Cissp 6
Uploaded by
sudeep reddyCissp 6
Uploaded by
sudeep reddyWe recommend you to try the PREMIUM CISSP Dumps From Exambible
https://www.exambible.com/CISSP-exam/ (653 Q&As)
ISC2
Exam Questions CISSP
Certified Information Systems Security Professional (CISSP)
Your Partner of IT Exam visit - https://www.exambible.com
We recommend you to try the PREMIUM CISSP Dumps From Exambible
https://www.exambible.com/CISSP-exam/ (653 Q&As)
NEW QUESTION 1
- (Exam Topic 1)
An important principle of defense in depth is that achieving information security requires a balanced focus on which PRIMARY elements?
A. Development, testing, and deployment
B. Prevention, detection, and remediation
C. People, technology, and operations
D. Certification, accreditation, and monitoring
Answer: C
NEW QUESTION 2
- (Exam Topic 1)
Which of the following represents the GREATEST risk to data confidentiality?
A. Network redundancies are not implemented
B. Security awareness training is not completed
C. Backup tapes are generated unencrypted
D. Users have administrative privileges
Answer: C
NEW QUESTION 3
- (Exam Topic 1)
Intellectual property rights are PRIMARY concerned with which of the following?
A. Owner’s ability to realize financial gain
B. Owner’s ability to maintain copyright
C. Right of the owner to enjoy their creation
D. Right of the owner to control delivery method
Answer: D
NEW QUESTION 4
- (Exam Topic 2)
When implementing a data classification program, why is it important to avoid too much granularity?
A. The process will require too many resources
B. It will be difficult to apply to both hardware and software
C. It will be difficult to assign ownership to the data
D. The process will be perceived as having value
Answer: A
NEW QUESTION 5
- (Exam Topic 2)
Which of the following is MOST important when assigning ownership of an asset to a department?
A. The department should report to the business owner
B. Ownership of the asset should be periodically reviewed
C. Individual accountability should be ensured
D. All members should be trained on their responsibilities
Answer: B
NEW QUESTION 6
- (Exam Topic 2)
Which of the following BEST describes the responsibilities of a data owner?
A. Ensuring quality and validation through periodic audits for ongoing data integrity
B. Maintaining fundamental data availability, including data storage and archiving
C. Ensuring accessibility to appropriate users, maintaining appropriate levels of data security
D. Determining the impact the information has on the mission of the organization
Answer: C
NEW QUESTION 7
- (Exam Topic 3)
Which of the following mobile code security models relies only on trust?
A. Code signing
B. Class authentication
C. Sandboxing
D. Type safety
Your Partner of IT Exam visit - https://www.exambible.com
We recommend you to try the PREMIUM CISSP Dumps From Exambible
https://www.exambible.com/CISSP-exam/ (653 Q&As)
Answer: A
NEW QUESTION 8
- (Exam Topic 3)
Which security service is served by the process of encryption plaintext with the sender’s private key and decrypting cipher text with the sender’s public key?
A. Confidentiality
B. Integrity
C. Identification
D. Availability
Answer: A
NEW QUESTION 9
- (Exam Topic 3)
The use of private and public encryption keys is fundamental in the implementation of which of the following?
A. Diffie-Hellman algorithm
B. Secure Sockets Layer (SSL)
C. Advanced Encryption Standard (AES)
D. Message Digest 5 (MD5)
Answer: A
NEW QUESTION 10
- (Exam Topic 3)
Who in the organization is accountable for classification of data information assets?
A. Data owner
B. Data architect
C. Chief Information Security Officer (CISO)
D. Chief Information Officer (CIO)
Answer: A
NEW QUESTION 10
- (Exam Topic 3)
What is the second phase of Public Key Infrastructure (PKI) key/certificate life-cycle management?
A. Implementation Phase
B. Initialization Phase
C. Cancellation Phase
D. Issued Phase
Answer: D
NEW QUESTION 13
- (Exam Topic 4)
Which of the following operates at the Network Layer of the Open System Interconnection (OSI) model?
A. Packet filtering
B. Port services filtering
C. Content filtering
D. Application access control
Answer: A
NEW QUESTION 14
- (Exam Topic 5)
A manufacturing organization wants to establish a Federated Identity Management (FIM) system with its 20 different supplier companies. Which of the following is
the BEST solution for the manufacturing organization?
A. Trusted third-party certification
B. Lightweight Directory Access Protocol (LDAP)
C. Security Assertion Markup language (SAML)
D. Cross-certification
Answer: C
NEW QUESTION 18
- (Exam Topic 7)
Recovery strategies of a Disaster Recovery planning (DRIP) MUST be aligned with which of the following?
A. Hardware and software compatibility issues
B. Applications’ critically and downtime tolerance
Your Partner of IT Exam visit - https://www.exambible.com
We recommend you to try the PREMIUM CISSP Dumps From Exambible
https://www.exambible.com/CISSP-exam/ (653 Q&As)
C. Budget constraints and requirements
D. Cost/benefit analysis and business objectives
Answer: D
NEW QUESTION 20
- (Exam Topic 7)
What would be the MOST cost effective solution for a Disaster Recovery (DR) site given that the organization’s systems cannot be unavailable for more than 24
hours?
A. Warm site
B. Hot site
C. Mirror site
D. Cold site
Answer: A
NEW QUESTION 23
- (Exam Topic 7)
An organization is found lacking the ability to properly establish performance indicators for its Web hosting solution during an audit. What would be the MOST
probable cause?
A. Absence of a Business Intelligence (BI) solution
B. Inadequate cost modeling
C. Improper deployment of the Service-Oriented Architecture (SOA)
D. Insufficient Service Level Agreement (SLA)
Answer: D
NEW QUESTION 28
- (Exam Topic 7)
Which of the following types of business continuity tests includes assessment of resilience to internal and external risks without endangering live operations?
A. Walkthrough
B. Simulation
C. Parallel
D. White box
Answer: B
NEW QUESTION 30
- (Exam Topic 8)
When in the Software Development Life Cycle (SDLC) MUST software security functional requirements be defined?
A. After the system preliminary design has been developed and the data security categorization has been performed
B. After the vulnerability analysis has been performed and before the system detailed design begins
C. After the system preliminary design has been developed and before the data security categorization begins
D. After the business functional analysis and the data security categorization have been performed
Answer: C
NEW QUESTION 34
- (Exam Topic 8)
The configuration management and control task of the certification and accreditation process is incorporated in which phase of the System Development Life Cycle
(SDLC)?
A. System acquisition and development
B. System operations and maintenance
C. System initiation
D. System implementation
Answer: A
Explanation:
Reference https://online.concordiA.edu/computer-science/system-development-life-cycle-phases/
NEW QUESTION 37
- (Exam Topic 9)
Which of the following is a method used to prevent Structured Query Language (SQL) injection attacks?
A. Data compression
B. Data classification
C. Data warehousing
D. Data validation
Answer: D
Your Partner of IT Exam visit - https://www.exambible.com
We recommend you to try the PREMIUM CISSP Dumps From Exambible
https://www.exambible.com/CISSP-exam/ (653 Q&As)
NEW QUESTION 42
- (Exam Topic 9)
Which of the following is ensured when hashing files during chain of custody handling?
A. Availability
B. Accountability
C. Integrity
D. Non-repudiation
Answer: C
NEW QUESTION 43
- (Exam Topic 9)
Which of the following is a limitation of the Common Vulnerability Scoring System (CVSS) as it relates to conducting code review?
A. It has normalized severity ratings.
B. It has many worksheets and practices to implement.
C. It aims to calculate the risk of published vulnerabilities.
D. It requires a robust risk management framework to be put in place.
Answer: C
NEW QUESTION 45
- (Exam Topic 9)
To prevent inadvertent disclosure of restricted information, which of the following would be the LEAST effective process for eliminating data prior to the media
being discarded?
A. Multiple-pass overwriting
B. Degaussing
C. High-level formatting
D. Physical destruction
Answer: C
NEW QUESTION 46
- (Exam Topic 9)
Which one of the following is a threat related to the use of web-based client side input validation?
A. Users would be able to alter the input after validation has occurred
B. The web server would not be able to validate the input after transmission
C. The client system could receive invalid input from the web server
D. The web server would not be able to receive invalid input from the client
Answer: A
NEW QUESTION 50
- (Exam Topic 9)
A vulnerability test on an Information System (IS) is conducted to
A. exploit security weaknesses in the IS.
B. measure system performance on systems with weak security controls.
C. evaluate the effectiveness of security controls.
D. prepare for Disaster Recovery (DR) planning.
Answer: C
NEW QUESTION 53
- (Exam Topic 9)
An organization allows ping traffic into and out of their network. An attacker has installed a program on the network that uses the payload portion of the ping packet
to move data into and out of the network. What type of attack has the organization experienced?
A. Data leakage
B. Unfiltered channel
C. Data emanation
D. Covert channel
Answer: D
NEW QUESTION 55
- (Exam Topic 9)
Which of the following is a physical security control that protects Automated Teller Machines (ATM) from skimming?
A. Anti-tampering
B. Secure card reader
C. Radio Frequency (RF) scanner
D. Intrusion Prevention System (IPS)
Your Partner of IT Exam visit - https://www.exambible.com
We recommend you to try the PREMIUM CISSP Dumps From Exambible
https://www.exambible.com/CISSP-exam/ (653 Q&As)
Answer: A
NEW QUESTION 56
- (Exam Topic 9)
What technique BEST describes antivirus software that detects viruses by watching anomalous behavior?
A. Signature
B. Inference
C. Induction
D. Heuristic
Answer: D
NEW QUESTION 58
- (Exam Topic 9)
Which one of the following transmission media is MOST effective in preventing data interception?
A. Microwave
B. Twisted-pair
C. Fiber optic
D. Coaxial cable
Answer: C
NEW QUESTION 60
- (Exam Topic 9)
Which one of the following considerations has the LEAST impact when considering transmission security?
A. Network availability
B. Data integrity
C. Network bandwidth
D. Node locations
Answer: C
NEW QUESTION 62
- (Exam Topic 9)
The stringency of an Information Technology (IT) security assessment will be determined by the
A. system's past security record.
B. size of the system's database.
C. sensitivity of the system's datA.
D. age of the system.
Answer: C
NEW QUESTION 66
- (Exam Topic 9)
Which of the following is considered best practice for preventing e-mail spoofing?
A. Spam filtering
B. Cryptographic signature
C. Uniform Resource Locator (URL) filtering
D. Reverse Domain Name Service (DNS) lookup
Answer: B
NEW QUESTION 71
- (Exam Topic 9)
Including a Trusted Platform Module (TPM) in the design of a computer system is an example of a technique to what?
A. Interface with the Public Key Infrastructure (PKI)
B. Improve the quality of security software
C. Prevent Denial of Service (DoS) attacks
D. Establish a secure initial state
Answer: D
NEW QUESTION 76
- (Exam Topic 9)
An advantage of link encryption in a communications network is that it
A. makes key management and distribution easier.
B. protects data from start to finish through the entire network.
C. improves the efficiency of the transmission.
Your Partner of IT Exam visit - https://www.exambible.com
We recommend you to try the PREMIUM CISSP Dumps From Exambible
https://www.exambible.com/CISSP-exam/ (653 Q&As)
D. encrypts all information, including headers and routing information.
Answer: D
NEW QUESTION 79
- (Exam Topic 9)
Which of the following is an authentication protocol in which a new random number is generated uniquely for each login session?
A. Challenge Handshake Authentication Protocol (CHAP)
B. Point-to-Point Protocol (PPP)
C. Extensible Authentication Protocol (EAP)
D. Password Authentication Protocol (PAP)
Answer: A
NEW QUESTION 84
- (Exam Topic 9)
As one component of a physical security system, an Electronic Access Control (EAC) token is BEST known for its ability to
A. overcome the problems of key assignments.
B. monitor the opening of windows and doors.
C. trigger alarms when intruders are detected.
D. lock down a facility during an emergency.
Answer: A
NEW QUESTION 88
- (Exam Topic 9)
What security management control is MOST often broken by collusion?
A. Job rotation
B. Separation of duties
C. Least privilege model
D. Increased monitoring
Answer: B
NEW QUESTION 91
- (Exam Topic 9)
When building a data center, site location and construction factors that increase the level of vulnerability to physical threats include
A. hardened building construction with consideration of seismic factors.
B. adequate distance from and lack of access to adjacent buildings.
C. curved roads approaching the data center.
D. proximity to high crime areas of the city.
Answer: D
NEW QUESTION 92
- (Exam Topic 9)
Which of the following does the Encapsulating Security Payload (ESP) provide?
A. Authorization and integrity
B. Availability and integrity
C. Integrity and confidentiality
D. Authorization and confidentiality
Answer: C
NEW QUESTION 96
- (Exam Topic 9)
Which one of the following is the MOST important in designing a biometric access system if it is essential that no one other than authorized individuals are
admitted?
A. False Acceptance Rate (FAR)
B. False Rejection Rate (FRR)
C. Crossover Error Rate (CER)
D. Rejection Error Rate
Answer: A
NEW QUESTION 97
- (Exam Topic 9)
An organization is selecting a service provider to assist in the consolidation of multiple computing sites including development, implementation and ongoing
support of various computer systems. Which of the following MUST be verified by the Information Security Department?
Your Partner of IT Exam visit - https://www.exambible.com
We recommend you to try the PREMIUM CISSP Dumps From Exambible
https://www.exambible.com/CISSP-exam/ (653 Q&As)
A. The service provider's policies are consistent with ISO/IEC27001 and there is evidence that the service provider is following those policies.
B. The service provider will segregate the data within its systems and ensure that each region's policies are met.
C. The service provider will impose controls and protections that meet or exceed the current systemscontrols and produce audit logs as verification.
D. The service provider's policies can meet the requirements imposed by the new environment even if they differ from the organization's current policies.
Answer: D
NEW QUESTION 98
- (Exam Topic 9)
Which of the following methods protects Personally Identifiable Information (PII) by use of a full replacement of the data element?
A. Transparent Database Encryption (TDE)
B. Column level database encryption
C. Volume encryption
D. Data tokenization
Answer: D
NEW QUESTION 99
- (Exam Topic 9)
The use of strong authentication, the encryption of Personally Identifiable Information (PII) on database servers, application security reviews, and the encryption of
data transmitted across networks provide
A. data integrity.
B. defense in depth.
C. data availability.
D. non-repudiation.
Answer: B
NEW QUESTION 102
- (Exam Topic 9)
Which of the following is the BEST way to verify the integrity of a software patch?
A. Cryptographic checksums
B. Version numbering
C. Automatic updates
D. Vendor assurance
Answer: A
NEW QUESTION 105
- (Exam Topic 9)
The FIRST step in building a firewall is to
A. assign the roles and responsibilities of the firewall administrators.
B. define the intended audience who will read the firewall policy.
C. identify mechanisms to encourage compliance with the policy.
D. perform a risk analysis to identify issues to be addressed.
Answer: D
NEW QUESTION 109
- (Exam Topic 9)
Which one of the following describes granularity?
A. Maximum number of entries available in an Access Control List (ACL)
B. Fineness to which a trusted system can authenticate users
C. Number of violations divided by the number of total accesses
D. Fineness to which an access control system can be adjusted
Answer: D
NEW QUESTION 114
- (Exam Topic 9)
Which of the following is the MAIN reason that system re-certification and re-accreditation are needed?
A. To assist data owners in making future sensitivity and criticality determinations
B. To assure the software development team that all security issues have been addressed
C. To verify that security protection remains acceptable to the organizational security policy
D. To help the security team accept or reject new systems for implementation and production
Answer: C
NEW QUESTION 118
Your Partner of IT Exam visit - https://www.exambible.com
We recommend you to try the PREMIUM CISSP Dumps From Exambible
https://www.exambible.com/CISSP-exam/ (653 Q&As)
- (Exam Topic 9)
What principle requires that changes to the plaintext affect many parts of the ciphertext?
A. Diffusion
B. Encapsulation
C. Obfuscation
D. Permutation
Answer: A
NEW QUESTION 121
- (Exam Topic 9)
The Hardware Abstraction Layer (HAL) is implemented in the
A. system software.
B. system hardware.
C. application software.
D. network hardware.
Answer: A
NEW QUESTION 124
- (Exam Topic 9)
A disadvantage of an application filtering firewall is that it can lead to
A. a crash of the network as a result of user activities.
B. performance degradation due to the rules applied.
C. loss of packets on the network due to insufficient bandwidth.
D. Internet Protocol (IP) spoofing by hackers.
Answer: B
NEW QUESTION 129
- (Exam Topic 9)
Which of the following is the FIRST step of a penetration test plan?
A. Analyzing a network diagram of the target network
B. Notifying the company's customers
C. Obtaining the approval of the company's management
D. Scheduling the penetration test during a period of least impact
Answer: C
NEW QUESTION 133
- (Exam Topic 9)
Which one of the following is a fundamental objective in handling an incident?
A. To restore control of the affected systems
B. To confiscate the suspect's computers
C. To prosecute the attacker
D. To perform full backups of the system
Answer: A
NEW QUESTION 138
- (Exam Topic 9)
Which of the following is an appropriate source for test data?
A. Production data that is secured and maintained only in the production environment.
B. Test data that has no similarities to production datA.
C. Test data that is mirrored and kept up-to-date with production datA.
D. Production data that has been sanitized before loading into a test environment.
Answer: D
NEW QUESTION 142
- (Exam Topic 9)
What is the ultimate objective of information classification?
A. To assign responsibility for mitigating the risk to vulnerable systems
B. To ensure that information assets receive an appropriate level of protection
C. To recognize that the value of any item of information may change over time
D. To recognize the optimal number of classification categories and the benefits to be gained from their use
Answer: B
Your Partner of IT Exam visit - https://www.exambible.com
We recommend you to try the PREMIUM CISSP Dumps From Exambible
https://www.exambible.com/CISSP-exam/ (653 Q&As)
NEW QUESTION 146
- (Exam Topic 9)
What maintenance activity is responsible for defining, implementing, and testing updates to application systems?
A. Program change control
B. Regression testing
C. Export exception control
D. User acceptance testing
Answer: A
NEW QUESTION 147
- (Exam Topic 9)
A software scanner identifies a region within a binary image having high entropy. What does this MOST likely indicate?
A. Encryption routines
B. Random number generator
C. Obfuscated code
D. Botnet command and control
Answer: C
NEW QUESTION 148
- (Exam Topic 9)
Who must approve modifications to an organization's production infrastructure configuration?
A. Technical management
B. Change control board
C. System operations
D. System users
Answer: B
NEW QUESTION 153
- (Exam Topic 9)
An Intrusion Detection System (IDS) is generating alarms that a user account has over 100 failed login attempts per minute. A sniffer is placed on the network, and
a variety of passwords for that user are noted. Which of the following is MOST likely occurring?
A. A dictionary attack
B. A Denial of Service (DoS) attack
C. A spoofing attack
D. A backdoor installation
Answer: A
NEW QUESTION 156
- (Exam Topic 9)
Which of the following is an effective method for avoiding magnetic media data remanence?
A. Degaussing
B. Encryption
C. Data Loss Prevention (DLP)
D. Authentication
Answer: A
NEW QUESTION 161
- (Exam Topic 9)
When designing a vulnerability test, which one of the following is likely to give the BEST indication of what components currently operate on the network?
A. Topology diagrams
B. Mapping tools
C. Asset register
D. Ping testing
Answer: B
NEW QUESTION 165
- (Exam Topic 9)
A system has been scanned for vulnerabilities and has been found to contain a number of communication ports that have been opened without authority. To which
of the following might this system have been subjected?
A. Trojan horse
B. Denial of Service (DoS)
C. Spoofing
D. Man-in-the-Middle (MITM)
Your Partner of IT Exam visit - https://www.exambible.com
We recommend you to try the PREMIUM CISSP Dumps From Exambible
https://www.exambible.com/CISSP-exam/ (653 Q&As)
Answer: A
NEW QUESTION 169
- (Exam Topic 9)
Why must all users be positively identified prior to using multi-user computers?
A. To provide access to system privileges
B. To provide access to the operating system
C. To ensure that unauthorized persons cannot access the computers
D. To ensure that management knows what users are currently logged on
Answer: C
NEW QUESTION 174
- (Exam Topic 9)
Which of the following wraps the decryption key of a full disk encryption implementation and ties the hard disk drive to a particular device?
A. Trusted Platform Module (TPM)
B. Preboot eXecution Environment (PXE)
C. Key Distribution Center (KDC)
D. Simple Key-Management for Internet Protocol (SKIP)
Answer: A
NEW QUESTION 176
- (Exam Topic 9)
An engineer in a software company has created a virus creation tool. The tool can generate thousands of polymorphic viruses. The engineer is planning to use the
tool in a controlled environment to test the company's next generation virus scanning software. Which would BEST describe the behavior of the engineer and why?
A. The behavior is ethical because the tool will be used to create a better virus scanner.
B. The behavior is ethical because any experienced programmer could create such a tool.
C. The behavior is not ethical because creating any kind of virus is bad.
D. The behavior is not ethical because such a tool could be leaked on the Internet.
Answer: A
NEW QUESTION 180
- (Exam Topic 9)
Two companies wish to share electronic inventory and purchase orders in a supplier and client relationship. What is the BEST security solution for them?
A. Write a Service Level Agreement (SLA) for the two companies.
B. Set up a Virtual Private Network (VPN) between the two companies.
C. Configure a firewall at the perimeter of each of the two companies.
D. Establish a File Transfer Protocol (FTP) connection between the two companies.
Answer: B
NEW QUESTION 185
- (Exam Topic 9)
At a MINIMUM, a formal review of any Disaster Recovery Plan (DRP) should be conducted
A. monthly.
B. quarterly.
C. annually.
D. bi-annually.
Answer: C
NEW QUESTION 189
- (Exam Topic 10)
Which of the following is a process within a Systems Engineering Life Cycle (SELC) stage?
A. Requirements Analysis
B. Development and Deployment
C. Production Operations
D. Utilization Support
Answer: A
NEW QUESTION 192
- (Exam Topic 10)
Which of the following is the BEST reason to review audit logs periodically?
A. Verify they are operating properly
B. Monitor employee productivity
Your Partner of IT Exam visit - https://www.exambible.com
We recommend you to try the PREMIUM CISSP Dumps From Exambible
https://www.exambible.com/CISSP-exam/ (653 Q&As)
C. Identify anomalies in use patterns
D. Meet compliance regulations
Answer: C
NEW QUESTION 196
- (Exam Topic 10)
Which of the following is the MOST beneficial to review when performing an IT audit?
A. Audit policy
B. Security log
C. Security policies
D. Configuration settings
Answer: C
NEW QUESTION 197
- (Exam Topic 10)
Which of the following MOST influences the design of the organization's electronic monitoring policies?
A. Workplace privacy laws
B. Level of organizational trust
C. Results of background checks
D. Business ethical considerations
Answer: A
NEW QUESTION 199
- (Exam Topic 10)
According to best practice, which of the following groups is the MOST effective in performing an information
security compliance audit?
A. In-house security administrators
B. In-house Network Team
C. Disaster Recovery (DR) Team
D. External consultants
Answer: D
NEW QUESTION 203
- (Exam Topic 10)
An online retail company has formulated a record retention schedule for customer transactions. Which of the following is a valid reason a customer transaction is
kept beyond the retention schedule?
A. Pending legal hold
B. Long term data mining needs
C. Customer makes request to retain
D. Useful for future business initiatives
Answer: A
NEW QUESTION 204
- (Exam Topic 10)
What does secure authentication with logging provide?
A. Data integrity
B. Access accountability
C. Encryption logging format
D. Segregation of duties
Answer: B
NEW QUESTION 205
- (Exam Topic 10)
Refer to the information below to answer the question.
During the investigation of a security incident, it is determined that an unauthorized individual accessed a system which hosts a database containing financial
information.
If it is discovered that large quantities of information have been copied by the unauthorized individual, what attribute of the data has been compromised?
A. Availability
B. Integrity
C. Accountability
D. Confidentiality
Answer: D
Your Partner of IT Exam visit - https://www.exambible.com
We recommend you to try the PREMIUM CISSP Dumps From Exambible
https://www.exambible.com/CISSP-exam/ (653 Q&As)
NEW QUESTION 210
- (Exam Topic 10)
Which of the following assures that rules are followed in an identity management architecture?
A. Policy database
B. Digital signature
C. Policy decision point
D. Policy enforcement point
Answer: D
NEW QUESTION 213
- (Exam Topic 10)
Which of the following is the MOST difficult to enforce when using cloud computing?
A. Data access
B. Data backup
C. Data recovery
D. Data disposal
Answer: D
NEW QUESTION 218
- (Exam Topic 10)
Refer to the information below to answer the question.
A security practitioner detects client-based attacks on the organization’s network. A plan will be necessary to address these concerns.
What MUST the plan include in order to reduce client-side exploitation?
A. Approved web browsers
B. Network firewall procedures
C. Proxy configuration
D. Employee education
Answer: D
NEW QUESTION 222
- (Exam Topic 10)
Which of the following are required components for implementing software configuration management systems?
A. Audit control and signoff
B. User training and acceptance
C. Rollback and recovery processes
D. Regression testing and evaluation
Answer: C
NEW QUESTION 224
- (Exam Topic 10)
What is the PRIMARY advantage of using automated application security testing tools?
A. The application can be protected in the production environment.
B. Large amounts of code can be tested using fewer resources.
C. The application will fail less when tested using these tools.
D. Detailed testing of code functions can be performed.
Answer: B
NEW QUESTION 225
- (Exam Topic 10)
What is a common challenge when implementing Security Assertion Markup Language (SAML) for identity integration between on-premise environment and an
external identity provider service?
A. Some users are not provisioned into the service.
B. SAML tokens are provided by the on-premise identity provider.
C. Single users cannot be revoked from the service.
D. SAML tokens contain user information.
Answer: A
NEW QUESTION 227
- (Exam Topic 10)
A business has implemented Payment Card Industry Data Security Standard (PCI-DSS) compliant handheld credit card processing on their Wireless Local Area
Network (WLAN) topology. The network team partitioned the WLAN to create a private segment for credit card processing using a firewall to control device access
and route traffic to the card processor on the Internet. What components are in the scope of PCI-DSS?
A. The entire enterprise network infrastructure.
B. The handheld devices, wireless access points and border gateway.
Your Partner of IT Exam visit - https://www.exambible.com
We recommend you to try the PREMIUM CISSP Dumps From Exambible
https://www.exambible.com/CISSP-exam/ (653 Q&As)
C. The end devices, wireless access points, WLAN, switches, management console, and firewall.
D. The end devices, wireless access points, WLAN, switches, management console, and Internet
Answer: C
NEW QUESTION 228
- (Exam Topic 10)
A security manager has noticed an inconsistent application of server security controls resulting in vulnerabilities on critical systems. What is the MOST likely cause
of this issue?
A. A lack of baseline standards
B. Improper documentation of security guidelines
C. A poorly designed security policy communication program
D. Host-based Intrusion Prevention System (HIPS) policies are ineffective
Answer: A
NEW QUESTION 230
- (Exam Topic 10)
Which of the following methods provides the MOST protection for user credentials?
A. Forms-based authentication
B. Digest authentication
C. Basic authentication
D. Self-registration
Answer: B
NEW QUESTION 234
- (Exam Topic 10)
Which of the following actions MUST be taken if a vulnerability is discovered during the maintenance stage in a System Development Life Cycle (SDLC)?
A. Make changes following principle and design guidelines.
B. Stop the application until the vulnerability is fixed.
C. Report the vulnerability to product owner.
D. Monitor the application and review code.
Answer: C
NEW QUESTION 235
- (Exam Topic 10)
Which of the following is a detective access control mechanism?
A. Log review
B. Least privilege
C. Password complexity
D. Non-disclosure agreement
Answer: A
NEW QUESTION 239
- (Exam Topic 10)
Which of the following is the MOST effective attack against cryptographic hardware modules?
A. Plaintext
B. Brute force
C. Power analysis
D. Man-in-the-middle (MITM)
Answer: C
NEW QUESTION 243
- (Exam Topic 10)
During the procurement of a new information system, it was determined that some of the security requirements were not addressed in the system specification.
Which of the following is the MOST likely reason for this?
A. The procurement officer lacks technical knowledge.
B. The security requirements have changed during the procurement process.
C. There were no security professionals in the vendor's bidding team.
D. The description of the security requirements was insufficient.
Answer: D
NEW QUESTION 248
- (Exam Topic 10)
Your Partner of IT Exam visit - https://www.exambible.com
We recommend you to try the PREMIUM CISSP Dumps From Exambible
https://www.exambible.com/CISSP-exam/ (653 Q&As)
Refer to the information below to answer the question.
An organization has hired an information security officer to lead their security department. The officer has adequate people resources but is lacking the other
necessary components to have an effective security program. There are numerous initiatives requiring security involvement.
Which of the following is considered the MOST important priority for the information security officer?
A. Formal acceptance of the security strategy
B. Disciplinary actions taken against unethical behavior
C. Development of an awareness program for new employees
D. Audit of all organization system configurations for faults
Answer: A
NEW QUESTION 252
- (Exam Topic 10)
Which of the following MUST system and database administrators be aware of and apply when configuring systems used for storing personal employee data?
A. Secondary use of the data by business users
B. The organization's security policies and standards
C. The business purpose for which the data is to be used
D. The overall protection of corporate resources and data
Answer: B
NEW QUESTION 253
- (Exam Topic 10)
Refer to the information below to answer the question.
An organization has hired an information security officer to lead their security department. The officer has adequate people resources but is lacking the other
necessary components to have an effective security program. There are numerous initiatives requiring security involvement.
Given the number of priorities, which of the following will MOST likely influence the selection of top initiatives?
A. Severity of risk
B. Complexity of strategy
C. Frequency of incidents
D. Ongoing awareness
Answer: A
NEW QUESTION 257
- (Exam Topic 10)
Refer to the information below to answer the question.
A large organization uses unique identifiers and requires them at the start of every system session. Application access is based on job classification. The
organization is subject to periodic independent reviews of access controls and violations. The organization uses wired and wireless networks and remote access.
The organization also uses secure connections to branch offices and secure backup and recovery strategies for selected information and processes.
Which of the following BEST describes the access control methodology used?
A. Least privilege
B. Lattice Based Access Control (LBAC)
C. Role Based Access Control (RBAC)
D. Lightweight Directory Access Control (LDAP)
Answer: C
NEW QUESTION 258
- (Exam Topic 10)
Host-Based Intrusion Protection (HIPS) systems are often deployed in monitoring or learning mode during their initial implementation. What is the objective of
starting in this mode?
A. Automatically create exceptions for specific actions or files
B. Determine which files are unsafe to access and blacklist them
C. Automatically whitelist actions or files known to the system
D. Build a baseline of normal or safe system events for review
Answer: D
NEW QUESTION 260
- (Exam Topic 10)
Refer to the information below to answer the question.
A new employee is given a laptop computer with full administrator access. This employee does not have a personal computer at home and has a child that uses
the computer to send and receive e-mail, search the web, and use instant messaging. The organization’s Information Technology (IT) department discovers that a
peer-to-peer program has been installed on the computer using the employee's access.
Which of the following methods is the MOST effective way of removing the Peer-to-Peer (P2P) program from the computer?
A. Run software uninstall
B. Re-image the computer
C. Find and remove all installation files
D. Delete all cookies stored in the web browser cache
Answer: B
Your Partner of IT Exam visit - https://www.exambible.com
We recommend you to try the PREMIUM CISSP Dumps From Exambible
https://www.exambible.com/CISSP-exam/ (653 Q&As)
NEW QUESTION 263
- (Exam Topic 10)
Place the following information classification steps in sequential order.
A. Mastered
B. Not Mastered
Answer: A
Explanation:
NEW QUESTION 267
- (Exam Topic 10)
Which of the following is the MAIN goal of a data retention policy?
A. Ensure that data is destroyed properly.
B. Ensure that data recovery can be done on the datA.
C. Ensure the integrity and availability of data for a predetermined amount of time.
D. Ensure the integrity and confidentiality of data for a predetermined amount of time.
Answer: C
NEW QUESTION 269
- (Exam Topic 10)
Refer to the information below to answer the question.
In a Multilevel Security (MLS) system, the following sensitivity labels are used in increasing levels of sensitivity: restricted, confidential, secret, top secret. Table A
lists the clearance levels for four users, while Table B lists the security classes of four different files.
Your Partner of IT Exam visit - https://www.exambible.com
We recommend you to try the PREMIUM CISSP Dumps From Exambible
https://www.exambible.com/CISSP-exam/ (653 Q&As)
In a Bell-LaPadula system, which user has the MOST restrictions when writing data to any of the four files?
A. User A
B. User B
C. User C
D. User D
Answer: D
NEW QUESTION 272
- (Exam Topic 10)
For a service provider, which of the following MOST effectively addresses confidentiality concerns for customers using cloud computing?
A. Hash functions
B. Data segregation
C. File system permissions
D. Non-repudiation controls
Answer: B
NEW QUESTION 275
- (Exam Topic 10)
From a security perspective, which of the following is a best practice to configure a Domain Name Service (DNS) system?
A. Configure secondary servers to use the primary server as a zone forwarder.
B. Block all Transmission Control Protocol (TCP) connections.
C. Disable all recursive queries on the name servers.
D. Limit zone transfers to authorized devices.
Answer: D
NEW QUESTION 279
- (Exam Topic 10)
Refer to the information below to answer the question.
An organization has hired an information security officer to lead their security department. The officer has adequate people resources but is lacking the other
necessary components to have an effective security program. There are numerous initiatives requiring security involvement.
The effectiveness of the security program can PRIMARILY be measured through
A. audit findings.
B. risk elimination.
C. audit requirements.
D. customer satisfaction.
Answer: A
NEW QUESTION 282
- (Exam Topic 10)
When using third-party software developers, which of the following is the MOST effective method of providing software development Quality Assurance (QA)?
A. Retain intellectual property rights through contractual wording.
B. Perform overlapping code reviews by both parties.
C. Verify that the contractors attend development planning meetings.
D. Create a separate contractor development environment.
Answer: B
NEW QUESTION 286
- (Exam Topic 10)
What is the MOST important reason to configure unique user IDs?
A. Supporting accountability
B. Reducing authentication errors
C. Preventing password compromise
D. Supporting Single Sign On (SSO)
Answer: A
Your Partner of IT Exam visit - https://www.exambible.com
We recommend you to try the PREMIUM CISSP Dumps From Exambible
https://www.exambible.com/CISSP-exam/ (653 Q&As)
NEW QUESTION 288
- (Exam Topic 10)
Refer to the information below to answer the question.
Desktop computers in an organization were sanitized for re-use in an equivalent security environment. The data was destroyed in accordance with organizational
policy and all marking and other external indications of the sensitivity of the data that was formerly stored on the magnetic drives were removed.
Organizational policy requires the deletion of user data from Personal Digital Assistant (PDA) devices before disposal. It may not be possible to delete the user
data if the device is malfunctioning. Which destruction method below provides the BEST assurance that the data has been removed?
A. Knurling
B. Grinding
C. Shredding
D. Degaussing
Answer: C
NEW QUESTION 291
- (Exam Topic 11)
Which of the following BEST describes the purpose of performing security certification?
A. To identify system threats, vulnerabilities, and acceptable level of risk
B. To formalize the confirmation of compliance to security policies and standards
C. To formalize the confirmation of completed risk mitigation and risk analysis
D. To verify that system architecture and interconnections with other systems are effectively implemented
Answer: B
NEW QUESTION 294
- (Exam Topic 11)
The application of which of the following standards would BEST reduce the potential for data breaches?
A. ISO 9000
B. ISO 20121
C. ISO 26000
D. ISO 27001
Answer: D
NEW QUESTION 296
- (Exam Topic 11)
Which of the following is generally indicative of a replay attack when dealing with biometric authentication?
A. False Acceptance Rate (FAR) is greater than 1 in 100,000
B. False Rejection Rate (FRR) is greater than 5 in 100
C. Inadequately specified templates
D. Exact match
Answer: D
NEW QUESTION 298
- (Exam Topic 11)
If an identification process using a biometric system detects a 100% match between a presented template and a stored template, what is the interpretation of this
result?
A. User error
B. Suspected tampering
C. Accurate identification
D. Unsuccessful identification
Answer: B
NEW QUESTION 299
- (Exam Topic 11)
Which of the following BEST describes a Protection Profile (PP)?
A. A document that expresses an implementation independent set of security requirements for an IT product that meets specific consumer needs.
B. A document that is used to develop an IT security product from its security requirements definition.
C. A document that expresses an implementation dependent set of security requirements which contains only the security functional requirements.
D. A document that represents evaluated products where there is a one-to-one correspondence between a PP and a Security Target (ST).
Answer: A
NEW QUESTION 301
- (Exam Topic 11)
Changes to a Trusted Computing Base (TCB) system that could impact the security posture of that system and trigger a recertification activity are documented in
the
A. security impact analysis.
Your Partner of IT Exam visit - https://www.exambible.com
We recommend you to try the PREMIUM CISSP Dumps From Exambible
https://www.exambible.com/CISSP-exam/ (653 Q&As)
B. structured code review.
C. routine self assessment.
D. cost benefit analysis.
Answer: A
NEW QUESTION 306
- (Exam Topic 11)
Which of the following is the BEST approach to take in order to effectively incorporate the concepts of business continuity into the organization?
A. Ensure end users are aware of the planning activities
B. Validate all regulatory requirements are known and fully documented
C. Develop training and awareness programs that involve all stakeholders
D. Ensure plans do not violate the organization's cultural objectives and goals
Answer: C
NEW QUESTION 308
- (Exam Topic 11)
What should happen when an emergency change to a system must be performed?
A. The change must be given priority at the next meeting of the change control board.
B. Testing and approvals must be performed quickly.
C. The change must be performed immediately and then submitted to the change board.
D. The change is performed and a notation is made in the system log.
Answer: B
NEW QUESTION 309
- (Exam Topic 11)
Which of the following is a reason to use manual patch installation instead of automated patch management?
A. The cost required to install patches will be reduced.
B. The time during which systems will remain vulnerable to an exploit will be decreased.
C. The likelihood of system or application incompatibilities will be decreased.
D. The ability to cover large geographic areas is increased.
Answer: C
NEW QUESTION 314
- (Exam Topic 11)
Which of the following has the GREATEST impact on an organization's security posture?
A. International and country-specific compliance requirements
B. Security violations by employees and contractors
C. Resource constraints due to increasing costs of supporting security
D. Audit findings related to employee access and permissions process
Answer: A
NEW QUESTION 319
- (Exam Topic 11)
How can lessons learned from business continuity training and actual recovery incidents BEST be used?
A. As a means for improvement
B. As alternative options for awareness and training
C. As indicators of a need for policy
D. As business function gap indicators
Answer: A
NEW QUESTION 321
- (Exam Topic 11)
Which of the following is the BEST method to assess the effectiveness of an organization's vulnerability management program?
A. Review automated patch deployment reports
B. Periodic third party vulnerability assessment
C. Automated vulnerability scanning
D. Perform vulnerability scan by security team
Answer: B
NEW QUESTION 324
- (Exam Topic 11)
Which of the following is the MOST likely cause of a non-malicious data breach when the source of the data breach was an un-marked file cabinet containing
Your Partner of IT Exam visit - https://www.exambible.com
We recommend you to try the PREMIUM CISSP Dumps From Exambible
https://www.exambible.com/CISSP-exam/ (653 Q&As)
sensitive documents?
A. Ineffective data classification
B. Lack of data access controls
C. Ineffective identity management controls
D. Lack of Data Loss Prevention (DLP) tools
Answer: A
NEW QUESTION 326
- (Exam Topic 11)
An organization lacks a data retention policy. Of the following, who is the BEST person to consult for such requirement?
A. Application Manager
B. Database Administrator
C. Privacy Officer
D. Finance Manager
Answer: C
NEW QUESTION 327
- (Exam Topic 11)
The World Trade Organization's (WTO) agreement on Trade-Related Aspects of Intellectual Property Rights (TRIPS) requires authors of computer software to be
given the
A. right to refuse or permit commercial rentals.
B. right to disguise the software's geographic origin.
C. ability to tailor security parameters based on location.
D. ability to confirm license authenticity of their works.
Answer: A
NEW QUESTION 332
- (Exam Topic 11)
Which of the following describes the BEST configuration management practice?
A. After installing a new system, the configuration files are copied to a separate back-up system and hashed to detect tampering.
B. After installing a new system, the configuration files are copied to an air-gapped system and hashed to detect tampering.
C. The firewall rules are backed up to an air-gapped system.
D. A baseline configuration is created and maintained for all relevant systems.
Answer: D
NEW QUESTION 336
- (Exam Topic 11)
To protect auditable information, which of the following MUST be configured to only allow read access?
A. Logging configurations
B. Transaction log files
C. User account configurations
D. Access control lists (ACL)
Answer: B
NEW QUESTION 338
- (Exam Topic 11)
Which of the following explains why record destruction requirements are included in a data retention policy?
A. To comply with legal and business requirements
B. To save cost for storage and backup
C. To meet destruction guidelines
D. To validate data ownership
Answer: A
NEW QUESTION 339
- (Exam Topic 11)
Which Web Services Security (WS-Security) specification maintains a single authenticated identity across multiple dissimilar environments? Click on the correct
specification in the image below.
Your Partner of IT Exam visit - https://www.exambible.com
We recommend you to try the PREMIUM CISSP Dumps From Exambible
https://www.exambible.com/CISSP-exam/ (653 Q&As)
A. Mastered
B. Not Mastered
Answer: A
Explanation:
WS-Federation
Reference: Java Web Services: Up and Running” By Martin Kalin page 228
NEW QUESTION 341
- (Exam Topic 11)
Which Web Services Security (WS-Security) specification negotiates how security tokens will be issued,
renewed and validated? Click on the correct specification in the image below.
A. Mastered
B. Not Mastered
Answer: A
Explanation:
WS-Trust
The protocol used for issuing security tokens is based on WS-Trust. WS-Trust is a Web service specification that builds on WS-Security. It describes a protocol
used for issuance, exchange, and validation of security tokens. WS-Trust provides a solution for interoperability by defining a protocol for issuing and exchanging
security tokens, based on token format, namespace, or trust boundaries.
Your Partner of IT Exam visit - https://www.exambible.com
We recommend you to try the PREMIUM CISSP Dumps From Exambible
https://www.exambible.com/CISSP-exam/ (653 Q&As)
Reference: https://msdn.microsoft.com/en-us/library/ff650503.aspx
NEW QUESTION 342
- (Exam Topic 11)
Which of the following controls is the FIRST step in protecting privacy in an information system?
A. Data Redaction
B. Data Minimization
C. Data Encryption
D. Data Storage
Answer: B
NEW QUESTION 346
- (Exam Topic 11)
Software Code signing is used as a method of verifying what security concept?
A. Integrity
B. Confidentiality
C. Availability
D. Access Control
Answer: A
NEW QUESTION 350
- (Exam Topic 11)
An organization has decided to contract with a cloud-based service provider to leverage their identity as a service offering. They will use Open Authentication
(OAuth) 2.0 to authenticate external users to the organization's services.
As part of the authentication process, which of the following must the end user provide?
A. An access token
B. A username and password
C. A username
D. A password
Answer: A
NEW QUESTION 354
- (Exam Topic 11)
The PRIMARY outcome of a certification process is that it provides documented
A. system weaknesses for remediation.
B. standards for security assessment, testing, and process evaluation.
C. interconnected systems and their implemented security controls.
D. security analyses needed to make a risk-based decision.
Answer: D
NEW QUESTION 358
- (Exam Topic 11)
What security risk does the role-based access approach mitigate MOST effectively?
A. Excessive access rights to systems and data
B. Segregation of duties conflicts within business applications
C. Lack of system administrator activity monitoring
D. Inappropriate access requests
Answer: A
NEW QUESTION 359
- (Exam Topic 11)
Discretionary Access Control (DAC) is based on which of the following?
A. Information source and destination
B. Identification of subjects and objects
C. Security labels and privileges
D. Standards and guidelines
Answer: B
NEW QUESTION 364
- (Exam Topic 11)
Which of the following questions can be answered using user and group entitlement reporting?
A. When a particular file was last accessed by a user
B. Change control activities for a particular group of users
Your Partner of IT Exam visit - https://www.exambible.com
We recommend you to try the PREMIUM CISSP Dumps From Exambible
https://www.exambible.com/CISSP-exam/ (653 Q&As)
C. The number of failed login attempts for a particular user
D. Where does a particular user have access within the network
Answer: D
NEW QUESTION 369
- (Exam Topic 11)
When in the Software Development Life Cycle (SDLC) MUST software security functional requirements be defined?
A. After the system preliminary design has been developed and the data security categorization has been performed
B. After the business functional analysis and the data security categorization have been performed
C. After the vulnerability analysis has been performed and before the system detailed design begins
D. After the system preliminary design has been developed and before the data security categorization begins
Answer: B
NEW QUESTION 371
- (Exam Topic 11)
What is the GREATEST challenge of an agent-based patch management solution?
A. Time to gather vulnerability information about the computers in the program
B. Requires that software be installed, running, and managed on all participating computers
C. The significant amount of network bandwidth while scanning computers
D. The consistency of distributing patches to each participating computer
Answer: B
NEW QUESTION 374
- (Exam Topic 11)
Which of the following is a recommended alternative to an integrated email encryption system?
A. Sign emails containing sensitive data
B. Send sensitive data in separate emails
C. Encrypt sensitive data separately in attachments
D. Store sensitive information to be sent in encrypted drives
Answer: C
NEW QUESTION 378
- (Exam Topic 11)
Which of the following activities BEST identifies operational problems, security misconfigurations, and malicious attacks?
A. Policy documentation review
B. Authentication validation
C. Periodic log reviews
D. Interface testing
Answer: C
NEW QUESTION 381
- (Exam Topic 11)
In the Open System Interconnection (OSI) model, which layer is responsible for the transmission of binary data over a communications network?
A. Application Layer
B. Physical Layer
C. Data-Link Layer
D. Network Layer
Answer: B
NEW QUESTION 385
- (Exam Topic 11)
Which of the following secures web transactions at the Transport Layer?
A. Secure HyperText Transfer Protocol (S-HTTP)
B. Secure Sockets Layer (SSL)
C. Socket Security (SOCKS)
D. Secure Shell (SSH)
Answer: B
NEW QUESTION 389
- (Exam Topic 11)
Are companies legally required to report all data breaches?
Your Partner of IT Exam visit - https://www.exambible.com
We recommend you to try the PREMIUM CISSP Dumps From Exambible
https://www.exambible.com/CISSP-exam/ (653 Q&As)
A. No, different jurisdictions have different rules.
B. No, not if the data is encrypted.
C. No, companies' codes of ethics don't require it.
D. No, only if the breach had a material impact.
Answer: A
NEW QUESTION 393
- (Exam Topic 11)
While investigating a malicious event, only six days of audit logs from the last month were available. What policy should be updated to address this problem?
A. Retention
B. Reporting
C. Recovery
D. Remediation
Answer: A
NEW QUESTION 396
- (Exam Topic 11)
The BEST method to mitigate the risk of a dictionary attack on a system is to
A. use a hardware token.
B. use complex passphrases.
C. implement password history.
D. encrypt the access control list (ACL).
Answer: A
NEW QUESTION 400
- (Exam Topic 12)
A proxy firewall operates at what layer of the Open System Interconnection (OSI) model?
A. Transport
B. Data link
C. Network
D. Application
Answer: D
NEW QUESTION 404
- (Exam Topic 12)
The restoration priorities of a Disaster Recovery Plan (DRP) are based on which of the following documents?
A. Service Level Agreement (SLA)
B. Business Continuity Plan (BCP)
C. Business Impact Analysis (BIA)
D. Crisis management plan
Answer: B
NEW QUESTION 405
- (Exam Topic 12)
A company has decided that they need to begin maintaining assets deployed in the enterprise. What approach should be followed to determine and maintain
ownership information to bring the company into compliance?
A. Enterprise asset management framework
B. Asset baseline using commercial off the shelf software
C. Asset ownership database using domain login records
D. A script to report active user logins on assets
Answer: A
NEW QUESTION 410
- (Exam Topic 12)
Which Radio Frequency Interference (RFI) phenomenon associated with bundled cable runs can create information leakage?
A. Transference
B. Covert channel
C. Bleeding
D. Cross-talk
Answer: D
NEW QUESTION 415
Your Partner of IT Exam visit - https://www.exambible.com
We recommend you to try the PREMIUM CISSP Dumps From Exambible
https://www.exambible.com/CISSP-exam/ (653 Q&As)
- (Exam Topic 12)
How should an organization determine the priority of its remediation efforts after a vulnerability assessment has been conducted?
A. Use an impact-based approach.
B. Use a risk-based approach.
C. Use a criticality-based approach.
D. Use a threat-based approach.
Answer: B
NEW QUESTION 417
- (Exam Topic 12)
The PRIMARY outcome of a certification process is that it provides documented
A. interconnected systems and their implemented security controls.
B. standards for security assessment, testing, and process evaluation.
C. system weakness for remediation.
D. security analyses needed to make a risk-based decision.
Answer: D
NEW QUESTION 421
- (Exam Topic 12)
Which of the following restricts the ability of an individual to carry out all the steps of a particular process?
A. Job rotation
B. Separation of duties
C. Least privilege
D. Mandatory vacations
Answer: B
NEW QUESTION 424
- (Exam Topic 12)
During which of the following processes is least privilege implemented for a user account?
A. Provision
B. Approve
C. Request
D. Review
Answer: A
NEW QUESTION 426
- (Exam Topic 12)
Which of the following is a document that identifies each item seized in an investigation, including date and time seized, full name and signature or initials of the
person who seized the item, and a detailed description of the item?
A. Property book
B. Chain of custody form
C. Search warrant return
D. Evidence tag
Answer: D
NEW QUESTION 428
- (Exam Topic 12)
Which of the following media sanitization techniques is MOST likely to be effective for an organization using public cloud services?
A. Low-level formatting
B. Secure-grade overwrite erasure
C. Cryptographic erasure
D. Drive degaussing
Answer: B
NEW QUESTION 433
- (Exam Topic 12)
What operations role is responsible for protecting the enterprise from corrupt or contaminated media?
A. Information security practitioner
B. Information librarian
C. Computer operator
D. Network administrator
Answer: B
Your Partner of IT Exam visit - https://www.exambible.com
We recommend you to try the PREMIUM CISSP Dumps From Exambible
https://www.exambible.com/CISSP-exam/ (653 Q&As)
NEW QUESTION 435
- (Exam Topic 12)
How does a Host Based Intrusion Detection System (HIDS) identify a potential attack?
A. Examines log messages or other indications on the system.
B. Monitors alarms sent to the system administrator
C. Matches traffic patterns to virus signature files
D. Examines the Access Control List (ACL)
Answer: C
NEW QUESTION 438
- (Exam Topic 12)
When writing security assessment procedures, what is the MAIN purpose of the test outputs and reports?
A. To force the software to fail and document the process
B. To find areas of compromise in confidentiality and integrity
C. To allow for objective pass or fail decisions
D. To identify malware or hidden code within the test results
Answer: C
NEW QUESTION 439
- (Exam Topic 12)
Which of the following is the PRIMARY benefit of a formalized information classification program?
A. It minimized system logging requirements.
B. It supports risk assessment.
C. It reduces asset vulnerabilities.
D. It drives audit processes.
Answer: B
NEW QUESTION 443
- (Exam Topic 12)
Which of the following BEST represents the concept of least privilege?
A. Access to an object is denied unless access is specifically allowed.
B. Access to an object is only available to the owner.
C. Access to an object is allowed unless it is protected by the information security policy.
D. Access to an object is only allowed to authenticated users via an Access Control List (ACL).
Answer: A
NEW QUESTION 447
- (Exam Topic 12)
What is an advantage of Elliptic Curve Cryptography (ECC)?
A. Cryptographic approach that does not require a fixed-length key
B. Military-strength security that does not depend upon secrecy of the algorithm
C. Opportunity to use shorter keys for the same level of security
D. Ability to use much longer keys for greater security
Answer: C
NEW QUESTION 451
- (Exam Topic 12)
Which of the following is the MOST important consideration when developing a Disaster Recovery Plan (DRP)?
A. The dynamic reconfiguration of systems
B. The cost of downtime
C. A recovery strategy for all business processes
D. A containment strategy
Answer: C
NEW QUESTION 453
- (Exam Topic 12)
Which of the following are effective countermeasures against passive network-layer attacks?
A. Federated security and authenticated access controls
B. Trusted software development and run time integrity controls
C. Encryption and security enabled applications
D. Enclave boundary protection and computing environment defense
Answer: C
Your Partner of IT Exam visit - https://www.exambible.com
We recommend you to try the PREMIUM CISSP Dumps From Exambible
https://www.exambible.com/CISSP-exam/ (653 Q&As)
NEW QUESTION 456
- (Exam Topic 12)
When designing a vulnerability test, which one of the following is likely to give the BEST indication of what components currently operate on the network?
A. Topology diagrams
B. Mapping tools
C. Asset register
D. Ping testing
Answer: D
NEW QUESTION 459
- (Exam Topic 12)
What is the MOST important element when considering the effectiveness of a training program for Business Continuity (BC) and Disaster Recovery (DR)?
A. Management support
B. Consideration of organizational need
C. Technology used for delivery
D. Target audience
Answer: B
NEW QUESTION 464
- (Exam Topic 12)
Which of the following is the PRIMARY reason to perform regular vulnerability scanning of an organization network?
A. Provide vulnerability reports to management.
B. Validate vulnerability remediation activities.
C. Prevent attackers from discovering vulnerabilities.
D. Remediate known vulnerabilities.
Answer: B
NEW QUESTION 468
- (Exam Topic 13)
Which of the following is the BEST reason for writing an information security policy?
A. To support information security governance
B. To reduce the number of audit findings
C. To deter attackers
D. To implement effective information security controls
Answer: A
NEW QUESTION 471
- (Exam Topic 13)
Which of the following steps should be performed FIRST when purchasing Commercial Off-The-Shelf (COTS) software?
A. undergo a security assessment as part of authorization process
B. establish a risk management strategy
C. harden the hosting server, and perform hosting and application vulnerability scans
D. establish policies and procedures on system and services acquisition
Answer: D
NEW QUESTION 474
- (Exam Topic 13)
Why is planning in Disaster Recovery (DR) an interactive process?
A. It details off-site storage plans
B. It identifies omissions in the plan
C. It defines the objectives of the plan
D. It forms part of the awareness process
Answer: B
NEW QUESTION 475
- (Exam Topic 13)
What capability would typically be included in a commercially available software package designed for access control?
A. Password encryption
B. File encryption
C. Source library control
D. File authentication
Answer:
Your Partner of IT Exam visit - https://www.exambible.com
We recommend you to try the PREMIUM CISSP Dumps From Exambible
https://www.exambible.com/CISSP-exam/ (653 Q&As)
NEW QUESTION 477
- (Exam Topic 13)
Which of the following is a direct monetary cost of a security incident?
A. Morale
B. Reputation
C. Equipment
D. Information
Answer: C
NEW QUESTION 478
- (Exam Topic 13)
An international medical organization with headquarters in the United States (US) and branches in France wants to test a drug in both countries. What is the
organization allowed to do with the test subject’s data?
A. Aggregate it into one database in the US
B. Process it in the US, but store the information in France
C. Share it with a third party
D. Anonymize it and process it in the US
Answer: C
Explanation:
Section: Security Assessment and Testing
NEW QUESTION 481
- (Exam Topic 13)
Even though a particular digital watermark is difficult to detect, which of the following represents a way it might still be inadvertently removed?
A. Truncating parts of the data
B. Applying Access Control Lists (ACL) to the data
C. Appending non-watermarked data to watermarked data
D. Storing the data in a database
Answer: A
NEW QUESTION 482
- (Exam Topic 13)
Unused space in a disk cluster is important in media analysis because it may contain which of the following?
A. Residual data that has not been overwritten
B. Hidden viruses and Trojan horses
C. Information about the File Allocation table (FAT)
D. Information about patches and upgrades to the system
Answer: A
NEW QUESTION 483
- (Exam Topic 13)
A Denial of Service (DoS) attack on a syslog server exploits weakness in which of the following protocols?
A. Point-to-Point Protocol (PPP) and Internet Control Message Protocol (ICMP)
B. Transmission Control Protocol (TCP) and User Datagram Protocol (UDP)
C. Address Resolution Protocol (ARP) and Reverse Address Resolution Protocol (RARP)
D. Transport Layer Security (TLS) and Secure Sockets Layer (SSL)
Answer: B
NEW QUESTION 488
- (Exam Topic 13)
The design review for an application has been completed and is ready for release. What technique should an organization use to assure application integrity?
A. Application authentication
B. Input validation
C. Digital signing
D. Device encryption
Answer: C
NEW QUESTION 492
- (Exam Topic 13)
Which of the following mechanisms will BEST prevent a Cross-Site Request Forgery (CSRF) attack?
Your Partner of IT Exam visit - https://www.exambible.com
We recommend you to try the PREMIUM CISSP Dumps From Exambible
https://www.exambible.com/CISSP-exam/ (653 Q&As)
A. parameterized database queries
B. whitelist input values
C. synchronized session tokens
D. use strong ciphers
Answer: C
NEW QUESTION 497
- (Exam Topic 13)
Which of the following is a characteristic of an internal audit?
A. An internal audit is typically shorter in duration than an external audit.
B. The internal audit schedule is published to the organization well in advance.
C. The internal auditor reports to the Information Technology (IT) department
D. Management is responsible for reading and acting upon the internal audit results
Answer: D
NEW QUESTION 500
- (Exam Topic 13)
An organization has outsourced its financial transaction processing to a Cloud Service Provider (CSP) who will provide them with Software as a Service (SaaS). If
there was a data breach who is responsible for monetary losses?
A. The Data Protection Authority (DPA)
B. The Cloud Service Provider (CSP)
C. The application developers
D. The data owner
Answer: B
NEW QUESTION 501
- (Exam Topic 13)
A security practitioner is tasked with securing the organization’s Wireless Access Points (WAP). Which of these is the MOST effective way of restricting this
environment to authorized users?
A. Enable Wi-Fi Protected Access 2 (WPA2) encryption on the wireless access point
B. Disable the broadcast of the Service Set Identifier (SSID) name
C. Change the name of the Service Set Identifier (SSID) to a random value not associated with theorganization
D. Create Access Control Lists (ACL) based on Media Access Control (MAC) addresses
Answer: D
NEW QUESTION 505
- (Exam Topic 13)
What is the MAIN purpose of a change management policy?
A. To assure management that changes to the Information Technology (IT) infrastructure are necessary
B. To identify the changes that may be made to the Information Technology (IT) infrastructure
C. To verify that changes to the Information Technology (IT) infrastructure are approved
D. To determine the necessary for implementing modifications to the Information Technology (IT) infrastructure
Answer: C
Explanation:
Section: Security Operations
NEW QUESTION 506
- (Exam Topic 13)
When developing solutions for mobile devices, in which phase of the Software Development Life Cycle (SDLC) should technical limitations related to devices be
specified?
A. Implementation
B. Initiation
C. Review
D. Development
Answer: A
NEW QUESTION 510
- (Exam Topic 13)
What can happen when an Intrusion Detection System (IDS) is installed inside a firewall-protected internal network?
A. The IDS can detect failed administrator logon attempts from servers.
B. The IDS can increase the number of packets to analyze.
C. The firewall can increase the number of packets to analyze.
D. The firewall can detect failed administrator login attempts from servers
Your Partner of IT Exam visit - https://www.exambible.com
We recommend you to try the PREMIUM CISSP Dumps From Exambible
https://www.exambible.com/CISSP-exam/ (653 Q&As)
Answer: A
NEW QUESTION 513
- (Exam Topic 13)
Match the functional roles in an external audit to their responsibilities. Drag each role on the left to its corresponding responsibility on the right. Select and Place:
A. Mastered
B. Not Mastered
Answer: A
Explanation:
NEW QUESTION 514
- (Exam Topic 13)
In a change-controlled environment, which of the following is MOST likely to lead to unauthorized changes to production programs?
A. Modifying source code without approval
B. Promoting programs to production without approval
C. Developers checking out source code without approval
D. Developers using Rapid Application Development (RAD) methodologies without approval
Answer: B
NEW QUESTION 515
- (Exam Topic 13)
What is the second step in the identity and access provisioning lifecycle?
A. Provisioning
B. Review
C. Approval
D. Revocation
Answer: B
NEW QUESTION 519
- (Exam Topic 13)
Which of the following is MOST appropriate for protecting confidentially of data stored on a hard drive?
A. Triple Data Encryption Standard (3DES)
B. Advanced Encryption Standard (AES)
Your Partner of IT Exam visit - https://www.exambible.com
We recommend you to try the PREMIUM CISSP Dumps From Exambible
https://www.exambible.com/CISSP-exam/ (653 Q&As)
C. Message Digest 5 (MD5)
D. Secure Hash Algorithm 2(SHA-2)
Answer: B
NEW QUESTION 520
- (Exam Topic 13)
What is the expected outcome of security awareness in support of a security awareness program?
A. Awareness activities should be used to focus on security concerns and respond to those concerns accordingly
B. Awareness is not an activity or part of the training but rather a state of persistence to support the program
C. Awareness is trainin
D. The purpose of awareness presentations is to broaden attention of security.
E. Awareness is not trainin
F. The purpose of awareness presentation is simply to focus attention on security.
Answer: C
NEW QUESTION 522
- (Exam Topic 13)
An Information Technology (IT) professional attends a cybersecurity seminar on current incident response methodologies.
What code of ethics canon is being observed?
A. Provide diligent and competent service to principals
B. Protect society, the commonwealth, and the infrastructure
C. Advance and protect the profession
D. Act honorable, honesty, justly, responsibly, and legally
Answer: C
Explanation:
Section: Security Operations
NEW QUESTION 527
- (Exam Topic 13)
Which of the following MUST be scalable to address security concerns raised by the integration of third-party identity services?
A. Mandatory Access Controls (MAC)
B. Enterprise security architecture
C. Enterprise security procedures
D. Role Based Access Controls (RBAC)
Answer: D
NEW QUESTION 531
- (Exam Topic 13)
When developing a business case for updating a security program, the security program owner MUST do
which of the following?
A. Identify relevant metrics
B. Prepare performance test reports
C. Obtain resources for the security program
D. Interview executive management
Answer: A
NEW QUESTION 534
- (Exam Topic 13)
Digital certificates used in Transport Layer Security (TLS) support which of the following?
A. Information input validation
B. Non-repudiation controls and data encryption
C. Multi-Factor Authentication (MFA)
D. Server identity and data confidentially
Answer: D
NEW QUESTION 537
- (Exam Topic 13)
A chemical plan wants to upgrade the Industrial Control System (ICS) to transmit data using Ethernet instead of RS422. The project manager wants to simplify
administration and maintenance by utilizing the office network infrastructure and staff to implement this upgrade.
Which of the following is the GREATEST impact on security for the network?
A. The network administrators have no knowledge of ICS
B. The ICS is now accessible from the office network
C. The ICS does not support the office password policy
D. RS422 is more reliable than Ethernet
Your Partner of IT Exam visit - https://www.exambible.com
We recommend you to try the PREMIUM CISSP Dumps From Exambible
https://www.exambible.com/CISSP-exam/ (653 Q&As)
Answer: B
NEW QUESTION 540
- (Exam Topic 13)
Which of the following is a responsibility of a data steward?
A. Ensure alignment of the data governance effort to the organization.
B. Conduct data governance interviews with the organization.
C. Document data governance requirements.
D. Ensure that data decisions and impacts are communicated to the organization.
Answer: A
NEW QUESTION 541
- (Exam Topic 13)
What does a Synchronous (SYN) flood attack do?
A. Forces Transmission Control Protocol /Internet Protocol (TCP/IP) connections into a reset state
B. Establishes many new Transmission Control Protocol / Internet Protocol (TCP/IP) connections
C. Empties the queue of pending Transmission Control Protocol /Internet Protocol (TCP/IP) requests
D. Exceeds the limits for new Transmission Control Protocol /Internet Protocol (TCP/IP) connections
Answer: B
NEW QUESTION 544
- (Exam Topic 13)
An organization has discovered that users are visiting unauthorized websites using anonymous proxies. Which of the following is the BEST way to prevent future
occurrences?
A. Remove the anonymity from the proxy
B. Analyze Internet Protocol (IP) traffic for proxy requests
C. Disable the proxy server on the firewall
D. Block the Internet Protocol (IP) address of known anonymous proxies
Answer: C
NEW QUESTION 549
- (Exam Topic 13)
Which of the BEST internationally recognized standard for evaluating security products and systems?
A. Payment Card Industry Data Security Standards (PCI-DSS)
B. Common Criteria (CC)
C. Health Insurance Portability and Accountability Act (HIPAA)
D. Sarbanes-Oxley (SOX)
Answer: B
NEW QUESTION 550
- (Exam Topic 13)
Extensible Authentication Protocol-Message Digest 5 (EAP-MD5) only provides which of the following?
A. Mutual authentication
B. Server authentication
C. User authentication
D. Streaming ciphertext data
Answer: C
NEW QUESTION 553
- (Exam Topic 13)
As part of an application penetration testing process, session hijacking can BEST be achieved by which of the following?
A. Known-plaintext attack
B. Denial of Service (DoS)
C. Cookie manipulation
D. Structured Query Language (SQL) injection
Answer: D
Explanation:
Section: Security Assessment and Testing
NEW QUESTION 555
- (Exam Topic 13)
Who would be the BEST person to approve an organizations information security policy?
Your Partner of IT Exam visit - https://www.exambible.com
We recommend you to try the PREMIUM CISSP Dumps From Exambible
https://www.exambible.com/CISSP-exam/ (653 Q&As)
A. Chief Information Officer (CIO)
B. Chief Information Security Officer (CISO)
C. Chief internal auditor
D. Chief Executive Officer (CEO)
Answer: B
Explanation:
Section: Security Operations
NEW QUESTION 557
- (Exam Topic 13)
Which of the following would BEST support effective testing of patch compatibility when patches are applied to an organization’s systems?
A. Standardized configurations for devices
B. Standardized patch testing equipment
C. Automated system patching
D. Management support for patching
Answer: A
Explanation:
Section: Security Assessment and Testing
NEW QUESTION 562
- (Exam Topic 13)
The MAIN use of Layer 2 Tunneling Protocol (L2TP) is to tunnel data
A. through a firewall at the Session layer
B. through a firewall at the Transport layer
C. in the Point-to-Point Protocol (PPP)
D. in the Payload Compression Protocol (PCP)
Answer: C
NEW QUESTION 567
- (Exam Topic 13)
Which of the following techniques is known to be effective in spotting resource exhaustion problems, especially with resources such as processes, memory, and
connections?
A. Automated dynamic analysis
B. Automated static analysis
C. Manual code review
D. Fuzzing
Answer: A
NEW QUESTION 571
......
Your Partner of IT Exam visit - https://www.exambible.com
We recommend you to try the PREMIUM CISSP Dumps From Exambible
https://www.exambible.com/CISSP-exam/ (653 Q&As)
About Exambible
Your Partner of IT Exam
Found in 1998
Exambible is a company specialized on providing high quality IT exam practice study materials, especially Cisco CCNA, CCDA,
CCNP, CCIE, Checkpoint CCSE, CompTIA A+, Network+ certification practice exams and so on. We guarantee that the
candidates will not only pass any IT exam at the first attempt but also get profound understanding about the certificates they have
got. There are so many alike companies in this industry, however, Exambible has its unique advantages that other companies could
not achieve.
Our Advances
* 99.9% Uptime
All examinations will be up to date.
* 24/7 Quality Support
We will provide service round the clock.
* 100% Pass Rate
Our guarantee that you will pass the exam.
* Unique Gurantee
If you do not pass the exam at the first time, we will not only arrange FULL REFUND for you, but also provide you another
exam of your claim, ABSOLUTELY FREE!
Your Partner of IT Exam visit - https://www.exambible.com
We recommend you to try the PREMIUM CISSP Dumps From Exambible
https://www.exambible.com/CISSP-exam/ (653 Q&As)
NEW QUESTION 1
- (Exam Topic 1)
An important principle of defense in depth is that achieving information security requires a balanced focus on which PRIMARY elements?
A. Development, testing, and deployment
B. Prevention, detection, and remediation
C. People, technology, and operations
D. Certification, accreditation, and monitoring
Answer: C
NEW QUESTION 2
- (Exam Topic 1)
Which of the following represents the GREATEST risk to data confidentiality?
A. Network redundancies are not implemented
B. Security awareness training is not completed
C. Backup tapes are generated unencrypted
D. Users have administrative privileges
Answer: C
NEW QUESTION 3
- (Exam Topic 1)
Intellectual property rights are PRIMARY concerned with which of the following?
A. Owner’s ability to realize financial gain
B. Owner’s ability to maintain copyright
C. Right of the owner to enjoy their creation
D. Right of the owner to control delivery method
Answer: D
NEW QUESTION 4
- (Exam Topic 2)
When implementing a data classification program, why is it important to avoid too much granularity?
A. The process will require too many resources
B. It will be difficult to apply to both hardware and software
C. It will be difficult to assign ownership to the data
D. The process will be perceived as having value
Answer: A
NEW QUESTION 5
- (Exam Topic 2)
Which of the following is MOST important when assigning ownership of an asset to a department?
A. The department should report to the business owner
B. Ownership of the asset should be periodically reviewed
C. Individual accountability should be ensured
D. All members should be trained on their responsibilities
Answer: B
NEW QUESTION 6
- (Exam Topic 2)
Which of the following BEST describes the responsibilities of a data owner?
A. Ensuring quality and validation through periodic audits for ongoing data integrity
B. Maintaining fundamental data availability, including data storage and archiving
C. Ensuring accessibility to appropriate users, maintaining appropriate levels of data security
D. Determining the impact the information has on the mission of the organization
Answer: C
NEW QUESTION 7
- (Exam Topic 3)
Which of the following mobile code security models relies only on trust?
A. Code signing
B. Class authentication
C. Sandboxing
D. Type safety
Your Partner of IT Exam visit - https://www.exambible.com
We recommend you to try the PREMIUM CISSP Dumps From Exambible
https://www.exambible.com/CISSP-exam/ (653 Q&As)
Answer: A
NEW QUESTION 8
- (Exam Topic 3)
Which security service is served by the process of encryption plaintext with the sender’s private key and decrypting cipher text with the sender’s public key?
A. Confidentiality
B. Integrity
C. Identification
D. Availability
Answer: A
NEW QUESTION 9
- (Exam Topic 3)
The use of private and public encryption keys is fundamental in the implementation of which of the following?
A. Diffie-Hellman algorithm
B. Secure Sockets Layer (SSL)
C. Advanced Encryption Standard (AES)
D. Message Digest 5 (MD5)
Answer: A
NEW QUESTION 10
- (Exam Topic 3)
Who in the organization is accountable for classification of data information assets?
A. Data owner
B. Data architect
C. Chief Information Security Officer (CISO)
D. Chief Information Officer (CIO)
Answer: A
NEW QUESTION 10
- (Exam Topic 3)
What is the second phase of Public Key Infrastructure (PKI) key/certificate life-cycle management?
A. Implementation Phase
B. Initialization Phase
C. Cancellation Phase
D. Issued Phase
Answer: D
NEW QUESTION 13
- (Exam Topic 4)
Which of the following operates at the Network Layer of the Open System Interconnection (OSI) model?
A. Packet filtering
B. Port services filtering
C. Content filtering
D. Application access control
Answer: A
NEW QUESTION 14
- (Exam Topic 5)
A manufacturing organization wants to establish a Federated Identity Management (FIM) system with its 20 different supplier companies. Which of the following is
the BEST solution for the manufacturing organization?
A. Trusted third-party certification
B. Lightweight Directory Access Protocol (LDAP)
C. Security Assertion Markup language (SAML)
D. Cross-certification
Answer: C
NEW QUESTION 18
- (Exam Topic 7)
Recovery strategies of a Disaster Recovery planning (DRIP) MUST be aligned with which of the following?
A. Hardware and software compatibility issues
B. Applications’ critically and downtime tolerance
Your Partner of IT Exam visit - https://www.exambible.com
We recommend you to try the PREMIUM CISSP Dumps From Exambible
https://www.exambible.com/CISSP-exam/ (653 Q&As)
C. Budget constraints and requirements
D. Cost/benefit analysis and business objectives
Answer: D
NEW QUESTION 20
- (Exam Topic 7)
What would be the MOST cost effective solution for a Disaster Recovery (DR) site given that the organization’s systems cannot be unavailable for more than 24
hours?
A. Warm site
B. Hot site
C. Mirror site
D. Cold site
Answer: A
NEW QUESTION 23
- (Exam Topic 7)
An organization is found lacking the ability to properly establish performance indicators for its Web hosting solution during an audit. What would be the MOST
probable cause?
A. Absence of a Business Intelligence (BI) solution
B. Inadequate cost modeling
C. Improper deployment of the Service-Oriented Architecture (SOA)
D. Insufficient Service Level Agreement (SLA)
Answer: D
NEW QUESTION 28
- (Exam Topic 7)
Which of the following types of business continuity tests includes assessment of resilience to internal and external risks without endangering live operations?
A. Walkthrough
B. Simulation
C. Parallel
D. White box
Answer: B
NEW QUESTION 30
- (Exam Topic 8)
When in the Software Development Life Cycle (SDLC) MUST software security functional requirements be defined?
A. After the system preliminary design has been developed and the data security categorization has been performed
B. After the vulnerability analysis has been performed and before the system detailed design begins
C. After the system preliminary design has been developed and before the data security categorization begins
D. After the business functional analysis and the data security categorization have been performed
Answer: C
NEW QUESTION 34
- (Exam Topic 8)
The configuration management and control task of the certification and accreditation process is incorporated in which phase of the System Development Life Cycle
(SDLC)?
A. System acquisition and development
B. System operations and maintenance
C. System initiation
D. System implementation
Answer: A
Explanation:
Reference https://online.concordiA.edu/computer-science/system-development-life-cycle-phases/
NEW QUESTION 37
- (Exam Topic 9)
Which of the following is a method used to prevent Structured Query Language (SQL) injection attacks?
A. Data compression
B. Data classification
C. Data warehousing
D. Data validation
Answer: D
Your Partner of IT Exam visit - https://www.exambible.com
We recommend you to try the PREMIUM CISSP Dumps From Exambible
https://www.exambible.com/CISSP-exam/ (653 Q&As)
NEW QUESTION 42
- (Exam Topic 9)
Which of the following is ensured when hashing files during chain of custody handling?
A. Availability
B. Accountability
C. Integrity
D. Non-repudiation
Answer: C
NEW QUESTION 43
- (Exam Topic 9)
Which of the following is a limitation of the Common Vulnerability Scoring System (CVSS) as it relates to conducting code review?
A. It has normalized severity ratings.
B. It has many worksheets and practices to implement.
C. It aims to calculate the risk of published vulnerabilities.
D. It requires a robust risk management framework to be put in place.
Answer: C
NEW QUESTION 45
- (Exam Topic 9)
To prevent inadvertent disclosure of restricted information, which of the following would be the LEAST effective process for eliminating data prior to the media
being discarded?
A. Multiple-pass overwriting
B. Degaussing
C. High-level formatting
D. Physical destruction
Answer: C
NEW QUESTION 46
- (Exam Topic 9)
Which one of the following is a threat related to the use of web-based client side input validation?
A. Users would be able to alter the input after validation has occurred
B. The web server would not be able to validate the input after transmission
C. The client system could receive invalid input from the web server
D. The web server would not be able to receive invalid input from the client
Answer: A
NEW QUESTION 50
- (Exam Topic 9)
A vulnerability test on an Information System (IS) is conducted to
A. exploit security weaknesses in the IS.
B. measure system performance on systems with weak security controls.
C. evaluate the effectiveness of security controls.
D. prepare for Disaster Recovery (DR) planning.
Answer: C
NEW QUESTION 53
- (Exam Topic 9)
An organization allows ping traffic into and out of their network. An attacker has installed a program on the network that uses the payload portion of the ping packet
to move data into and out of the network. What type of attack has the organization experienced?
A. Data leakage
B. Unfiltered channel
C. Data emanation
D. Covert channel
Answer: D
NEW QUESTION 55
- (Exam Topic 9)
Which of the following is a physical security control that protects Automated Teller Machines (ATM) from skimming?
A. Anti-tampering
B. Secure card reader
C. Radio Frequency (RF) scanner
D. Intrusion Prevention System (IPS)
Your Partner of IT Exam visit - https://www.exambible.com
We recommend you to try the PREMIUM CISSP Dumps From Exambible
https://www.exambible.com/CISSP-exam/ (653 Q&As)
Answer: A
NEW QUESTION 56
- (Exam Topic 9)
What technique BEST describes antivirus software that detects viruses by watching anomalous behavior?
A. Signature
B. Inference
C. Induction
D. Heuristic
Answer: D
NEW QUESTION 58
- (Exam Topic 9)
Which one of the following transmission media is MOST effective in preventing data interception?
A. Microwave
B. Twisted-pair
C. Fiber optic
D. Coaxial cable
Answer: C
NEW QUESTION 60
- (Exam Topic 9)
Which one of the following considerations has the LEAST impact when considering transmission security?
A. Network availability
B. Data integrity
C. Network bandwidth
D. Node locations
Answer: C
NEW QUESTION 62
- (Exam Topic 9)
The stringency of an Information Technology (IT) security assessment will be determined by the
A. system's past security record.
B. size of the system's database.
C. sensitivity of the system's datA.
D. age of the system.
Answer: C
NEW QUESTION 66
- (Exam Topic 9)
Which of the following is considered best practice for preventing e-mail spoofing?
A. Spam filtering
B. Cryptographic signature
C. Uniform Resource Locator (URL) filtering
D. Reverse Domain Name Service (DNS) lookup
Answer: B
NEW QUESTION 71
- (Exam Topic 9)
Including a Trusted Platform Module (TPM) in the design of a computer system is an example of a technique to what?
A. Interface with the Public Key Infrastructure (PKI)
B. Improve the quality of security software
C. Prevent Denial of Service (DoS) attacks
D. Establish a secure initial state
Answer: D
NEW QUESTION 76
- (Exam Topic 9)
An advantage of link encryption in a communications network is that it
A. makes key management and distribution easier.
B. protects data from start to finish through the entire network.
C. improves the efficiency of the transmission.
Your Partner of IT Exam visit - https://www.exambible.com
We recommend you to try the PREMIUM CISSP Dumps From Exambible
https://www.exambible.com/CISSP-exam/ (653 Q&As)
D. encrypts all information, including headers and routing information.
Answer: D
NEW QUESTION 79
- (Exam Topic 9)
Which of the following is an authentication protocol in which a new random number is generated uniquely for each login session?
A. Challenge Handshake Authentication Protocol (CHAP)
B. Point-to-Point Protocol (PPP)
C. Extensible Authentication Protocol (EAP)
D. Password Authentication Protocol (PAP)
Answer: A
NEW QUESTION 84
- (Exam Topic 9)
As one component of a physical security system, an Electronic Access Control (EAC) token is BEST known for its ability to
A. overcome the problems of key assignments.
B. monitor the opening of windows and doors.
C. trigger alarms when intruders are detected.
D. lock down a facility during an emergency.
Answer: A
NEW QUESTION 88
- (Exam Topic 9)
What security management control is MOST often broken by collusion?
A. Job rotation
B. Separation of duties
C. Least privilege model
D. Increased monitoring
Answer: B
NEW QUESTION 91
- (Exam Topic 9)
When building a data center, site location and construction factors that increase the level of vulnerability to physical threats include
A. hardened building construction with consideration of seismic factors.
B. adequate distance from and lack of access to adjacent buildings.
C. curved roads approaching the data center.
D. proximity to high crime areas of the city.
Answer: D
NEW QUESTION 92
- (Exam Topic 9)
Which of the following does the Encapsulating Security Payload (ESP) provide?
A. Authorization and integrity
B. Availability and integrity
C. Integrity and confidentiality
D. Authorization and confidentiality
Answer: C
NEW QUESTION 96
- (Exam Topic 9)
Which one of the following is the MOST important in designing a biometric access system if it is essential that no one other than authorized individuals are
admitted?
A. False Acceptance Rate (FAR)
B. False Rejection Rate (FRR)
C. Crossover Error Rate (CER)
D. Rejection Error Rate
Answer: A
NEW QUESTION 97
- (Exam Topic 9)
An organization is selecting a service provider to assist in the consolidation of multiple computing sites including development, implementation and ongoing
support of various computer systems. Which of the following MUST be verified by the Information Security Department?
Your Partner of IT Exam visit - https://www.exambible.com
We recommend you to try the PREMIUM CISSP Dumps From Exambible
https://www.exambible.com/CISSP-exam/ (653 Q&As)
A. The service provider's policies are consistent with ISO/IEC27001 and there is evidence that the service provider is following those policies.
B. The service provider will segregate the data within its systems and ensure that each region's policies are met.
C. The service provider will impose controls and protections that meet or exceed the current systemscontrols and produce audit logs as verification.
D. The service provider's policies can meet the requirements imposed by the new environment even if they differ from the organization's current policies.
Answer: D
NEW QUESTION 98
- (Exam Topic 9)
Which of the following methods protects Personally Identifiable Information (PII) by use of a full replacement of the data element?
A. Transparent Database Encryption (TDE)
B. Column level database encryption
C. Volume encryption
D. Data tokenization
Answer: D
NEW QUESTION 99
- (Exam Topic 9)
The use of strong authentication, the encryption of Personally Identifiable Information (PII) on database servers, application security reviews, and the encryption of
data transmitted across networks provide
A. data integrity.
B. defense in depth.
C. data availability.
D. non-repudiation.
Answer: B
NEW QUESTION 102
- (Exam Topic 9)
Which of the following is the BEST way to verify the integrity of a software patch?
A. Cryptographic checksums
B. Version numbering
C. Automatic updates
D. Vendor assurance
Answer: A
NEW QUESTION 105
- (Exam Topic 9)
The FIRST step in building a firewall is to
A. assign the roles and responsibilities of the firewall administrators.
B. define the intended audience who will read the firewall policy.
C. identify mechanisms to encourage compliance with the policy.
D. perform a risk analysis to identify issues to be addressed.
Answer: D
NEW QUESTION 109
- (Exam Topic 9)
Which one of the following describes granularity?
A. Maximum number of entries available in an Access Control List (ACL)
B. Fineness to which a trusted system can authenticate users
C. Number of violations divided by the number of total accesses
D. Fineness to which an access control system can be adjusted
Answer: D
NEW QUESTION 114
- (Exam Topic 9)
Which of the following is the MAIN reason that system re-certification and re-accreditation are needed?
A. To assist data owners in making future sensitivity and criticality determinations
B. To assure the software development team that all security issues have been addressed
C. To verify that security protection remains acceptable to the organizational security policy
D. To help the security team accept or reject new systems for implementation and production
Answer: C
NEW QUESTION 118
Your Partner of IT Exam visit - https://www.exambible.com
We recommend you to try the PREMIUM CISSP Dumps From Exambible
https://www.exambible.com/CISSP-exam/ (653 Q&As)
- (Exam Topic 9)
What principle requires that changes to the plaintext affect many parts of the ciphertext?
A. Diffusion
B. Encapsulation
C. Obfuscation
D. Permutation
Answer: A
NEW QUESTION 121
- (Exam Topic 9)
The Hardware Abstraction Layer (HAL) is implemented in the
A. system software.
B. system hardware.
C. application software.
D. network hardware.
Answer: A
NEW QUESTION 124
- (Exam Topic 9)
A disadvantage of an application filtering firewall is that it can lead to
A. a crash of the network as a result of user activities.
B. performance degradation due to the rules applied.
C. loss of packets on the network due to insufficient bandwidth.
D. Internet Protocol (IP) spoofing by hackers.
Answer: B
NEW QUESTION 129
- (Exam Topic 9)
Which of the following is the FIRST step of a penetration test plan?
A. Analyzing a network diagram of the target network
B. Notifying the company's customers
C. Obtaining the approval of the company's management
D. Scheduling the penetration test during a period of least impact
Answer: C
NEW QUESTION 133
- (Exam Topic 9)
Which one of the following is a fundamental objective in handling an incident?
A. To restore control of the affected systems
B. To confiscate the suspect's computers
C. To prosecute the attacker
D. To perform full backups of the system
Answer: A
NEW QUESTION 138
- (Exam Topic 9)
Which of the following is an appropriate source for test data?
A. Production data that is secured and maintained only in the production environment.
B. Test data that has no similarities to production datA.
C. Test data that is mirrored and kept up-to-date with production datA.
D. Production data that has been sanitized before loading into a test environment.
Answer: D
NEW QUESTION 142
- (Exam Topic 9)
What is the ultimate objective of information classification?
A. To assign responsibility for mitigating the risk to vulnerable systems
B. To ensure that information assets receive an appropriate level of protection
C. To recognize that the value of any item of information may change over time
D. To recognize the optimal number of classification categories and the benefits to be gained from their use
Answer: B
Your Partner of IT Exam visit - https://www.exambible.com
We recommend you to try the PREMIUM CISSP Dumps From Exambible
https://www.exambible.com/CISSP-exam/ (653 Q&As)
NEW QUESTION 146
- (Exam Topic 9)
What maintenance activity is responsible for defining, implementing, and testing updates to application systems?
A. Program change control
B. Regression testing
C. Export exception control
D. User acceptance testing
Answer: A
NEW QUESTION 147
- (Exam Topic 9)
A software scanner identifies a region within a binary image having high entropy. What does this MOST likely indicate?
A. Encryption routines
B. Random number generator
C. Obfuscated code
D. Botnet command and control
Answer: C
NEW QUESTION 148
- (Exam Topic 9)
Who must approve modifications to an organization's production infrastructure configuration?
A. Technical management
B. Change control board
C. System operations
D. System users
Answer: B
NEW QUESTION 153
- (Exam Topic 9)
An Intrusion Detection System (IDS) is generating alarms that a user account has over 100 failed login attempts per minute. A sniffer is placed on the network, and
a variety of passwords for that user are noted. Which of the following is MOST likely occurring?
A. A dictionary attack
B. A Denial of Service (DoS) attack
C. A spoofing attack
D. A backdoor installation
Answer: A
NEW QUESTION 156
- (Exam Topic 9)
Which of the following is an effective method for avoiding magnetic media data remanence?
A. Degaussing
B. Encryption
C. Data Loss Prevention (DLP)
D. Authentication
Answer: A
NEW QUESTION 161
- (Exam Topic 9)
When designing a vulnerability test, which one of the following is likely to give the BEST indication of what components currently operate on the network?
A. Topology diagrams
B. Mapping tools
C. Asset register
D. Ping testing
Answer: B
NEW QUESTION 165
- (Exam Topic 9)
A system has been scanned for vulnerabilities and has been found to contain a number of communication ports that have been opened without authority. To which
of the following might this system have been subjected?
A. Trojan horse
B. Denial of Service (DoS)
C. Spoofing
D. Man-in-the-Middle (MITM)
Your Partner of IT Exam visit - https://www.exambible.com
We recommend you to try the PREMIUM CISSP Dumps From Exambible
https://www.exambible.com/CISSP-exam/ (653 Q&As)
Answer: A
NEW QUESTION 169
- (Exam Topic 9)
Why must all users be positively identified prior to using multi-user computers?
A. To provide access to system privileges
B. To provide access to the operating system
C. To ensure that unauthorized persons cannot access the computers
D. To ensure that management knows what users are currently logged on
Answer: C
NEW QUESTION 174
- (Exam Topic 9)
Which of the following wraps the decryption key of a full disk encryption implementation and ties the hard disk drive to a particular device?
A. Trusted Platform Module (TPM)
B. Preboot eXecution Environment (PXE)
C. Key Distribution Center (KDC)
D. Simple Key-Management for Internet Protocol (SKIP)
Answer: A
NEW QUESTION 176
- (Exam Topic 9)
An engineer in a software company has created a virus creation tool. The tool can generate thousands of polymorphic viruses. The engineer is planning to use the
tool in a controlled environment to test the company's next generation virus scanning software. Which would BEST describe the behavior of the engineer and why?
A. The behavior is ethical because the tool will be used to create a better virus scanner.
B. The behavior is ethical because any experienced programmer could create such a tool.
C. The behavior is not ethical because creating any kind of virus is bad.
D. The behavior is not ethical because such a tool could be leaked on the Internet.
Answer: A
NEW QUESTION 180
- (Exam Topic 9)
Two companies wish to share electronic inventory and purchase orders in a supplier and client relationship. What is the BEST security solution for them?
A. Write a Service Level Agreement (SLA) for the two companies.
B. Set up a Virtual Private Network (VPN) between the two companies.
C. Configure a firewall at the perimeter of each of the two companies.
D. Establish a File Transfer Protocol (FTP) connection between the two companies.
Answer: B
NEW QUESTION 185
- (Exam Topic 9)
At a MINIMUM, a formal review of any Disaster Recovery Plan (DRP) should be conducted
A. monthly.
B. quarterly.
C. annually.
D. bi-annually.
Answer: C
NEW QUESTION 189
- (Exam Topic 10)
Which of the following is a process within a Systems Engineering Life Cycle (SELC) stage?
A. Requirements Analysis
B. Development and Deployment
C. Production Operations
D. Utilization Support
Answer: A
NEW QUESTION 192
- (Exam Topic 10)
Which of the following is the BEST reason to review audit logs periodically?
A. Verify they are operating properly
B. Monitor employee productivity
Your Partner of IT Exam visit - https://www.exambible.com
We recommend you to try the PREMIUM CISSP Dumps From Exambible
https://www.exambible.com/CISSP-exam/ (653 Q&As)
C. Identify anomalies in use patterns
D. Meet compliance regulations
Answer: C
NEW QUESTION 196
- (Exam Topic 10)
Which of the following is the MOST beneficial to review when performing an IT audit?
A. Audit policy
B. Security log
C. Security policies
D. Configuration settings
Answer: C
NEW QUESTION 197
- (Exam Topic 10)
Which of the following MOST influences the design of the organization's electronic monitoring policies?
A. Workplace privacy laws
B. Level of organizational trust
C. Results of background checks
D. Business ethical considerations
Answer: A
NEW QUESTION 199
- (Exam Topic 10)
According to best practice, which of the following groups is the MOST effective in performing an information
security compliance audit?
A. In-house security administrators
B. In-house Network Team
C. Disaster Recovery (DR) Team
D. External consultants
Answer: D
NEW QUESTION 203
- (Exam Topic 10)
An online retail company has formulated a record retention schedule for customer transactions. Which of the following is a valid reason a customer transaction is
kept beyond the retention schedule?
A. Pending legal hold
B. Long term data mining needs
C. Customer makes request to retain
D. Useful for future business initiatives
Answer: A
NEW QUESTION 204
- (Exam Topic 10)
What does secure authentication with logging provide?
A. Data integrity
B. Access accountability
C. Encryption logging format
D. Segregation of duties
Answer: B
NEW QUESTION 205
- (Exam Topic 10)
Refer to the information below to answer the question.
During the investigation of a security incident, it is determined that an unauthorized individual accessed a system which hosts a database containing financial
information.
If it is discovered that large quantities of information have been copied by the unauthorized individual, what attribute of the data has been compromised?
A. Availability
B. Integrity
C. Accountability
D. Confidentiality
Answer: D
Your Partner of IT Exam visit - https://www.exambible.com
We recommend you to try the PREMIUM CISSP Dumps From Exambible
https://www.exambible.com/CISSP-exam/ (653 Q&As)
NEW QUESTION 210
- (Exam Topic 10)
Which of the following assures that rules are followed in an identity management architecture?
A. Policy database
B. Digital signature
C. Policy decision point
D. Policy enforcement point
Answer: D
NEW QUESTION 213
- (Exam Topic 10)
Which of the following is the MOST difficult to enforce when using cloud computing?
A. Data access
B. Data backup
C. Data recovery
D. Data disposal
Answer: D
NEW QUESTION 218
- (Exam Topic 10)
Refer to the information below to answer the question.
A security practitioner detects client-based attacks on the organization’s network. A plan will be necessary to address these concerns.
What MUST the plan include in order to reduce client-side exploitation?
A. Approved web browsers
B. Network firewall procedures
C. Proxy configuration
D. Employee education
Answer: D
NEW QUESTION 222
- (Exam Topic 10)
Which of the following are required components for implementing software configuration management systems?
A. Audit control and signoff
B. User training and acceptance
C. Rollback and recovery processes
D. Regression testing and evaluation
Answer: C
NEW QUESTION 224
- (Exam Topic 10)
What is the PRIMARY advantage of using automated application security testing tools?
A. The application can be protected in the production environment.
B. Large amounts of code can be tested using fewer resources.
C. The application will fail less when tested using these tools.
D. Detailed testing of code functions can be performed.
Answer: B
NEW QUESTION 225
- (Exam Topic 10)
What is a common challenge when implementing Security Assertion Markup Language (SAML) for identity integration between on-premise environment and an
external identity provider service?
A. Some users are not provisioned into the service.
B. SAML tokens are provided by the on-premise identity provider.
C. Single users cannot be revoked from the service.
D. SAML tokens contain user information.
Answer: A
NEW QUESTION 227
- (Exam Topic 10)
A business has implemented Payment Card Industry Data Security Standard (PCI-DSS) compliant handheld credit card processing on their Wireless Local Area
Network (WLAN) topology. The network team partitioned the WLAN to create a private segment for credit card processing using a firewall to control device access
and route traffic to the card processor on the Internet. What components are in the scope of PCI-DSS?
A. The entire enterprise network infrastructure.
B. The handheld devices, wireless access points and border gateway.
Your Partner of IT Exam visit - https://www.exambible.com
We recommend you to try the PREMIUM CISSP Dumps From Exambible
https://www.exambible.com/CISSP-exam/ (653 Q&As)
C. The end devices, wireless access points, WLAN, switches, management console, and firewall.
D. The end devices, wireless access points, WLAN, switches, management console, and Internet
Answer: C
NEW QUESTION 228
- (Exam Topic 10)
A security manager has noticed an inconsistent application of server security controls resulting in vulnerabilities on critical systems. What is the MOST likely cause
of this issue?
A. A lack of baseline standards
B. Improper documentation of security guidelines
C. A poorly designed security policy communication program
D. Host-based Intrusion Prevention System (HIPS) policies are ineffective
Answer: A
NEW QUESTION 230
- (Exam Topic 10)
Which of the following methods provides the MOST protection for user credentials?
A. Forms-based authentication
B. Digest authentication
C. Basic authentication
D. Self-registration
Answer: B
NEW QUESTION 234
- (Exam Topic 10)
Which of the following actions MUST be taken if a vulnerability is discovered during the maintenance stage in a System Development Life Cycle (SDLC)?
A. Make changes following principle and design guidelines.
B. Stop the application until the vulnerability is fixed.
C. Report the vulnerability to product owner.
D. Monitor the application and review code.
Answer: C
NEW QUESTION 235
- (Exam Topic 10)
Which of the following is a detective access control mechanism?
A. Log review
B. Least privilege
C. Password complexity
D. Non-disclosure agreement
Answer: A
NEW QUESTION 239
- (Exam Topic 10)
Which of the following is the MOST effective attack against cryptographic hardware modules?
A. Plaintext
B. Brute force
C. Power analysis
D. Man-in-the-middle (MITM)
Answer: C
NEW QUESTION 243
- (Exam Topic 10)
During the procurement of a new information system, it was determined that some of the security requirements were not addressed in the system specification.
Which of the following is the MOST likely reason for this?
A. The procurement officer lacks technical knowledge.
B. The security requirements have changed during the procurement process.
C. There were no security professionals in the vendor's bidding team.
D. The description of the security requirements was insufficient.
Answer: D
NEW QUESTION 248
- (Exam Topic 10)
Your Partner of IT Exam visit - https://www.exambible.com
We recommend you to try the PREMIUM CISSP Dumps From Exambible
https://www.exambible.com/CISSP-exam/ (653 Q&As)
Refer to the information below to answer the question.
An organization has hired an information security officer to lead their security department. The officer has adequate people resources but is lacking the other
necessary components to have an effective security program. There are numerous initiatives requiring security involvement.
Which of the following is considered the MOST important priority for the information security officer?
A. Formal acceptance of the security strategy
B. Disciplinary actions taken against unethical behavior
C. Development of an awareness program for new employees
D. Audit of all organization system configurations for faults
Answer: A
NEW QUESTION 252
- (Exam Topic 10)
Which of the following MUST system and database administrators be aware of and apply when configuring systems used for storing personal employee data?
A. Secondary use of the data by business users
B. The organization's security policies and standards
C. The business purpose for which the data is to be used
D. The overall protection of corporate resources and data
Answer: B
NEW QUESTION 253
- (Exam Topic 10)
Refer to the information below to answer the question.
An organization has hired an information security officer to lead their security department. The officer has adequate people resources but is lacking the other
necessary components to have an effective security program. There are numerous initiatives requiring security involvement.
Given the number of priorities, which of the following will MOST likely influence the selection of top initiatives?
A. Severity of risk
B. Complexity of strategy
C. Frequency of incidents
D. Ongoing awareness
Answer: A
NEW QUESTION 257
- (Exam Topic 10)
Refer to the information below to answer the question.
A large organization uses unique identifiers and requires them at the start of every system session. Application access is based on job classification. The
organization is subject to periodic independent reviews of access controls and violations. The organization uses wired and wireless networks and remote access.
The organization also uses secure connections to branch offices and secure backup and recovery strategies for selected information and processes.
Which of the following BEST describes the access control methodology used?
A. Least privilege
B. Lattice Based Access Control (LBAC)
C. Role Based Access Control (RBAC)
D. Lightweight Directory Access Control (LDAP)
Answer: C
NEW QUESTION 258
- (Exam Topic 10)
Host-Based Intrusion Protection (HIPS) systems are often deployed in monitoring or learning mode during their initial implementation. What is the objective of
starting in this mode?
A. Automatically create exceptions for specific actions or files
B. Determine which files are unsafe to access and blacklist them
C. Automatically whitelist actions or files known to the system
D. Build a baseline of normal or safe system events for review
Answer: D
NEW QUESTION 260
- (Exam Topic 10)
Refer to the information below to answer the question.
A new employee is given a laptop computer with full administrator access. This employee does not have a personal computer at home and has a child that uses
the computer to send and receive e-mail, search the web, and use instant messaging. The organization’s Information Technology (IT) department discovers that a
peer-to-peer program has been installed on the computer using the employee's access.
Which of the following methods is the MOST effective way of removing the Peer-to-Peer (P2P) program from the computer?
A. Run software uninstall
B. Re-image the computer
C. Find and remove all installation files
D. Delete all cookies stored in the web browser cache
Answer: B
Your Partner of IT Exam visit - https://www.exambible.com
We recommend you to try the PREMIUM CISSP Dumps From Exambible
https://www.exambible.com/CISSP-exam/ (653 Q&As)
NEW QUESTION 263
- (Exam Topic 10)
Place the following information classification steps in sequential order.
A. Mastered
B. Not Mastered
Answer: A
Explanation:
NEW QUESTION 267
- (Exam Topic 10)
Which of the following is the MAIN goal of a data retention policy?
A. Ensure that data is destroyed properly.
B. Ensure that data recovery can be done on the datA.
C. Ensure the integrity and availability of data for a predetermined amount of time.
D. Ensure the integrity and confidentiality of data for a predetermined amount of time.
Answer: C
NEW QUESTION 269
- (Exam Topic 10)
Refer to the information below to answer the question.
In a Multilevel Security (MLS) system, the following sensitivity labels are used in increasing levels of sensitivity: restricted, confidential, secret, top secret. Table A
lists the clearance levels for four users, while Table B lists the security classes of four different files.
Your Partner of IT Exam visit - https://www.exambible.com
We recommend you to try the PREMIUM CISSP Dumps From Exambible
https://www.exambible.com/CISSP-exam/ (653 Q&As)
In a Bell-LaPadula system, which user has the MOST restrictions when writing data to any of the four files?
A. User A
B. User B
C. User C
D. User D
Answer: D
NEW QUESTION 272
- (Exam Topic 10)
For a service provider, which of the following MOST effectively addresses confidentiality concerns for customers using cloud computing?
A. Hash functions
B. Data segregation
C. File system permissions
D. Non-repudiation controls
Answer: B
NEW QUESTION 275
- (Exam Topic 10)
From a security perspective, which of the following is a best practice to configure a Domain Name Service (DNS) system?
A. Configure secondary servers to use the primary server as a zone forwarder.
B. Block all Transmission Control Protocol (TCP) connections.
C. Disable all recursive queries on the name servers.
D. Limit zone transfers to authorized devices.
Answer: D
NEW QUESTION 279
- (Exam Topic 10)
Refer to the information below to answer the question.
An organization has hired an information security officer to lead their security department. The officer has adequate people resources but is lacking the other
necessary components to have an effective security program. There are numerous initiatives requiring security involvement.
The effectiveness of the security program can PRIMARILY be measured through
A. audit findings.
B. risk elimination.
C. audit requirements.
D. customer satisfaction.
Answer: A
NEW QUESTION 282
- (Exam Topic 10)
When using third-party software developers, which of the following is the MOST effective method of providing software development Quality Assurance (QA)?
A. Retain intellectual property rights through contractual wording.
B. Perform overlapping code reviews by both parties.
C. Verify that the contractors attend development planning meetings.
D. Create a separate contractor development environment.
Answer: B
NEW QUESTION 286
- (Exam Topic 10)
What is the MOST important reason to configure unique user IDs?
A. Supporting accountability
B. Reducing authentication errors
C. Preventing password compromise
D. Supporting Single Sign On (SSO)
Answer: A
Your Partner of IT Exam visit - https://www.exambible.com
We recommend you to try the PREMIUM CISSP Dumps From Exambible
https://www.exambible.com/CISSP-exam/ (653 Q&As)
NEW QUESTION 288
- (Exam Topic 10)
Refer to the information below to answer the question.
Desktop computers in an organization were sanitized for re-use in an equivalent security environment. The data was destroyed in accordance with organizational
policy and all marking and other external indications of the sensitivity of the data that was formerly stored on the magnetic drives were removed.
Organizational policy requires the deletion of user data from Personal Digital Assistant (PDA) devices before disposal. It may not be possible to delete the user
data if the device is malfunctioning. Which destruction method below provides the BEST assurance that the data has been removed?
A. Knurling
B. Grinding
C. Shredding
D. Degaussing
Answer: C
NEW QUESTION 291
- (Exam Topic 11)
Which of the following BEST describes the purpose of performing security certification?
A. To identify system threats, vulnerabilities, and acceptable level of risk
B. To formalize the confirmation of compliance to security policies and standards
C. To formalize the confirmation of completed risk mitigation and risk analysis
D. To verify that system architecture and interconnections with other systems are effectively implemented
Answer: B
NEW QUESTION 294
- (Exam Topic 11)
The application of which of the following standards would BEST reduce the potential for data breaches?
A. ISO 9000
B. ISO 20121
C. ISO 26000
D. ISO 27001
Answer: D
NEW QUESTION 296
- (Exam Topic 11)
Which of the following is generally indicative of a replay attack when dealing with biometric authentication?
A. False Acceptance Rate (FAR) is greater than 1 in 100,000
B. False Rejection Rate (FRR) is greater than 5 in 100
C. Inadequately specified templates
D. Exact match
Answer: D
NEW QUESTION 298
- (Exam Topic 11)
If an identification process using a biometric system detects a 100% match between a presented template and a stored template, what is the interpretation of this
result?
A. User error
B. Suspected tampering
C. Accurate identification
D. Unsuccessful identification
Answer: B
NEW QUESTION 299
- (Exam Topic 11)
Which of the following BEST describes a Protection Profile (PP)?
A. A document that expresses an implementation independent set of security requirements for an IT product that meets specific consumer needs.
B. A document that is used to develop an IT security product from its security requirements definition.
C. A document that expresses an implementation dependent set of security requirements which contains only the security functional requirements.
D. A document that represents evaluated products where there is a one-to-one correspondence between a PP and a Security Target (ST).
Answer: A
NEW QUESTION 301
- (Exam Topic 11)
Changes to a Trusted Computing Base (TCB) system that could impact the security posture of that system and trigger a recertification activity are documented in
the
A. security impact analysis.
Your Partner of IT Exam visit - https://www.exambible.com
We recommend you to try the PREMIUM CISSP Dumps From Exambible
https://www.exambible.com/CISSP-exam/ (653 Q&As)
B. structured code review.
C. routine self assessment.
D. cost benefit analysis.
Answer: A
NEW QUESTION 306
- (Exam Topic 11)
Which of the following is the BEST approach to take in order to effectively incorporate the concepts of business continuity into the organization?
A. Ensure end users are aware of the planning activities
B. Validate all regulatory requirements are known and fully documented
C. Develop training and awareness programs that involve all stakeholders
D. Ensure plans do not violate the organization's cultural objectives and goals
Answer: C
NEW QUESTION 308
- (Exam Topic 11)
What should happen when an emergency change to a system must be performed?
A. The change must be given priority at the next meeting of the change control board.
B. Testing and approvals must be performed quickly.
C. The change must be performed immediately and then submitted to the change board.
D. The change is performed and a notation is made in the system log.
Answer: B
NEW QUESTION 309
- (Exam Topic 11)
Which of the following is a reason to use manual patch installation instead of automated patch management?
A. The cost required to install patches will be reduced.
B. The time during which systems will remain vulnerable to an exploit will be decreased.
C. The likelihood of system or application incompatibilities will be decreased.
D. The ability to cover large geographic areas is increased.
Answer: C
NEW QUESTION 314
- (Exam Topic 11)
Which of the following has the GREATEST impact on an organization's security posture?
A. International and country-specific compliance requirements
B. Security violations by employees and contractors
C. Resource constraints due to increasing costs of supporting security
D. Audit findings related to employee access and permissions process
Answer: A
NEW QUESTION 319
- (Exam Topic 11)
How can lessons learned from business continuity training and actual recovery incidents BEST be used?
A. As a means for improvement
B. As alternative options for awareness and training
C. As indicators of a need for policy
D. As business function gap indicators
Answer: A
NEW QUESTION 321
- (Exam Topic 11)
Which of the following is the BEST method to assess the effectiveness of an organization's vulnerability management program?
A. Review automated patch deployment reports
B. Periodic third party vulnerability assessment
C. Automated vulnerability scanning
D. Perform vulnerability scan by security team
Answer: B
NEW QUESTION 324
- (Exam Topic 11)
Which of the following is the MOST likely cause of a non-malicious data breach when the source of the data breach was an un-marked file cabinet containing
Your Partner of IT Exam visit - https://www.exambible.com
We recommend you to try the PREMIUM CISSP Dumps From Exambible
https://www.exambible.com/CISSP-exam/ (653 Q&As)
sensitive documents?
A. Ineffective data classification
B. Lack of data access controls
C. Ineffective identity management controls
D. Lack of Data Loss Prevention (DLP) tools
Answer: A
NEW QUESTION 326
- (Exam Topic 11)
An organization lacks a data retention policy. Of the following, who is the BEST person to consult for such requirement?
A. Application Manager
B. Database Administrator
C. Privacy Officer
D. Finance Manager
Answer: C
NEW QUESTION 327
- (Exam Topic 11)
The World Trade Organization's (WTO) agreement on Trade-Related Aspects of Intellectual Property Rights (TRIPS) requires authors of computer software to be
given the
A. right to refuse or permit commercial rentals.
B. right to disguise the software's geographic origin.
C. ability to tailor security parameters based on location.
D. ability to confirm license authenticity of their works.
Answer: A
NEW QUESTION 332
- (Exam Topic 11)
Which of the following describes the BEST configuration management practice?
A. After installing a new system, the configuration files are copied to a separate back-up system and hashed to detect tampering.
B. After installing a new system, the configuration files are copied to an air-gapped system and hashed to detect tampering.
C. The firewall rules are backed up to an air-gapped system.
D. A baseline configuration is created and maintained for all relevant systems.
Answer: D
NEW QUESTION 336
- (Exam Topic 11)
To protect auditable information, which of the following MUST be configured to only allow read access?
A. Logging configurations
B. Transaction log files
C. User account configurations
D. Access control lists (ACL)
Answer: B
NEW QUESTION 338
- (Exam Topic 11)
Which of the following explains why record destruction requirements are included in a data retention policy?
A. To comply with legal and business requirements
B. To save cost for storage and backup
C. To meet destruction guidelines
D. To validate data ownership
Answer: A
NEW QUESTION 339
- (Exam Topic 11)
Which Web Services Security (WS-Security) specification maintains a single authenticated identity across multiple dissimilar environments? Click on the correct
specification in the image below.
Your Partner of IT Exam visit - https://www.exambible.com
We recommend you to try the PREMIUM CISSP Dumps From Exambible
https://www.exambible.com/CISSP-exam/ (653 Q&As)
A. Mastered
B. Not Mastered
Answer: A
Explanation:
WS-Federation
Reference: Java Web Services: Up and Running” By Martin Kalin page 228
NEW QUESTION 341
- (Exam Topic 11)
Which Web Services Security (WS-Security) specification negotiates how security tokens will be issued,
renewed and validated? Click on the correct specification in the image below.
A. Mastered
B. Not Mastered
Answer: A
Explanation:
WS-Trust
The protocol used for issuing security tokens is based on WS-Trust. WS-Trust is a Web service specification that builds on WS-Security. It describes a protocol
used for issuance, exchange, and validation of security tokens. WS-Trust provides a solution for interoperability by defining a protocol for issuing and exchanging
security tokens, based on token format, namespace, or trust boundaries.
Your Partner of IT Exam visit - https://www.exambible.com
We recommend you to try the PREMIUM CISSP Dumps From Exambible
https://www.exambible.com/CISSP-exam/ (653 Q&As)
Reference: https://msdn.microsoft.com/en-us/library/ff650503.aspx
NEW QUESTION 342
- (Exam Topic 11)
Which of the following controls is the FIRST step in protecting privacy in an information system?
A. Data Redaction
B. Data Minimization
C. Data Encryption
D. Data Storage
Answer: B
NEW QUESTION 346
- (Exam Topic 11)
Software Code signing is used as a method of verifying what security concept?
A. Integrity
B. Confidentiality
C. Availability
D. Access Control
Answer: A
NEW QUESTION 350
- (Exam Topic 11)
An organization has decided to contract with a cloud-based service provider to leverage their identity as a service offering. They will use Open Authentication
(OAuth) 2.0 to authenticate external users to the organization's services.
As part of the authentication process, which of the following must the end user provide?
A. An access token
B. A username and password
C. A username
D. A password
Answer: A
NEW QUESTION 354
- (Exam Topic 11)
The PRIMARY outcome of a certification process is that it provides documented
A. system weaknesses for remediation.
B. standards for security assessment, testing, and process evaluation.
C. interconnected systems and their implemented security controls.
D. security analyses needed to make a risk-based decision.
Answer: D
NEW QUESTION 358
- (Exam Topic 11)
What security risk does the role-based access approach mitigate MOST effectively?
A. Excessive access rights to systems and data
B. Segregation of duties conflicts within business applications
C. Lack of system administrator activity monitoring
D. Inappropriate access requests
Answer: A
NEW QUESTION 359
- (Exam Topic 11)
Discretionary Access Control (DAC) is based on which of the following?
A. Information source and destination
B. Identification of subjects and objects
C. Security labels and privileges
D. Standards and guidelines
Answer: B
NEW QUESTION 364
- (Exam Topic 11)
Which of the following questions can be answered using user and group entitlement reporting?
A. When a particular file was last accessed by a user
B. Change control activities for a particular group of users
Your Partner of IT Exam visit - https://www.exambible.com
We recommend you to try the PREMIUM CISSP Dumps From Exambible
https://www.exambible.com/CISSP-exam/ (653 Q&As)
C. The number of failed login attempts for a particular user
D. Where does a particular user have access within the network
Answer: D
NEW QUESTION 369
- (Exam Topic 11)
When in the Software Development Life Cycle (SDLC) MUST software security functional requirements be defined?
A. After the system preliminary design has been developed and the data security categorization has been performed
B. After the business functional analysis and the data security categorization have been performed
C. After the vulnerability analysis has been performed and before the system detailed design begins
D. After the system preliminary design has been developed and before the data security categorization begins
Answer: B
NEW QUESTION 371
- (Exam Topic 11)
What is the GREATEST challenge of an agent-based patch management solution?
A. Time to gather vulnerability information about the computers in the program
B. Requires that software be installed, running, and managed on all participating computers
C. The significant amount of network bandwidth while scanning computers
D. The consistency of distributing patches to each participating computer
Answer: B
NEW QUESTION 374
- (Exam Topic 11)
Which of the following is a recommended alternative to an integrated email encryption system?
A. Sign emails containing sensitive data
B. Send sensitive data in separate emails
C. Encrypt sensitive data separately in attachments
D. Store sensitive information to be sent in encrypted drives
Answer: C
NEW QUESTION 378
- (Exam Topic 11)
Which of the following activities BEST identifies operational problems, security misconfigurations, and malicious attacks?
A. Policy documentation review
B. Authentication validation
C. Periodic log reviews
D. Interface testing
Answer: C
NEW QUESTION 381
- (Exam Topic 11)
In the Open System Interconnection (OSI) model, which layer is responsible for the transmission of binary data over a communications network?
A. Application Layer
B. Physical Layer
C. Data-Link Layer
D. Network Layer
Answer: B
NEW QUESTION 385
- (Exam Topic 11)
Which of the following secures web transactions at the Transport Layer?
A. Secure HyperText Transfer Protocol (S-HTTP)
B. Secure Sockets Layer (SSL)
C. Socket Security (SOCKS)
D. Secure Shell (SSH)
Answer: B
NEW QUESTION 389
- (Exam Topic 11)
Are companies legally required to report all data breaches?
Your Partner of IT Exam visit - https://www.exambible.com
We recommend you to try the PREMIUM CISSP Dumps From Exambible
https://www.exambible.com/CISSP-exam/ (653 Q&As)
A. No, different jurisdictions have different rules.
B. No, not if the data is encrypted.
C. No, companies' codes of ethics don't require it.
D. No, only if the breach had a material impact.
Answer: A
NEW QUESTION 393
- (Exam Topic 11)
While investigating a malicious event, only six days of audit logs from the last month were available. What policy should be updated to address this problem?
A. Retention
B. Reporting
C. Recovery
D. Remediation
Answer: A
NEW QUESTION 396
- (Exam Topic 11)
The BEST method to mitigate the risk of a dictionary attack on a system is to
A. use a hardware token.
B. use complex passphrases.
C. implement password history.
D. encrypt the access control list (ACL).
Answer: A
NEW QUESTION 400
- (Exam Topic 12)
A proxy firewall operates at what layer of the Open System Interconnection (OSI) model?
A. Transport
B. Data link
C. Network
D. Application
Answer: D
NEW QUESTION 404
- (Exam Topic 12)
The restoration priorities of a Disaster Recovery Plan (DRP) are based on which of the following documents?
A. Service Level Agreement (SLA)
B. Business Continuity Plan (BCP)
C. Business Impact Analysis (BIA)
D. Crisis management plan
Answer: B
NEW QUESTION 405
- (Exam Topic 12)
A company has decided that they need to begin maintaining assets deployed in the enterprise. What approach should be followed to determine and maintain
ownership information to bring the company into compliance?
A. Enterprise asset management framework
B. Asset baseline using commercial off the shelf software
C. Asset ownership database using domain login records
D. A script to report active user logins on assets
Answer: A
NEW QUESTION 410
- (Exam Topic 12)
Which Radio Frequency Interference (RFI) phenomenon associated with bundled cable runs can create information leakage?
A. Transference
B. Covert channel
C. Bleeding
D. Cross-talk
Answer: D
NEW QUESTION 415
Your Partner of IT Exam visit - https://www.exambible.com
We recommend you to try the PREMIUM CISSP Dumps From Exambible
https://www.exambible.com/CISSP-exam/ (653 Q&As)
- (Exam Topic 12)
How should an organization determine the priority of its remediation efforts after a vulnerability assessment has been conducted?
A. Use an impact-based approach.
B. Use a risk-based approach.
C. Use a criticality-based approach.
D. Use a threat-based approach.
Answer: B
NEW QUESTION 417
- (Exam Topic 12)
The PRIMARY outcome of a certification process is that it provides documented
A. interconnected systems and their implemented security controls.
B. standards for security assessment, testing, and process evaluation.
C. system weakness for remediation.
D. security analyses needed to make a risk-based decision.
Answer: D
NEW QUESTION 421
- (Exam Topic 12)
Which of the following restricts the ability of an individual to carry out all the steps of a particular process?
A. Job rotation
B. Separation of duties
C. Least privilege
D. Mandatory vacations
Answer: B
NEW QUESTION 424
- (Exam Topic 12)
During which of the following processes is least privilege implemented for a user account?
A. Provision
B. Approve
C. Request
D. Review
Answer: A
NEW QUESTION 426
- (Exam Topic 12)
Which of the following is a document that identifies each item seized in an investigation, including date and time seized, full name and signature or initials of the
person who seized the item, and a detailed description of the item?
A. Property book
B. Chain of custody form
C. Search warrant return
D. Evidence tag
Answer: D
NEW QUESTION 428
- (Exam Topic 12)
Which of the following media sanitization techniques is MOST likely to be effective for an organization using public cloud services?
A. Low-level formatting
B. Secure-grade overwrite erasure
C. Cryptographic erasure
D. Drive degaussing
Answer: B
NEW QUESTION 433
- (Exam Topic 12)
What operations role is responsible for protecting the enterprise from corrupt or contaminated media?
A. Information security practitioner
B. Information librarian
C. Computer operator
D. Network administrator
Answer: B
Your Partner of IT Exam visit - https://www.exambible.com
We recommend you to try the PREMIUM CISSP Dumps From Exambible
https://www.exambible.com/CISSP-exam/ (653 Q&As)
NEW QUESTION 435
- (Exam Topic 12)
How does a Host Based Intrusion Detection System (HIDS) identify a potential attack?
A. Examines log messages or other indications on the system.
B. Monitors alarms sent to the system administrator
C. Matches traffic patterns to virus signature files
D. Examines the Access Control List (ACL)
Answer: C
NEW QUESTION 438
- (Exam Topic 12)
When writing security assessment procedures, what is the MAIN purpose of the test outputs and reports?
A. To force the software to fail and document the process
B. To find areas of compromise in confidentiality and integrity
C. To allow for objective pass or fail decisions
D. To identify malware or hidden code within the test results
Answer: C
NEW QUESTION 439
- (Exam Topic 12)
Which of the following is the PRIMARY benefit of a formalized information classification program?
A. It minimized system logging requirements.
B. It supports risk assessment.
C. It reduces asset vulnerabilities.
D. It drives audit processes.
Answer: B
NEW QUESTION 443
- (Exam Topic 12)
Which of the following BEST represents the concept of least privilege?
A. Access to an object is denied unless access is specifically allowed.
B. Access to an object is only available to the owner.
C. Access to an object is allowed unless it is protected by the information security policy.
D. Access to an object is only allowed to authenticated users via an Access Control List (ACL).
Answer: A
NEW QUESTION 447
- (Exam Topic 12)
What is an advantage of Elliptic Curve Cryptography (ECC)?
A. Cryptographic approach that does not require a fixed-length key
B. Military-strength security that does not depend upon secrecy of the algorithm
C. Opportunity to use shorter keys for the same level of security
D. Ability to use much longer keys for greater security
Answer: C
NEW QUESTION 451
- (Exam Topic 12)
Which of the following is the MOST important consideration when developing a Disaster Recovery Plan (DRP)?
A. The dynamic reconfiguration of systems
B. The cost of downtime
C. A recovery strategy for all business processes
D. A containment strategy
Answer: C
NEW QUESTION 453
- (Exam Topic 12)
Which of the following are effective countermeasures against passive network-layer attacks?
A. Federated security and authenticated access controls
B. Trusted software development and run time integrity controls
C. Encryption and security enabled applications
D. Enclave boundary protection and computing environment defense
Answer: C
Your Partner of IT Exam visit - https://www.exambible.com
We recommend you to try the PREMIUM CISSP Dumps From Exambible
https://www.exambible.com/CISSP-exam/ (653 Q&As)
NEW QUESTION 456
- (Exam Topic 12)
When designing a vulnerability test, which one of the following is likely to give the BEST indication of what components currently operate on the network?
A. Topology diagrams
B. Mapping tools
C. Asset register
D. Ping testing
Answer: D
NEW QUESTION 459
- (Exam Topic 12)
What is the MOST important element when considering the effectiveness of a training program for Business Continuity (BC) and Disaster Recovery (DR)?
A. Management support
B. Consideration of organizational need
C. Technology used for delivery
D. Target audience
Answer: B
NEW QUESTION 464
- (Exam Topic 12)
Which of the following is the PRIMARY reason to perform regular vulnerability scanning of an organization network?
A. Provide vulnerability reports to management.
B. Validate vulnerability remediation activities.
C. Prevent attackers from discovering vulnerabilities.
D. Remediate known vulnerabilities.
Answer: B
NEW QUESTION 468
- (Exam Topic 13)
Which of the following is the BEST reason for writing an information security policy?
A. To support information security governance
B. To reduce the number of audit findings
C. To deter attackers
D. To implement effective information security controls
Answer: A
NEW QUESTION 471
- (Exam Topic 13)
Which of the following steps should be performed FIRST when purchasing Commercial Off-The-Shelf (COTS) software?
A. undergo a security assessment as part of authorization process
B. establish a risk management strategy
C. harden the hosting server, and perform hosting and application vulnerability scans
D. establish policies and procedures on system and services acquisition
Answer: D
NEW QUESTION 474
- (Exam Topic 13)
Why is planning in Disaster Recovery (DR) an interactive process?
A. It details off-site storage plans
B. It identifies omissions in the plan
C. It defines the objectives of the plan
D. It forms part of the awareness process
Answer: B
NEW QUESTION 475
- (Exam Topic 13)
What capability would typically be included in a commercially available software package designed for access control?
A. Password encryption
B. File encryption
C. Source library control
D. File authentication
Answer:
Your Partner of IT Exam visit - https://www.exambible.com
We recommend you to try the PREMIUM CISSP Dumps From Exambible
https://www.exambible.com/CISSP-exam/ (653 Q&As)
NEW QUESTION 477
- (Exam Topic 13)
Which of the following is a direct monetary cost of a security incident?
A. Morale
B. Reputation
C. Equipment
D. Information
Answer: C
NEW QUESTION 478
- (Exam Topic 13)
An international medical organization with headquarters in the United States (US) and branches in France wants to test a drug in both countries. What is the
organization allowed to do with the test subject’s data?
A. Aggregate it into one database in the US
B. Process it in the US, but store the information in France
C. Share it with a third party
D. Anonymize it and process it in the US
Answer: C
Explanation:
Section: Security Assessment and Testing
NEW QUESTION 481
- (Exam Topic 13)
Even though a particular digital watermark is difficult to detect, which of the following represents a way it might still be inadvertently removed?
A. Truncating parts of the data
B. Applying Access Control Lists (ACL) to the data
C. Appending non-watermarked data to watermarked data
D. Storing the data in a database
Answer: A
NEW QUESTION 482
- (Exam Topic 13)
Unused space in a disk cluster is important in media analysis because it may contain which of the following?
A. Residual data that has not been overwritten
B. Hidden viruses and Trojan horses
C. Information about the File Allocation table (FAT)
D. Information about patches and upgrades to the system
Answer: A
NEW QUESTION 483
- (Exam Topic 13)
A Denial of Service (DoS) attack on a syslog server exploits weakness in which of the following protocols?
A. Point-to-Point Protocol (PPP) and Internet Control Message Protocol (ICMP)
B. Transmission Control Protocol (TCP) and User Datagram Protocol (UDP)
C. Address Resolution Protocol (ARP) and Reverse Address Resolution Protocol (RARP)
D. Transport Layer Security (TLS) and Secure Sockets Layer (SSL)
Answer: B
NEW QUESTION 488
- (Exam Topic 13)
The design review for an application has been completed and is ready for release. What technique should an organization use to assure application integrity?
A. Application authentication
B. Input validation
C. Digital signing
D. Device encryption
Answer: C
NEW QUESTION 492
- (Exam Topic 13)
Which of the following mechanisms will BEST prevent a Cross-Site Request Forgery (CSRF) attack?
Your Partner of IT Exam visit - https://www.exambible.com
We recommend you to try the PREMIUM CISSP Dumps From Exambible
https://www.exambible.com/CISSP-exam/ (653 Q&As)
A. parameterized database queries
B. whitelist input values
C. synchronized session tokens
D. use strong ciphers
Answer: C
NEW QUESTION 497
- (Exam Topic 13)
Which of the following is a characteristic of an internal audit?
A. An internal audit is typically shorter in duration than an external audit.
B. The internal audit schedule is published to the organization well in advance.
C. The internal auditor reports to the Information Technology (IT) department
D. Management is responsible for reading and acting upon the internal audit results
Answer: D
NEW QUESTION 500
- (Exam Topic 13)
An organization has outsourced its financial transaction processing to a Cloud Service Provider (CSP) who will provide them with Software as a Service (SaaS). If
there was a data breach who is responsible for monetary losses?
A. The Data Protection Authority (DPA)
B. The Cloud Service Provider (CSP)
C. The application developers
D. The data owner
Answer: B
NEW QUESTION 501
- (Exam Topic 13)
A security practitioner is tasked with securing the organization’s Wireless Access Points (WAP). Which of these is the MOST effective way of restricting this
environment to authorized users?
A. Enable Wi-Fi Protected Access 2 (WPA2) encryption on the wireless access point
B. Disable the broadcast of the Service Set Identifier (SSID) name
C. Change the name of the Service Set Identifier (SSID) to a random value not associated with theorganization
D. Create Access Control Lists (ACL) based on Media Access Control (MAC) addresses
Answer: D
NEW QUESTION 505
- (Exam Topic 13)
What is the MAIN purpose of a change management policy?
A. To assure management that changes to the Information Technology (IT) infrastructure are necessary
B. To identify the changes that may be made to the Information Technology (IT) infrastructure
C. To verify that changes to the Information Technology (IT) infrastructure are approved
D. To determine the necessary for implementing modifications to the Information Technology (IT) infrastructure
Answer: C
Explanation:
Section: Security Operations
NEW QUESTION 506
- (Exam Topic 13)
When developing solutions for mobile devices, in which phase of the Software Development Life Cycle (SDLC) should technical limitations related to devices be
specified?
A. Implementation
B. Initiation
C. Review
D. Development
Answer: A
NEW QUESTION 510
- (Exam Topic 13)
What can happen when an Intrusion Detection System (IDS) is installed inside a firewall-protected internal network?
A. The IDS can detect failed administrator logon attempts from servers.
B. The IDS can increase the number of packets to analyze.
C. The firewall can increase the number of packets to analyze.
D. The firewall can detect failed administrator login attempts from servers
Your Partner of IT Exam visit - https://www.exambible.com
We recommend you to try the PREMIUM CISSP Dumps From Exambible
https://www.exambible.com/CISSP-exam/ (653 Q&As)
Answer: A
NEW QUESTION 513
- (Exam Topic 13)
Match the functional roles in an external audit to their responsibilities. Drag each role on the left to its corresponding responsibility on the right. Select and Place:
A. Mastered
B. Not Mastered
Answer: A
Explanation:
NEW QUESTION 514
- (Exam Topic 13)
In a change-controlled environment, which of the following is MOST likely to lead to unauthorized changes to production programs?
A. Modifying source code without approval
B. Promoting programs to production without approval
C. Developers checking out source code without approval
D. Developers using Rapid Application Development (RAD) methodologies without approval
Answer: B
NEW QUESTION 515
- (Exam Topic 13)
What is the second step in the identity and access provisioning lifecycle?
A. Provisioning
B. Review
C. Approval
D. Revocation
Answer: B
NEW QUESTION 519
- (Exam Topic 13)
Which of the following is MOST appropriate for protecting confidentially of data stored on a hard drive?
A. Triple Data Encryption Standard (3DES)
B. Advanced Encryption Standard (AES)
Your Partner of IT Exam visit - https://www.exambible.com
We recommend you to try the PREMIUM CISSP Dumps From Exambible
https://www.exambible.com/CISSP-exam/ (653 Q&As)
C. Message Digest 5 (MD5)
D. Secure Hash Algorithm 2(SHA-2)
Answer: B
NEW QUESTION 520
- (Exam Topic 13)
What is the expected outcome of security awareness in support of a security awareness program?
A. Awareness activities should be used to focus on security concerns and respond to those concerns accordingly
B. Awareness is not an activity or part of the training but rather a state of persistence to support the program
C. Awareness is trainin
D. The purpose of awareness presentations is to broaden attention of security.
E. Awareness is not trainin
F. The purpose of awareness presentation is simply to focus attention on security.
Answer: C
NEW QUESTION 522
- (Exam Topic 13)
An Information Technology (IT) professional attends a cybersecurity seminar on current incident response methodologies.
What code of ethics canon is being observed?
A. Provide diligent and competent service to principals
B. Protect society, the commonwealth, and the infrastructure
C. Advance and protect the profession
D. Act honorable, honesty, justly, responsibly, and legally
Answer: C
Explanation:
Section: Security Operations
NEW QUESTION 527
- (Exam Topic 13)
Which of the following MUST be scalable to address security concerns raised by the integration of third-party identity services?
A. Mandatory Access Controls (MAC)
B. Enterprise security architecture
C. Enterprise security procedures
D. Role Based Access Controls (RBAC)
Answer: D
NEW QUESTION 531
- (Exam Topic 13)
When developing a business case for updating a security program, the security program owner MUST do
which of the following?
A. Identify relevant metrics
B. Prepare performance test reports
C. Obtain resources for the security program
D. Interview executive management
Answer: A
NEW QUESTION 534
- (Exam Topic 13)
Digital certificates used in Transport Layer Security (TLS) support which of the following?
A. Information input validation
B. Non-repudiation controls and data encryption
C. Multi-Factor Authentication (MFA)
D. Server identity and data confidentially
Answer: D
NEW QUESTION 537
- (Exam Topic 13)
A chemical plan wants to upgrade the Industrial Control System (ICS) to transmit data using Ethernet instead of RS422. The project manager wants to simplify
administration and maintenance by utilizing the office network infrastructure and staff to implement this upgrade.
Which of the following is the GREATEST impact on security for the network?
A. The network administrators have no knowledge of ICS
B. The ICS is now accessible from the office network
C. The ICS does not support the office password policy
D. RS422 is more reliable than Ethernet
Your Partner of IT Exam visit - https://www.exambible.com
We recommend you to try the PREMIUM CISSP Dumps From Exambible
https://www.exambible.com/CISSP-exam/ (653 Q&As)
Answer: B
NEW QUESTION 540
- (Exam Topic 13)
Which of the following is a responsibility of a data steward?
A. Ensure alignment of the data governance effort to the organization.
B. Conduct data governance interviews with the organization.
C. Document data governance requirements.
D. Ensure that data decisions and impacts are communicated to the organization.
Answer: A
NEW QUESTION 541
- (Exam Topic 13)
What does a Synchronous (SYN) flood attack do?
A. Forces Transmission Control Protocol /Internet Protocol (TCP/IP) connections into a reset state
B. Establishes many new Transmission Control Protocol / Internet Protocol (TCP/IP) connections
C. Empties the queue of pending Transmission Control Protocol /Internet Protocol (TCP/IP) requests
D. Exceeds the limits for new Transmission Control Protocol /Internet Protocol (TCP/IP) connections
Answer: B
NEW QUESTION 544
- (Exam Topic 13)
An organization has discovered that users are visiting unauthorized websites using anonymous proxies. Which of the following is the BEST way to prevent future
occurrences?
A. Remove the anonymity from the proxy
B. Analyze Internet Protocol (IP) traffic for proxy requests
C. Disable the proxy server on the firewall
D. Block the Internet Protocol (IP) address of known anonymous proxies
Answer: C
NEW QUESTION 549
- (Exam Topic 13)
Which of the BEST internationally recognized standard for evaluating security products and systems?
A. Payment Card Industry Data Security Standards (PCI-DSS)
B. Common Criteria (CC)
C. Health Insurance Portability and Accountability Act (HIPAA)
D. Sarbanes-Oxley (SOX)
Answer: B
NEW QUESTION 550
- (Exam Topic 13)
Extensible Authentication Protocol-Message Digest 5 (EAP-MD5) only provides which of the following?
A. Mutual authentication
B. Server authentication
C. User authentication
D. Streaming ciphertext data
Answer: C
NEW QUESTION 553
- (Exam Topic 13)
As part of an application penetration testing process, session hijacking can BEST be achieved by which of the following?
A. Known-plaintext attack
B. Denial of Service (DoS)
C. Cookie manipulation
D. Structured Query Language (SQL) injection
Answer: D
Explanation:
Section: Security Assessment and Testing
NEW QUESTION 555
- (Exam Topic 13)
Who would be the BEST person to approve an organizations information security policy?
Your Partner of IT Exam visit - https://www.exambible.com
We recommend you to try the PREMIUM CISSP Dumps From Exambible
https://www.exambible.com/CISSP-exam/ (653 Q&As)
A. Chief Information Officer (CIO)
B. Chief Information Security Officer (CISO)
C. Chief internal auditor
D. Chief Executive Officer (CEO)
Answer: B
Explanation:
Section: Security Operations
NEW QUESTION 557
- (Exam Topic 13)
Which of the following would BEST support effective testing of patch compatibility when patches are applied to an organization’s systems?
A. Standardized configurations for devices
B. Standardized patch testing equipment
C. Automated system patching
D. Management support for patching
Answer: A
Explanation:
Section: Security Assessment and Testing
NEW QUESTION 562
- (Exam Topic 13)
The MAIN use of Layer 2 Tunneling Protocol (L2TP) is to tunnel data
A. through a firewall at the Session layer
B. through a firewall at the Transport layer
C. in the Point-to-Point Protocol (PPP)
D. in the Payload Compression Protocol (PCP)
Answer: C
NEW QUESTION 567
- (Exam Topic 13)
Which of the following techniques is known to be effective in spotting resource exhaustion problems, especially with resources such as processes, memory, and
connections?
A. Automated dynamic analysis
B. Automated static analysis
C. Manual code review
D. Fuzzing
Answer: A
NEW QUESTION 571
......
Your Partner of IT Exam visit - https://www.exambible.com
We recommend you to try the PREMIUM CISSP Dumps From Exambible
https://www.exambible.com/CISSP-exam/ (653 Q&As)
Relate Links
100% Pass Your CISSP Exam with Exambible Prep Materials
https://www.exambible.com/CISSP-exam/
Contact us
We are proud of our high-quality customer service, which serves you around the clock 24/7.
Viste - https://www.exambible.com/
Your Partner of IT Exam visit - https://www.exambible.com
Powered by TCPDF (www.tcpdf.org)
You might also like
- Hulu Content Protection Technologies and ProcessesNo ratings yetHulu Content Protection Technologies and Processes5 pages
- A Research Paper For Data Privacy PAHUNANG FINALNo ratings yetA Research Paper For Data Privacy PAHUNANG FINAL9 pages
- CISSP Exam Practice Questions Help You PassNo ratings yetCISSP Exam Practice Questions Help You Pass46 pages
- EC|Council Disaster Recovery Professional Exam Practice Questions and Dumps Exam Guidebook and Updated Questions for DRPFrom EverandEC|Council Disaster Recovery Professional Exam Practice Questions and Dumps Exam Guidebook and Updated Questions for DRPNo ratings yet
- JrqpOQnGQD2xE6jIJAZV - 2024 CISSP Mentor Program - Class 5No ratings yetJrqpOQnGQD2xE6jIJAZV - 2024 CISSP Mentor Program - Class 5123 pages
- Session 1 - 2024 FRSecure CISSP Mentor ProgramNo ratings yetSession 1 - 2024 FRSecure CISSP Mentor Program166 pages
- Session 2 - 2024 FRSecure CISSP Mentor ProgramNo ratings yetSession 2 - 2024 FRSecure CISSP Mentor Program117 pages
- R18CSE4101 Cryptography Network SecurityNo ratings yetR18CSE4101 Cryptography Network Security184 pages
- The Study On Resolutions of STRIDE Threat ModelNo ratings yetThe Study On Resolutions of STRIDE Threat Model3 pages
- XFug7KtBSUK36ZEStp0L - 2024 FRSecure CISSP Mentor Program - Class NineNo ratings yetXFug7KtBSUK36ZEStp0L - 2024 FRSecure CISSP Mentor Program - Class Nine208 pages
- Security Guidance For Critical Areas of Focus in Cloud Computing v5 Release PresentationNo ratings yetSecurity Guidance For Critical Areas of Focus in Cloud Computing v5 Release Presentation51 pages
- Risk Assessment Quantitative Approach Core CISSP Concept 1734881257No ratings yetRisk Assessment Quantitative Approach Core CISSP Concept 173488125730 pages
- 0YgDVEpBQwy46ztPbVIB - 2024 FRSecure CISSP Mentor Program - Class 7 Domain 4 Pt2No ratings yet0YgDVEpBQwy46ztPbVIB - 2024 FRSecure CISSP Mentor Program - Class 7 Domain 4 Pt2128 pages
- DwHtW27bTPaulm4pK2cG - 2024 FRSecure CISSP Mentor Program - Class 4 Pt. 2No ratings yetDwHtW27bTPaulm4pK2cG - 2024 FRSecure CISSP Mentor Program - Class 4 Pt. 288 pages
- Qgif9PcRuHJHQtVLvEAA - 2024 FRSecure CISSP Mentor Program - Class 12No ratings yetQgif9PcRuHJHQtVLvEAA - 2024 FRSecure CISSP Mentor Program - Class 12112 pages
- Security Operations Center A Framework For AutomatNo ratings yetSecurity Operations Center A Framework For Automat16 pages
- Domain 01 - Information Security Governance & Risk ManagementNo ratings yetDomain 01 - Information Security Governance & Risk Management75 pages
- Session 3 - 2024 FRSecure CISSP Mentor ProgramNo ratings yetSession 3 - 2024 FRSecure CISSP Mentor Program152 pages
- Top 50 Cybersecurity Interview Questions and Answers - 2021No ratings yetTop 50 Cybersecurity Interview Questions and Answers - 20219 pages
- Ch6: PT Activity 4 - Device Hardening: Objective100% (1)Ch6: PT Activity 4 - Device Hardening: Objective4 pages
- Sourcefire Next-Generation IPS (NGIPS) White PaperNo ratings yetSourcefire Next-Generation IPS (NGIPS) White Paper10 pages
- Gghy5tyRkiJWps2QB2xQ - 2024 FRSecure CISSP Mentor Program - Class 10No ratings yetGghy5tyRkiJWps2QB2xQ - 2024 FRSecure CISSP Mentor Program - Class 10146 pages
- ENCOR - Chapter - 2 - Spanning Tree - 2025No ratings yetENCOR - Chapter - 2 - Spanning Tree - 202518 pages
- 2023+CISSP+Domain+3+Study+Guide+by+ThorTeaches Com+v3 1No ratings yet2023+CISSP+Domain+3+Study+Guide+by+ThorTeaches Com+v3 167 pages
- 18CSC364J - Information Security MCQ UNIT 4No ratings yet18CSC364J - Information Security MCQ UNIT 45 pages
- The Ips Makeover: Intrusion-Prevention SystemsNo ratings yetThe Ips Makeover: Intrusion-Prevention Systems7 pages
- Isc2 Cissp 1 16 1 Security and Risk Management Key PointsNo ratings yetIsc2 Cissp 1 16 1 Security and Risk Management Key Points3 pages
- HITB AMS 2017 Blue Picking - Hacking Bluetooth Smart Locks PDFNo ratings yetHITB AMS 2017 Blue Picking - Hacking Bluetooth Smart Locks PDF228 pages
- Discovering Computers Essentials 2018 Digital Technology Data and Devices 1st Edition Vermaat Test Bank Download100% (21)Discovering Computers Essentials 2018 Digital Technology Data and Devices 1st Edition Vermaat Test Bank Download23 pages
- McAfee Complete Data Protection AdvancedNo ratings yetMcAfee Complete Data Protection Advanced4 pages
- T-11 Capstone Project Report: Group No: B43 Project Guide: Prof. Vinayak Musale Group Members SR No Name PRN NoNo ratings yetT-11 Capstone Project Report: Group No: B43 Project Guide: Prof. Vinayak Musale Group Members SR No Name PRN No16 pages
- Wireless Data Transmission Between Pc's Using Zigbee TechnologyNo ratings yetWireless Data Transmission Between Pc's Using Zigbee Technology2 pages
- How To Retrieve Data From An Encrypted SD Card After Android Factory Reset - PDFNo ratings yetHow To Retrieve Data From An Encrypted SD Card After Android Factory Reset - PDF7 pages
- Data Security and Privacy in The Internet-of-ThingsNo ratings yetData Security and Privacy in The Internet-of-Things27 pages
- Chapter 11: Computer Security, Ethics and Privacy100% (1)Chapter 11: Computer Security, Ethics and Privacy27 pages
- Securing Underwatre Wireless Communication Networks75% (4)Securing Underwatre Wireless Communication Networks33 pages
- PROJECT Crime Management Information SystemsNo ratings yetPROJECT Crime Management Information Systems38 pages
- Chapter-1: Finger Print Based Security System Using IOTNo ratings yetChapter-1: Finger Print Based Security System Using IOT19 pages
- Digital Watermarking Systemfor Copyright Protectionand Authenticationof Images Using Cryptographic TechniquesNo ratings yetDigital Watermarking Systemfor Copyright Protectionand Authenticationof Images Using Cryptographic Techniques14 pages
