 10. Biometric systems provide which of the following advantages over traditional access methods like passwords? They are immune to hacking Biometric data is easier to replicate They eliminate the need to remember a password They are more cost-effective 45 / 58 Which one of the following statements describes management controls that are instituted toimplement a security policy? They eliminate the need for most auditing functions. They prevent users from accessing any control function. They are generally inexpensive to implement. They may be administrative, procedural, or technical. 46 / 58 24. Which of the following reduces the risk of biometric spoofing? Lower FAR Multi-factor authentication (MFA) Biometric database replication Higher FRR 47 / 58 Type II errors occur when which of the following biometric system rates is high? Speed and throughput rate Crossover error rate False reject rate False accept rate 48 / 58 In which one of the following documents is the assignment of individual roles andresponsibilities MOST appropriately defined? Program manual Security policy Acceptable use policy Enforcement guidelines 49 / 58 Which of the following would be the first step in establishing an information securityprogram? Development of a security awareness-training program Development and implementation of an information security standards manual Adoption of a corporate information security policy statement Purchase of security access control software 50 / 58 20. Which of the following is considered the least secure biometric method due to environmental variables? Iris recognition Retina scanning Fingerprint recognition Voice recognition 51 / 58 17. Which of the following biometric methods is based on behavioral characteristics? Palm vein scanning Gait recognition Retina scanning Fingerprint recognition 52 / 58 Almost all types of detection permit a system's sensitivity to be increased or decreasedduring an inspection process. To have a valid measure of the system performance: The CER is used none of the above choices is correct the FRR is used the FAR is used 53 / 58 1. What is the primary advantage of using biometric systems for authentication? Ease of use Unique identification Fast deployment Cost-effectiveness 54 / 58 What is the most critical characteristic of a biometric identifying system? Reliability Perceived intrusiveness Accuracy Storage requirements 55 / 58 When developing an information security policy, what is the FIRST step that should be taken? Seek acceptance from other departments. Obtain copies of mandatory regulations. Ensure policy is compliant with current working practices. Gain management approval. 56 / 58 22. Which of the following is an example of behavioral biometrics? Voice recognition Gait recognition Facial recognition Iris scanning 57 / 58 What is the function of a corporate information security policy? Define the specific assets to be protected and identify the specific tasks which must be completed to secure them Issue corporate standard to be used when addressing specific security problems. Define the main security objectives which must be achieved and the security framework to meet business objectives. Issue guidelines in selecting equipment, configuration, design, and secure operations. 58 / 58 Why must senior management endorse a security policy? So that they will accept ownership for security within the organization. So that employees will follow the policy directives. So that external bodies will recognize the organizations commitment to security. So that they can be held legally accountable. Your score is 0% Restart quiz