, Table of Contents
Cover
Domain 1: Access Control
Scenario-Based Questions, Answers, and Explanations
Sources and References
Domain 2: Telecommunications and Network
Security
Traditional Questions, Answers, and Explanations
Scenario-Based Questions, Answers, and Explanations
Sources and References
Domain 3: Information Security Governance and
Risk Management
Traditional Questions, Answers, and Explanations
Scenario-Based Questions, Answers, and Explanations
Sources and References
Domain 4: Software Development Security
Traditional Questions, Answers, and Explanations
Scenario-Based Questions, Answers, and Explanations
Sources and References
Domain 5: Cryptography
Traditional Questions, Answers, and Explanations
, Scenario-Based Questions, Answers, and Explanations
Sources and References
Domain 6: Security Architecture and Design
Traditional Questions, Answers, and Explanations
Scenario-Based Questions, Answers, and Explanations
Sources and References
Domain 7: Security Operations
Traditional Questions, Answers, and Explanations
Scenario-Based Questions, Answers, and Explanations
Sources and References
Domain 8: Business Continuity and Disaster
Recovery Planning
Traditional Questions, Answers, and Explanations
Scenario-Based Questions, Answers, and Explanations
Sources and References
Domain 9: Legal, Regulations, Investigations, and
Compliance
Traditional Questions, Answers, and Explanations
Scenario-Based Questions, Answers, and Explanations
Sources and References
Domain 10: Physical and Environmental Security
Traditional Questions, Answers, and Explanations
Scenario-Based Questions, Answers, and Explanations
Sources and References
, Domain 4
Software Development Security
Traditional Questions, Answers, and
Explanations
1. Which of the following is the correct sequence of steps to be
followed in an application-software change control process?
1. Test the changes.
2. Plan for changes.
3. Initiate change request.
4. Release software changes.
a. 1, 2, 3, and 4
b. 2, 1, 3, and 4
c. 3, 2, 1, and 4
d. 4, 3, 1, and 2
1. c. Any application software change must start with a change request
from a functional user. An information technology (IT) person can plan,
test, and release the change after approved by the functional user.
2. To overcome resistance to a change, which of the following
approaches provides the best solution?
a. The change is well planned.
b. The change is fully communicated.
c. The change is implemented in a timely way.
d. The change is fully institutionalized.
2. d. Managing change is a difficult process. People resist change due to
a certain amount of discomfort that a change may bring. It does not
matter how well the change is planned, communicated, or implemented
if it is not spread throughout the organization evenly. Institutionalizing
Cover
Domain 1: Access Control
Scenario-Based Questions, Answers, and Explanations
Sources and References
Domain 2: Telecommunications and Network
Security
Traditional Questions, Answers, and Explanations
Scenario-Based Questions, Answers, and Explanations
Sources and References
Domain 3: Information Security Governance and
Risk Management
Traditional Questions, Answers, and Explanations
Scenario-Based Questions, Answers, and Explanations
Sources and References
Domain 4: Software Development Security
Traditional Questions, Answers, and Explanations
Scenario-Based Questions, Answers, and Explanations
Sources and References
Domain 5: Cryptography
Traditional Questions, Answers, and Explanations
, Scenario-Based Questions, Answers, and Explanations
Sources and References
Domain 6: Security Architecture and Design
Traditional Questions, Answers, and Explanations
Scenario-Based Questions, Answers, and Explanations
Sources and References
Domain 7: Security Operations
Traditional Questions, Answers, and Explanations
Scenario-Based Questions, Answers, and Explanations
Sources and References
Domain 8: Business Continuity and Disaster
Recovery Planning
Traditional Questions, Answers, and Explanations
Scenario-Based Questions, Answers, and Explanations
Sources and References
Domain 9: Legal, Regulations, Investigations, and
Compliance
Traditional Questions, Answers, and Explanations
Scenario-Based Questions, Answers, and Explanations
Sources and References
Domain 10: Physical and Environmental Security
Traditional Questions, Answers, and Explanations
Scenario-Based Questions, Answers, and Explanations
Sources and References
, Domain 4
Software Development Security
Traditional Questions, Answers, and
Explanations
1. Which of the following is the correct sequence of steps to be
followed in an application-software change control process?
1. Test the changes.
2. Plan for changes.
3. Initiate change request.
4. Release software changes.
a. 1, 2, 3, and 4
b. 2, 1, 3, and 4
c. 3, 2, 1, and 4
d. 4, 3, 1, and 2
1. c. Any application software change must start with a change request
from a functional user. An information technology (IT) person can plan,
test, and release the change after approved by the functional user.
2. To overcome resistance to a change, which of the following
approaches provides the best solution?
a. The change is well planned.
b. The change is fully communicated.
c. The change is implemented in a timely way.
d. The change is fully institutionalized.
2. d. Managing change is a difficult process. People resist change due to
a certain amount of discomfort that a change may bring. It does not
matter how well the change is planned, communicated, or implemented
if it is not spread throughout the organization evenly. Institutionalizing
