Skip to main content

Security Operations

Domain 07 Practice Set: 01

CISSP DOMAIN 07: Security Operations (Assessment Mode)

Domain 7: Security Operations focuses on the continuous protection and monitoring of information systems to detect, respond to, and recover from security incidents. This domain emphasizes the importance of ensuring the ongoing security of operations, managing and mitigating risk, and implementing effective operational controls and incident response mechanisms. Key concepts in Domain 7 include:
  • Incident Response: Detection, investigation, and management of security incidents to minimize their impact.
  • Logging and Monitoring: Continuous surveillance of system and network activities to detect potential security breaches.
  • Recovery and Continuity: Ensuring that systems can be restored to normal operations quickly after a disruption, including backup strategies and disaster recovery plans.
  • Patch Management and Vulnerability Management: Regularly applying updates and fixes to ensure that systems are protected from known vulnerabilities.
  • Change Management: Formal processes for controlling changes to IT systems to minimize the risk of unintended impacts.
  • Forensics: Techniques for investigating and analyzing security breaches to understand how and why they occurred.
  • Physical Security: The protection of physical assets, such as data centers, hardware, and other IT infrastructure, from physical threats like theft or damage.
 

Domain 07: Practice Set 01

Disclaimer: The practice exam questions provided are representative of the certification exam, but not the actual questions you will see on the certification exam. Practice exams are for self-assessment.

Page : 1/10

1. Which of the following activities is typically performed during the containment phase of an incident response?
2. What is the primary purpose of a Recovery Point Objective (RPO) in business continuity planning?
3. Which of the following is a primary function of a Security Information and Event Management (SIEM) system?
4. What is the primary role of a configuration management process in security operations?
5. Which of the following statements about a Business Continuity Plan (BCP) is correct?

Page : 2/10

6. Which of the following is an example of a detective control in security operations?
7. What is the purpose of vulnerability management in security operations?
8. Which of the following types of attacks can be detected using an Intrusion Detection System (IDS)?
9. Which type of backup strategy only backs up data that has changed since the last backup of any type?
10. Which of the following is considered a corrective control in security operations?

Page : 3/10

11. Which of the following controls is most effective in reducing the risk of insider threats?
12. Which of the following is the best description of a honeypot in a network environment?
13. What is the purpose of a business impact analysis (BIA) in the context of business continuity planning?
14. Which of the following describes a corrective control?
15. Which of the following security controls is most effective in detecting unauthorized access to systems?

Page : 4/10

16. Which of the following best describes log retention policies in security operations?
17. Which of the following is the best example of a preventive control?
18. What is the primary advantage of conducting tabletop exercises in an organization's incident response program?
19. What is the primary purpose of a warm site in disaster recovery planning?
20. What is the primary objective of implementing a Data Loss Prevention (DLP) solution in an organization?

Page : 5/10

21. Which of the following describes a warm site in disaster recovery planning?
22. What is the purpose of a configuration baseline in security operations?
23. What is the primary purpose of mandatory vacation as a security control?
24. Which of the following controls would best help prevent collusion between employees in a critical process?
25. Which of the following actions is an example of a preventive control in security operations?

Page : 6/10

26. Which of the following is an appropriate detective control to monitor employee behavior within an organization?
27. Which of the following is a primary purpose of implementing log retention policies in an organization?
28. What is the Recovery Time Objective (RTO) in disaster recovery planning?
29. Which of the following disaster recovery strategies provides the fastest recovery time but is also the most expensive to maintain?
30. Which of the following is the best example of a detective control in security operations?

Page : 7/10

31. Which of the following backup types only backs up data that has changed since the last full backup, regardless of any other backups taken?
32. Which of the following is a characteristic of a cold site in disaster recovery planning?
33. Which of the following best describes the purpose of conducting a root cause analysis after a security incident?
34. What is the main advantage of using a Security Operations Center (SOC) in an organization?
35. Which of the following is the best example of a compensating control in security operations?

Page : 8/10

36. What is the primary objective of forensics in the context of security operations?
37. What is the primary goal of business continuity planning (BCP)?
38. Which of the following security practices helps reduce collusion and insider threats?
39. In the context of backups, what does a differential backup do?
40. Which of the following activities is typically part of the change management process in security operations?

Page : 9/10

41. What is the primary security benefit of implementing separation of duties within an organization?
42. What is the main difference between an Intrusion Detection System (IDS) and an Intrusion Prevention System (IPS)?
43. What is the main objective of conducting regular security audits in an organization?
44. Which of the following types of plans focuses on the long-term recovery of business operations after a major disruption?
45. Which of the following best describes a hot site in disaster recovery planning?

Page : 10/10

46. Which of the following best describes job rotation as a security practice?
47. What is the primary purpose of logging and monitoring in security operations?
48. Which of the following disaster recovery strategies requires the longest time to become operational after a disaster?
49. What is the purpose of the concept of least privilege in security operations?
50. Which of the following best describes the concept of "least privilege" in security operations?
CISSP Practice Test, Quiz & Flashcards

More practice question and flash cards

Risk & Security Management

Domain_01_CISSP Practice Set 01

Asset Security

Domain_02_CISSP Practice Set 01

Security Architecture & Engineering

Domain_03_CISSP Practice Set 01

Communication & Network Security

Domain_04_CISSP Practice Set 01

Identity & Access Management

Domain_05_CISSP Practice Set 01

Domain 03: Mindmaps, Flashcards and more…

Learn More

CISSP Practice Sets Status

CISSP practice sets and Questions counter

5

CISSP Practice Sets

250

Questions

5.8

Test Submited by Users
Close Menu