






















Study with the several resources on Docsity
Earn points by helping other students or get them with a premium plan
Prepare for your exams
Study with the several resources on Docsity
Earn points to download
Earn points by helping other students or get them with a premium plan
Access a fully solved and verified guide for Chapter 14, focusing on the latest 2026-2027 information security professional certifications. This resource provides 100% correct questions and answers covering major industry standards like CISSP, CISM, and Security+. Boost your grades and certification readiness with these expert-vetted materials designed for high-scoring success
Typology: Exams
1 / 30
This page cannot be seen from the preview
Don't miss anything!























The (ISC) 2 Systems Security Certified Practitioner (SSCP) credential covers the seven domains of best practices for information security. True False - ✔✔ANSWER ✔✔-True
The CISSP-ISSEP concentration requires that a candidate demonstrate two years of professional experience in the area of architecture. True False - ✔✔ANSWER ✔✔-False Jonas is an experienced information security professional with a specialized focus on evaluating computers for evidence of criminal or malicious activity and recovering data. Which GIAC certification would be most appropriate for Jonas to demonstrate his abilities? GIAC Systems and Network Auditor (GSNA) GIAC Certified Forensic Examiner (GCFE) GIAC Certified Firewall Analyst (GCFW) GIAC Certified Penetration Tester (GPEN) - ✔✔ANSWER ✔✔- GIAC Certified Forensic Examiner (GCFE) The HealthCare Certified Information Security and Privacy Practitioner (HCISPP) credential recognizes the knowledge and skills necessary to perform and conduct security and privacy work for health care organizations. True False - ✔✔ANSWER ✔✔-True
DoD Directive 8570.01 is a voluntary certification requirement. True False - ✔✔ANSWER ✔✔-False One requirement of the GIAC Security Expert (GSE) credential is that candidates must hold three GIAC credentials, with two of the credentials being Gold. True False - ✔✔ANSWER ✔✔-True What DoD directive requires that information security professionals in the government earn professional certifications? 8088 8140 8270 8540 - ✔✔ANSWER ✔✔- 8140 Juniper Networks offers vendor-specific certifications. True
False - ✔✔ANSWER ✔✔-True How many years of specialized experience are required to earn one of the Certified Information Systems Security Professional (CISSP) concentrations? Two Three Four Five - ✔✔ANSWER ✔✔-Two Fran is interested in learning more about the popular Certified Ethical Hacker (CEH) credential. What organization should she contact? High Tech Crime Network International Council of E-Commerce Consultants (EC-Council) Software Engineering Institute - Carnegie Mellon University The International Society of Forensic Computer Examiners - ✔✔ANSWER ✔✔-International Council of E-Commerce Consultants (EC-Council) A GIAC credential holder may submit a technical paper that covers an important area of information security. If the paper is
Ben is working toward a position as a senior security administrator and would like to earn his first International Information Systems Security Certification Consortium, Inc. (ISC) 2 certification. Which certification is most appropriate for his needs? Systems Security Certified Practitioner (SSCP) Certified Information Systems Security Professional (CISSP) Certified Secure Software Lifecycle Professional (CSSLP) Certified Cloud Security Professional (CCSP) - ✔✔ANSWER ✔✔- Systems Security Certified Practitioner (SSCP) Richard would like to earn a certification that demonstrates his ability to manage the information security function. What certification would be most appropriate for Richard? Certified Information Security Manager (CISM) Certified Information Systems Auditor (CISA) Certified in the Governance of Enterprise IT (CGEIT)
Certified in Risk and Information Systems Control (CRISC) - ✔✔ANSWER ✔✔-Certified Information Security Manager (CISM) Which of the following certifications is considered the flagship Information Systems Security Certification Consortium, Inc. (ISC) 2 certification and the gold standard for information security professionals? Certified Authorization Professional (CAP) Certified Cloud Security Professional (CCSP) Certified Information Systems Security Professional (CISSP) Systems Security Certified Practitioner (SSCP) - ✔✔ANSWER ✔✔-Certified Information Systems Security Professional (CISSP) Which of the following Cisco certifications demonstrates the most advanced level of security knowledge? Cisco Certified Technician (CCT) Security Cisco Certified Network Associate (CCNA) Security Cisco Certified Network Professional (CCNP) Security Cisco Certified Internetwork Expert (CCIE) Security - ✔✔ANSWER ✔✔-Cisco Certified Internetwork Expert (CCIE) Security
Security+ CCSA - ✔✔ANSWER ✔✔-CCSA How many domains of knowledge are covered by the Certified Information Systems Security Professional (CISSP) exam? 7 8 9 10 - ✔✔ANSWER ✔✔- 8 Colin is a software developer. He would like to earn a credential that demonstrates to employers that he is well educated on software security issues. What certification would be most suitable for this purpose? Certified Information Systems Security Professional (CISSP) Certified Secure Software Lifecycle Professional (CSSLP) Certified Cyber Forensics Professional (CCFP) HealthCare Certified Information Security Privacy Practitioner (HCISPP) - ✔✔ANSWER ✔✔-Certified Secure Software Lifecycle Professional (CSSLP)
RSA is a global provider of security, risk, and compliance solutions for enterprise environments. True False - ✔✔ANSWER ✔✔-True Which of the following is NOT a role described in DoD Directive 8140, which covers cyber security training? Attack Protect and defend Operate and maintain Investigate - ✔✔ANSWER ✔✔-Attack What certification focuses on information systems audit, control, and security professionals? Certified Information Security Manager (CISM) Certified Information Systems Auditor (CISA) Certified in the Governance of Enterprise IT (CGEIT) Certified in Risk and Information Systems Control (CRISC) - ✔✔ANSWER ✔✔-Certified Information Systems Auditor (CISA)
False - ✔✔ANSWER ✔✔-True What type of security role is covered by the Committee on National Security Systems (CNSS) Training Standard CNSS-4012? Senior System Managers System Administrators Information Assurance Officers Risk Analysts - ✔✔ANSWER ✔✔-Senior System Manager CompTIA Security+ is an entry-level security certification. True False - ✔✔ANSWER ✔✔-True The ISACA Certified in Risk and Information Systems Control (CRISC) certification targets security professionals who ensure that their organization satisfies IT governance requirements. True False - ✔✔ANSWER ✔✔-False Helen has no experience in security. She would like to earn a certification that demonstrates that she has the basic
knowledge necessary to work in the information security field. What certification would be an appropriate first step for her? Certified Information Systems Security Professional (CISSP) GIAC Security Expert (GSE) Security+ CompTIA Advanced Security Practitioner (CASP) - ✔✔ANSWER ✔✔-Security+ Which of the following certifications cannot be used to satisfy the security credential requirements for the advanced Certified Internet Webmaster (CIW) certifications? Security+ GIAC Certified Firewall Analyst (GCFW) Certified Information Security Manager (CISM)
The (ISC) 2 Systems Security Certified Practitioner (SSCP) credential covers the seven domains of best practices for information security. True False - ✔✔ANSWER ✔✔-True The CISSP-ISSEP concentration requires that a candidate demonstrate two years of professional experience in the area of architecture. True False - ✔✔ANSWER ✔✔-False Jonas is an experienced information security professional with a specialized focus on evaluating computers for evidence of criminal or malicious activity and recovering data. Which GIAC certification would be most appropriate for Jonas to demonstrate his abilities? GIAC Systems and Network Auditor (GSNA) GIAC Certified Forensic Examiner (GCFE) GIAC Certified Firewall Analyst (GCFW) GIAC Certified Penetration Tester (GPEN) - ✔✔ANSWER ✔✔- GIAC Certified Forensic Examiner (GCFE)
The HealthCare Certified Information Security and Privacy Practitioner (HCISPP) credential recognizes the knowledge and skills necessary to perform and conduct security and privacy work for health care organizations. True False - ✔✔ANSWER ✔✔-True A certification is an official statement that validates that a person has satisfied specific job requirements. True False - ✔✔ANSWER ✔✔-True Which of the following is NOT a role described in DoD Directive 8140, which covers cyber security training? Attack Protect and defend Operate and maintain Investigate - ✔✔ANSWER ✔✔-Attack What certification organization began as an offshoot of the SANS Institute training programs?
Juniper Networks offers vendor-specific certifications. True False - ✔✔ANSWER ✔✔-True How many years of specialized experience are required to earn one of the Certified Information Systems Security Professional (CISSP) concentrations? Two Three Four Five - ✔✔ANSWER ✔✔-Two Fran is interested in learning more about the popular Certified Ethical Hacker (CEH) credential. What organization should she contact? High Tech Crime Network International Council of E-Commerce Consultants (EC-Council)
Software Engineering Institute - Carnegie Mellon University The International Society of Forensic Computer Examiners - ✔✔ANSWER ✔✔-International Council of E-Commerce Consultants (EC-Council) A GIAC credential holder may submit a technical paper that covers an important area of information security. If the paper is accepted, it adds the Gold credential to the base GIAC credential. True False - ✔✔ANSWER ✔✔-True DoD and NSA have adopted several training standards to serve as a pathway to satisfy Directive 8140. Although they are called standards, they are really training requirements for specific job responsibilities. True False - ✔✔ANSWER ✔✔-True Rod has been a Certified Information Systems Security Professional (CISSP) for 10 years. He would like to earn an advanced certification that demonstrates his ability in