March Special Limited Time 60% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: 2493360325

Good News !!! CISSP Certified Information Systems Security Professional (CISSP) is now Stable and With Pass Result

CISSP Practice Exam Questions and Answers

Certified Information Systems Security Professional (CISSP)

Last Update 2 days ago
Total Questions : 1487

CISSP is stable now with all latest exam questions are added 2 days ago. Just download our Full package and start your journey with ISC Certified Information Systems Security Professional (CISSP) certification. All these ISC CISSP practice exam questions are real and verified by our Experts in the related industry fields.

CISSP PDF

CISSP PDF (Printable)
$159.6
$399

CISSP Testing Engine

CISSP PDF (Printable)
$179.6
$449

CISSP PDF + Testing Engine

CISSP PDF (Printable)
$239.6
$599
Question # 1

A company whose Information Technology (IT) services are being delivered from a Tier 4 data center, is preparing a companywide Business Continuity Planning (BCP). Which of the following failures should the IT manager be concerned with?

Options:

A.  

Application

B.  

Storage

C.  

Power

D.  

Network

Discussion 0
Question # 2

Which of the following represents the GREATEST risk to data confidentiality?

Options:

A.  

Network redundancies are not implemented

B.  

Security awareness training is not completed

C.  

Backup tapes are generated unencrypted

D.  

Users have administrative privileges

Discussion 0
Question # 3

When assessing an organization’s security policy according to standards established by the International Organization for Standardization (ISO) 27001 and 27002, when can management responsibilities be defined?

Options:

A.  

Only when assets are clearly defined

B.  

Only when standards are defined

C.  

Only when controls are put in place

D.  

Only procedures are defined

Discussion 0
Question # 4

Intellectual property rights are PRIMARY concerned with which of the following?

Options:

A.  

Owner’s ability to realize financial gain

B.  

Owner’s ability to maintain copyright

C.  

Right of the owner to enjoy their creation

D.  

Right of the owner to control delivery method

Discussion 0
Question # 5

An important principle of defense in depth is that achieving information security requires a balanced focus on which PRIMARY elements?

Options:

A.  

Development, testing, and deployment

B.  

Prevention, detection, and remediation

C.  

People, technology, and operations

D.  

Certification, accreditation, and monitoring

Discussion 0
Question # 6

Which of the following types of technologies would be the MOST cost-effective method to provide a reactive control for protecting personnel in public areas?

Options:

A.  

Install mantraps at the building entrances

B.  

Enclose the personnel entry area with polycarbonate plastic

C.  

Supply a duress alarm for personnel exposed to the public

D.  

Hire a guard to protect the public area

Discussion 0
Question # 7

Which of the following is the MOST common method of memory protection?

Options:

A.  

Compartmentalization

B.  

Segmentation

C.  

Error correction

D.  

Virtual Local Area Network (VLAN) tagging

Discussion 0
Question # 8

Which of the following is a direct monetary cost of a security incident?

Options:

A.  

Morale

B.  

Reputation

C.  

Equipment

D.  

Information

Discussion 0
Question # 9

An organization has discovered that users are visiting unauthorized websites using anonymous proxies.

Which of the following is the BEST way to prevent future occurrences?

Options:

A.  

Remove the anonymity from the proxy

B.  

Analyze Internet Protocol (IP) traffic for proxy requests

C.  

Disable the proxy server on the firewall

D.  

Block the Internet Protocol (IP) address of known anonymous proxies

Discussion 0
Question # 10

Which of the following could be considered the MOST significant security challenge when adopting DevOps practices compared to a more traditional control framework?

Options:

A.  

Achieving Service Level Agreements (SLA) on how quickly patches will be released when a security flaw is found.

B.  

Maintaining segregation of duties.

C.  

Standardized configurations for logging, alerting, and security metrics.

D.  

Availability of security teams at the end of design process to perform last-minute manual audits and

reviews.

Discussion 0
Question # 11

An Information Technology (IT) professional attends a cybersecurity seminar on current incident response methodologies.

What code of ethics canon is being observed?

Options:

A.  

Provide diligent and competent service to principals

B.  

Protect society, the commonwealth, and the infrastructure

C.  

Advance and protect the profession

D.  

Act honorable, honesty, justly, responsibly, and legally

Discussion 0
Question # 12

What is the PRIMARY role of a scrum master in agile development?

Options:

A.  

To choose the primary development language

B.  

To choose the integrated development environment

C.  

To match the software requirements to the delivery plan

D.  

To project manage the software delivery

Discussion 0
Question # 13

Match the name of access control model with its associated restriction.

Drag each access control model to its appropriate restriction access on the right.

Question # 13

Options:

Discussion 0
Question # 14

What is the MAIN goal of information security awareness and training?

Options:

A.  

To inform users of the latest malware threats

B.  

To inform users of information assurance responsibilities

C.  

To comply with the organization information security policy

D.  

To prepare students for certification

Discussion 0
Question # 15

What MUST each information owner do when a system contains data from multiple information owners?

Options:

A.  

Provide input to the Information System (IS) owner regarding the security requirements of the data

B.  

Review the Security Assessment report (SAR) for the Information System (IS) and authorize the IS to

operate.

C.  

Develop and maintain the System Security Plan (SSP) for the Information System (IS) containing the data

D.  

Move the data to an Information System (IS) that does not contain data owned by other information

owners

Discussion 0
Question # 16

Which of the following MUST be in place to recognize a system attack?

Options:

A.  

Stateful firewall

B.  

Distributed antivirus

C.  

Log analysis

D.  

Passive honeypot

Discussion 0
Question # 17

A Security Operations Center (SOC) receives an incident response notification on a server with an active

intruder who has planted a backdoor. Initial notifications are sent and communications are established.

What MUST be considered or evaluated before performing the next step?

Options:

A.  

Notifying law enforcement is crucial before hashing the contents of the server hard drive

B.  

Identifying who executed the incident is more important than how the incident happened

C.  

Removing the server from the network may prevent catching the intruder

D.  

Copying the contents of the hard drive to another storage device may damage the evidence

Discussion 0
Question # 18

Which of the following is a common feature of an Identity as a Service (IDaaS) solution?

Options:

A.  

Single Sign-On (SSO) authentication support

B.  

Privileged user authentication support

C.  

Password reset service support

D.  

Terminal Access Controller Access Control System (TACACS) authentication support

Discussion 0
Question # 19

Which of the following steps should be performed FIRST when purchasing Commercial Off-The-Shelf (COTS) software?

Options:

A.  

undergo a security assessment as part of authorization process

B.  

establish a risk management strategy

C.  

harden the hosting server, and perform hosting and application vulnerability scans

D.  

establish policies and procedures on system and services acquisition

Discussion 0
Question # 20

Which of the following is MOST appropriate for protecting confidentially of data stored on a hard drive?

Options:

A.  

Triple Data Encryption Standard (3DES)

B.  

Advanced Encryption Standard (AES)

C.  

Message Digest 5 (MD5)

D.  

Secure Hash Algorithm 2(SHA-2)

Discussion 0
Question # 21

What is the MOST significant benefit of an application upgrade that replaces randomly generated session keys with certificate based encryption for communications with backend servers?

Options:

A.  

Non-repudiation

B.  

Efficiency

C.  

Confidentially

D.  

Privacy

Discussion 0
Question # 22

If an attacker in a SYN flood attack uses someone else's valid host address as the source address, the system under attack will send a large number of Synchronize/Acknowledge (SYN/ACK) packets to the

Options:

A.  

default gateway.

B.  

attacker's address.

C.  

local interface being attacked.

D.  

specified source address.

Discussion 0
Question # 23

Refer to the information below to answer the question.

A large organization uses unique identifiers and requires them at the start of every system session. Application access is based on job classification. The organization is subject to periodic independent reviews of access controls and violations. The organization uses wired and wireless networks and remote access. The organization also uses secure connections to branch offices and secure backup and recovery strategies for selected information and processes.

Which of the following BEST describes the access control methodology used?

Options:

A.  

Least privilege

B.  

Lattice Based Access Control (LBAC)

C.  

Role Based Access Control (RBAC)

D.  

Lightweight Directory Access Control (LDAP)

Discussion 0
Question # 24

Refer to the information below to answer the question.

An organization has hired an information security officer to lead their security department. The officer has adequate people resources but is lacking the other necessary components to have an effective security program. There are numerous initiatives requiring security involvement.

The effectiveness of the security program can PRIMARILY be measured through

Options:

A.  

audit findings.

B.  

risk elimination.

C.  

audit requirements.

D.  

customer satisfaction.

Discussion 0
Question # 25

The use of private and public encryption keys is fundamental in the implementation of which of the following?

Options:

A.  

Diffie-Hellman algorithm

B.  

Secure Sockets Layer (SSL)

C.  

Advanced Encryption Standard (AES)

D.  

Message Digest 5 (MD5)

Discussion 0
Question # 26

Which security service is served by the process of encryption plaintext with the sender’s private key and decrypting cipher text with the sender’s public key?

Options:

A.  

Confidentiality

B.  

Integrity

C.  

Identification

D.  

Availability

Discussion 0
Question # 27

Which technique can be used to make an encryption scheme more resistant to a known plaintext attack?

Options:

A.  

Hashing the data before encryption

B.  

Hashing the data after encryption

C.  

Compressing the data after encryption

D.  

Compressing the data before encryption

Discussion 0
Question # 28

Which of the following is an effective control in preventing electronic cloning of Radio Frequency Identification (RFID) based access cards?

Options:

A.  

Personal Identity Verification (PIV)

B.  

Cardholder Unique Identifier (CHUID) authentication

C.  

Physical Access Control System (PACS) repeated attempt detection

D.  

Asymmetric Card Authentication Key (CAK) challenge-response

Discussion 0
Question # 29

In a data classification scheme, the data is owned by the

Options:

A.  

system security managers

B.  

business managers

C.  

Information Technology (IT) managers

D.  

end users

Discussion 0
Question # 30

Which one of the following affects the classification of data?

Options:

A.  

Assigned security label

B.  

Multilevel Security (MLS) architecture

C.  

Minimum query size

D.  

Passage of time

Discussion 0
Question # 31

An organization has doubled in size due to a rapid market share increase. The size of the Information Technology (IT) staff has maintained pace with this growth. The organization hires several contractors whose onsite time is limited. The IT department has pushed its limits building servers and rolling out workstations and has a backlog of account management requests.

Which contract is BEST in offloading the task from the IT staff?

Options:

A.  

Platform as a Service (PaaS)

B.  

Identity as a Service (IDaaS)

C.  

Desktop as a Service (DaaS)

D.  

Software as a Service (SaaS)

Discussion 0
Question # 32

Which of the following is MOST important when assigning ownership of an asset to a department?

Options:

A.  

The department should report to the business owner

B.  

Ownership of the asset should be periodically reviewed

C.  

Individual accountability should be ensured

D.  

All members should be trained on their responsibilities

Discussion 0
Question # 33

Which of the following BEST describes the responsibilities of a data owner?

Options:

A.  

Ensuring quality and validation through periodic audits for ongoing data integrity

B.  

Maintaining fundamental data availability, including data storage and archiving

C.  

Ensuring accessibility to appropriate users, maintaining appropriate levels of data security

D.  

Determining the impact the information has on the mission of the organization

Discussion 0
Question # 34

When implementing a data classification program, why is it important to avoid too much granularity?

Options:

A.  

The process will require too many resources

B.  

It will be difficult to apply to both hardware and software

C.  

It will be difficult to assign ownership to the data

D.  

The process will be perceived as having value

Discussion 0
Question # 35

Which of the following is an initial consideration when developing an information security management system?

Options:

A.  

Identify the contractual security obligations that apply to the organizations

B.  

Understand the value of the information assets

C.  

Identify the level of residual risk that is tolerable to management

D.  

Identify relevant legislative and regulatory compliance requirements

Discussion 0
Question # 36

A software security engineer is developing a black box-based test plan that will measure the system's reaction to incorrect or illegal inputs or unexpected operational errors and situations. Match the functional testing techniques on the left with the correct input parameters on the right.

Question # 36

Options:

Discussion 0
Question # 37

What is the MOST efficient way to secure a production program and its data?

Options:

A.  

Disable default accounts and implement access control lists (ACL)

B.  

Harden the application and encrypt the data

C.  

Disable unused services and implement tunneling

D.  

Harden the servers and backup the data

Discussion 0
Question # 38

The 802.1x standard provides a framework for what?

Options:

A.  

Network authentication for only wireless networks

B.  

Network authentication for wired and wireless networks

C.  

Wireless encryption using the Advanced Encryption Standard (AES)

D.  

Wireless network encryption using Secure Sockets Layer (SSL)

Discussion 0
Question # 39

Which of the following command line tools can be used in the reconnaisance phase of a network vulnerability assessment?

Options:

A.  

dig

B.  

ifconfig

C.  

ipconfig

D.  

nbtstat

Discussion 0
Question # 40

In which order, from MOST to LEAST impacted, does user awareness training reduce the occurrence of the events below?

Question # 40

Options:

Discussion 0
Question # 41

Which of the following is the BEST approach to take in order to effectively incorporate the concepts of business continuity into the organization?

Options:

A.  

Ensure end users are aware of the planning activities

B.  

Validate all regulatory requirements are known and fully documented

C.  

Develop training and awareness programs that involve all stakeholders

D.  

Ensure plans do not violate the organization's cultural objectives and goals

Discussion 0
Question # 42

Which of the following is most helpful in applying the principle of LEAST privilege?

Options:

A.  

Establishing a sandboxing environment

B.  

Setting up a Virtual Private Network (VPN) tunnel

C.  

Monitoring and reviewing privileged sessions

D.  

Introducing a job rotation program

Discussion 0
Question # 43

Which of the following is of GREATEST assistance to auditors when reviewing system configurations?

Options:

A.  

Change management processes

B.  

User administration procedures

C.  

Operating System (OS) baselines

D.  

System backup documentation

Discussion 0
Question # 44

A Virtual Machine (VM) environment has five guest Operating Systems (OS) and provides strong isolation. What MUST an administrator review to audit a user’s access to data files?

Options:

A.  

Host VM monitor audit logs

B.  

Guest OS access controls

C.  

Host VM access controls

D.  

Guest OS audit logs

Discussion 0
Question # 45

Which of the following is a PRIMARY benefit of using a formalized security testing report format and structure?

Options:

A.  

Executive audiences will understand the outcomes of testing and most appropriate next steps for corrective actions to be taken

B.  

Technical teams will understand the testing objectives, testing strategies applied, and business risk associated with each vulnerability

C.  

Management teams will understand the testing objectives and reputational risk to the organization

D.  

Technical and management teams will better understand the testing objectives, results of each test phase, and potential impact levels

Discussion 0
Question # 46

In which of the following programs is it MOST important to include the collection of security process data?

Options:

A.  

Quarterly access reviews

B.  

Security continuous monitoring

C.  

Business continuity testing

D.  

Annual security training

Discussion 0
Question # 47

Which of the following could cause a Denial of Service (DoS) against an authentication system?

Options:

A.  

Encryption of audit logs

B.  

No archiving of audit logs

C.  

Hashing of audit logs

D.  

Remote access audit logs

Discussion 0
Question # 48

At what level of the Open System Interconnection (OSI) model is data at rest on a Storage Area Network (SAN) located?

Options:

A.  

Link layer

B.  

Physical layer

C.  

Session layer

D.  

Application layer

Discussion 0
Question # 49

Which of the following is used by the Point-to-Point Protocol (PPP) to determine packet formats?

Options:

A.  

Layer 2 Tunneling Protocol (L2TP)

B.  

Link Control Protocol (LCP)

C.  

Challenge Handshake Authentication Protocol (CHAP)

D.  

Packet Transfer Protocol (PTP)

Discussion 0
Question # 50

An input validation and exception handling vulnerability has been discovered on a critical web-based system. Which of the following is MOST suited to quickly implement a control?

Options:

A.  

Add a new rule to the application layer firewall

B.  

Block access to the service

C.  

Install an Intrusion Detection System (IDS)

D.  

Patch the application source code

Discussion 0
Question # 51

Which of the following operates at the Network Layer of the Open System Interconnection (OSI) model?

Options:

A.  

Packet filtering

B.  

Port services filtering

C.  

Content filtering

D.  

Application access control

Discussion 0
Question # 52

In a Transmission Control Protocol/Internet Protocol (TCP/IP) stack, which layer is responsible for negotiating and establishing a connection with another node?

Options:

A.  

Transport layer

B.  

Application layer

C.  

Network layer

D.  

Session layer

Discussion 0
Question # 53

What is the purpose of an Internet Protocol (IP) spoofing attack?

Options:

A.  

To send excessive amounts of data to a process, making it unpredictable

B.  

To intercept network traffic without authorization

C.  

To disguise the destination address from a target’s IP filtering devices

D.  

To convince a system that it is communicating with a known entity

Discussion 0
Question # 54

An external attacker has compromised an organization’s network security perimeter and installed a sniffer onto an inside computer. Which of the following is the MOST effective layer of security the organization could have implemented to mitigate the attacker’s ability to gain further information?

Options:

A.  

Implement packet filtering on the network firewalls

B.  

Install Host Based Intrusion Detection Systems (HIDS)

C.  

Require strong authentication for administrators

D.  

Implement logical network segmentation at the switches

Discussion 0
Question # 55

Which of the following is the BEST network defense against unknown types of attacks or stealth attacks in progress?

Options:

A.  

Intrusion Prevention Systems (IPS)

B.  

Intrusion Detection Systems (IDS)

C.  

Stateful firewalls

D.  

Network Behavior Analysis (NBA) tools

Discussion 0
Question # 56

Which of the following factors contributes to the weakness of Wired Equivalent Privacy (WEP) protocol?

Options:

A.  

WEP uses a small range Initialization Vector (IV)

B.  

WEP uses Message Digest 5 (MD5)

C.  

WEP uses Diffie-Hellman

D.  

WEP does not use any Initialization Vector (IV)

Discussion 0
Question # 57

When in the Software Development Life Cycle (SDLC) MUST software security functional requirements be defined?

Options:

A.  

After the system preliminary design has been developed and the data security categorization has been performed

B.  

After the vulnerability analysis has been performed and before the system detailed design begins

C.  

After the system preliminary design has been developed and before the data security categorization begins

D.  

After the business functional analysis and the data security categorization have been performed

Discussion 0
Question # 58

In general, servers that are facing the Internet should be placed in a demilitarized zone (DMZ). What is MAIN purpose of the DMZ?

Options:

A.  

Reduced risk to internal systems.

B.  

Prepare the server for potential attacks.

C.  

Mitigate the risk associated with the exposed server.

D.  

Bypass the need for a firewall.

Discussion 0
Question # 59

Which type of security testing is being performed when an ethical hacker has no knowledge about the target system but the testing target is notified before the test?

Options:

A.  

Reversal

B.  

Gray box

C.  

Blind

D.  

White box

Discussion 0
Question # 60

Although code using a specific program language may not be susceptible to a buffer overflow attack,

Options:

A.  

most calls to plug-in programs are susceptible.

B.  

most supporting application code is susceptible.

C.  

the graphical images used by the application could be susceptible.

D.  

the supporting virtual machine could be susceptible.

Discussion 0
Question # 61

Which of the following BEST represents the concept of least privilege?

Options:

A.  

Access to an object is denied unless access is specifically allowed.

B.  

Access to an object is only available to the owner.

C.  

Access to an object is allowed unless it is protected by the information security policy.

D.  

Access to an object is only allowed to authenticated users via an Access Control List (ACL).

Discussion 0
Question # 62

In which identity management process is the subject’s identity established?

Options:

A.  

Trust

B.  

Provisioning

C.  

Authorization

D.  

Enrollment

Discussion 0
Question # 63

When evaluating third-party applications, which of the following is the GREATEST responsibility of Information Security?

Options:

A.  

Accept the risk on behalf of the organization.

B.  

Report findings to the business to determine security gaps.

C.  

Quantify the risk to the business for product selection.

D.  

Approve the application that best meets security requirements.

Discussion 0
Question # 64

Which of the following restricts the ability of an individual to carry out all the steps of a particular process?

Options:

A.  

Job rotation

B.  

Separation of duties

C.  

Least privilege

D.  

Mandatory vacations

Discussion 0
Question # 65

Which of the following would BEST describe the role directly responsible for data within an organization?

Options:

A.  

Data custodian

B.  

Information owner

C.  

Database administrator

D.  

Quality control

Discussion 0
Question # 66

What operations role is responsible for protecting the enterprise from corrupt or contaminated media?

Options:

A.  

Information security practitioner

B.  

Information librarian

C.  

Computer operator

D.  

Network administrator

Discussion 0
Question # 67

What is the difference between media marking and media labeling?

Options:

A.  

Media marking refers to the use of human-readable security attributes, while media labeling refers to the use of security attributes in internal data structures.

B.  

Media labeling refers to the use of human-readable security attributes, while media marking refers to the use of security attributes in internal data structures.

C.  

Media labeling refers to security attributes required by public policy/law, while media marking refers to security required by internal organizational policy.

D.  

Media marking refers to security attributes required by public policy/law, while media labeling refers to security attributes required by internal organizational policy.

Discussion 0
Question # 68

When writing security assessment procedures, what is the MAIN purpose of the test outputs and reports?

Options:

A.  

To force the software to fail and document the process

B.  

To find areas of compromise in confidentiality and integrity

C.  

To allow for objective pass or fail decisions

D.  

To identify malware or hidden code within the test results

Discussion 0
Question # 69

Which of the following is a remote access protocol that uses a static authentication?

Options:

A.  

Point-to-Point Tunneling Protocol (PPTP)

B.  

Routing Information Protocol (RIP)

C.  

Password Authentication Protocol (PAP)

D.  

Challenge Handshake Authentication Protocol (CHAP)

Discussion 0
Question # 70

Which of the following media sanitization techniques is MOST likely to be effective for an organization using public cloud services?

Options:

A.  

Low-level formatting

B.  

Secure-grade overwrite erasure

C.  

Cryptographic erasure

D.  

Drive degaussing

Discussion 0
Question # 71

Which of the following is the MOST important goal of information asset valuation?

Options:

A.  

Developing a consistent and uniform method of controlling access on information assets

B.  

Developing appropriate access control policies and guidelines

C.  

Assigning a financial value to an organization’s information assets

D.  

Determining the appropriate level of protection

Discussion 0
Question # 72

A proxy firewall operates at what layer of the Open System Interconnection (OSI) model?

Options:

A.  

Transport

B.  

Data link

C.  

Network

D.  

Application

Discussion 0
Question # 73

What access control scheme uses fine-grained rules to specify the conditions under which access to each data item or applications is granted?

Options:

A.  

Mandatory Access Control (MAC)

B.  

Discretionary Access Control (DAC)

C.  

Role Based Access Control (RBAC)

D.  

Attribute Based Access Control (ABAC)

Discussion 0
Question # 74

Physical assets defined in an organization’s Business Impact Analysis (BIA) could include which of the following?

Options:

A.  

Personal belongings of organizational staff members

B.  

Supplies kept off-site at a remote facility

C.  

Cloud-based applications

D.  

Disaster Recovery (DR) line-item revenues

Discussion 0
Question # 75

An organization that has achieved a Capability Maturity model Integration (CMMI) level of 4 has done which of the following?

Options:

A.  

Addressed continuous innovative process improvement

B.  

Addressed the causes of common process variance

C.  

Achieved optimized process performance

D.  

Achieved predictable process performance

Discussion 0
Question # 76

A security architect is responsible for the protection of a new home banking system. Which of the following solutions can BEST improve the confidentiality and integrity of this external system?

Options:

A.  

Intrusion Prevention System (IPS)

B.  

Denial of Service (DoS) protection solution

C.  

One-time Password (OTP) token

D.  

Web Application Firewall (WAF)

Discussion 0
Question # 77

Which of the following technologies would provide the BEST alternative to anti-malware software?

Options:

A.  

Host-based Intrusion Detection Systems (HIDS)

B.  

Application whitelisting

C.  

Host-based firewalls

D.  

Application sandboxing

Discussion 0
Question # 78

Which of the below strategies would MOST comprehensively address the risk of malicious insiders leaking sensitive information?

Options:

A.  

Data Loss Protection (DIP), firewalls, data classification

B.  

Least privilege access, Data Loss Protection (DLP), physical access controls

C.  

Staff vetting, least privilege access, Data Loss Protection (DLP)

D.  

Background checks, data encryption, web proxies

Discussion 0
Question # 79

When a system changes significantly, who is PRIMARILY responsible for assessing the security impact?

Options:

A.  

Chief Information Security Officer (CISO)

B.  

Information System Owner

C.  

Information System Security Officer (ISSO)

D.  

Authorizing Official

Discussion 0
Question # 80

Which area of embedded devices are most commonly attacked?

Options:

A.  

Application

B.  

Firmware

C.  

Protocol

D.  

Physical Interface

Discussion 0
Question # 81

A financial company has decided to move its main business application to the Cloud. The legal department objects, arguing that the move of the platform should comply with several regulatory obligations such as the General Data Protection (GDPR) and ensure data confidentiality. The Chief Information Security Officer (CISO) says that the cloud provider has met all regulations requirements and even provides its own encryption solution with internally-managed encryption keys to address data confidentiality. Did the CISO address all the legal requirements in this situation?

Options:

A.  

No, because the encryption solution is internal to the cloud provider.

B.  

Yes, because the cloud provider meets all regulations requirements.

C.  

Yes, because the cloud provider is GDPR compliant.

D.  

No, because the cloud provider is not certified to host government data.

Discussion 0
Question # 82

Who is essential for developing effective test scenarios for disaster recovery (DR) test plans?

Options:

A.  

Business line management and IT staff members

B.  

Chief Information Officer (CIO) and DR manager

C.  

DR manager end IT staff members

D.  

IT staff members and project managers

Discussion 0
Question # 83

A security professional should consider the protection of which of the following elements FIRST when developing a defense-in-depth strategy for a mobile workforce?

Options:

A.  

Network perimeters

B.  

Demilitarized Zones (DM2)

C.  

Databases and back-end servers

D.  

End-user devices

Discussion 0
Question # 84

An organization wants to enable uses to authenticate across multiple security domains. To accomplish this they have decided to use Federated Identity Management (F1M). Which of the following is used behind the scenes in a FIM deployment?

Options:

A.  

Standard Generalized Markup Language (SGML)

B.  

Extensible Markup Language (XML)

C.  

Security Assertion Markup Language (SAML)

D.  

Transaction Authority Markup Language (XAML)

Discussion 0
Question # 85

What is the MOST common component of a vulnerability management framework?

Options:

A.  

Risk analysis

B.  

Patch management

C.  

Threat analysis

D.  

Backup management

Discussion 0
Question # 86

What is a warn site when conducting Business continuity planning (BCP)

Options:

A.  

A location, other than the normal facility, used to process data on a daily basis

B.  

An area partially equipped with equipment and resources to recover business functions

C.  

A place void of any resources or equipment except air conditioning and raised flooring

D.  

An alternate facility that allows for Immediate cutover to enable continuation of business functions

Discussion 0
Question # 87

Which programming methodology allows a programmer to use pre-determined blocks of code end consequently reducing development time and programming costs?

Options:

A.  

Application security

B.  

Object oriented

C.  

Blocked algorithm

D.  

Assembly language

Discussion 0
Question # 88

Recovery strategies of a Disaster Recovery planning (DRIP) MUST be aligned with which of the following?

Options:

A.  

Hardware and software compatibility issues

B.  

Applications’ critically and downtime tolerance

C.  

Budget constraints and requirements

D.  

Cost/benefit analysis and business objectives

Discussion 0
Question # 89

With what frequency should monitoring of a control occur when implementing Information Security Continuous Monitoring (ISCM) solutions?

Options:

A.  

Continuously without exception for all security controls

B.  

Before and after each change of the control

C.  

At a rate concurrent with the volatility of the security control

D.  

Only during system implementation and decommissioning

Discussion 0
Question # 90

A continuous information security monitoring program can BEST reduce risk through which of the following?

Options:

A.  

Collecting security events and correlating them to identify anomalies

B.  

Facilitating system-wide visibility into the activities of critical user accounts

C.  

Encompassing people, process, and technology

D.  

Logging both scheduled and unscheduled system changes

Discussion 0
Question # 91

Which of the following types of business continuity tests includes assessment of resilience to internal and external risks without endangering live operations?

Options:

A.  

Walkthrough

B.  

Simulation

C.  

Parallel

D.  

White box

Discussion 0
Question # 92

A Business Continuity Plan/Disaster Recovery Plan (BCP/DRP) will provide which of the following?

Options:

A.  

Guaranteed recovery of all business functions

B.  

Minimization of the need decision making during a crisis

C.  

Insurance against litigation following a disaster

D.  

Protection from loss of organization resources

Discussion 0
Question # 93

What is the MOST important step during forensic analysis when trying to learn the purpose of an unknown application?

Options:

A.  

Disable all unnecessary services

B.  

Ensure chain of custody

C.  

Prepare another backup of the system

D.  

Isolate the system from the network

Discussion 0
Question # 94

What would be the MOST cost effective solution for a Disaster Recovery (DR) site given that the organization’s systems cannot be unavailable for more than 24 hours?

Options:

A.  

Warm site

B.  

Hot site

C.  

Mirror site

D.  

Cold site

Discussion 0
Question # 95

What is the PRIMARY reason for implementing change management?

Options:

A.  

Certify and approve releases to the environment

B.  

Provide version rollbacks for system changes

C.  

Ensure that all applications are approved

D.  

Ensure accountability for changes to the environment

Discussion 0
Question # 96

Which of the following is the FIRST step in the incident response process?

Options:

A.  

Determine the cause of the incident

B.  

Disconnect the system involved from the network

C.  

Isolate and contain the system involved

D.  

Investigate all symptoms to confirm the incident

Discussion 0
Question # 97

An organization is found lacking the ability to properly establish performance indicators for its Web hosting solution during an audit. What would be the MOST probable cause?

Options:

A.  

Absence of a Business Intelligence (BI) solution

B.  

Inadequate cost modeling

C.  

Improper deployment of the Service-Oriented Architecture (SOA)

D.  

Insufficient Service Level Agreement (SLA)

Discussion 0
Question # 98

When is a Business Continuity Plan (BCP) considered to be valid?

Options:

A.  

When it has been validated by the Business Continuity (BC) manager

B.  

When it has been validated by the board of directors

C.  

When it has been validated by all threat scenarios

D.  

When it has been validated by realistic exercises

Discussion 0
Question # 99

What should be the FIRST action to protect the chain of evidence when a desktop computer is involved?

Options:

A.  

Take the computer to a forensic lab

B.  

Make a copy of the hard drive

C.  

Start documenting

D.  

Turn off the computer

Discussion 0
Question # 100

Which of the following is a PRIMARY advantage of using a third-party identity service?

Options:

A.  

Consolidation of multiple providers

B.  

Directory synchronization

C.  

Web based logon

D.  

Automated account management

Discussion 0
Question # 101

A manufacturing organization wants to establish a Federated Identity Management (FIM) system with its 20 different supplier companies. Which of the following is the BEST solution for the manufacturing organization?

Options:

A.  

Trusted third-party certification

B.  

Lightweight Directory Access Protocol (LDAP)

C.  

Security Assertion Markup language (SAML)

D.  

Cross-certification

Discussion 0
Question # 102

What is the BEST approach for controlling access to highly sensitive information when employees have the same level of security clearance?

Options:

A.  

Audit logs

B.  

Role-Based Access Control (RBAC)

C.  

Two-factor authentication

D.  

Application of least privilege

Discussion 0
Question # 103

Which of the following assures that rules are followed in an identity management architecture?

Options:

A.  

Policy database

B.  

Digital signature

C.  

Policy decision point

D.  

Policy enforcement point

Discussion 0
Question # 104

A system is developed so that its business users can perform business functions but not user administration functions. Application administrators can perform administration functions but not user business functions. These capabilities are BEST described as

Options:

A.  

least privilege.

B.  

rule based access controls.

C.  

Mandatory Access Control (MAC).

D.  

separation of duties.

Discussion 0
Question # 105

An organization publishes and periodically updates its employee policies in a file on their intranet. Which of the following is a PRIMARY security concern?

Options:

A.  

Availability

B.  

Confidentiality

C.  

Integrity

D.  

Ownership

Discussion 0
Question # 106

Which of the following is critical for establishing an initial baseline for software components in the operation and maintenance of applications?

Options:

A.  

Application monitoring procedures

B.  

Configuration control procedures

C.  

Security audit procedures

D.  

Software patching procedures

Discussion 0
Question # 107

Which of the following secure startup mechanisms are PRIMARILY designed to thwart attacks?

Options:

A.  

Timing

B.  

Cold boot

C.  

Side channel

D.  

Acoustic cryptanalysis

Discussion 0
Question # 108

What is the PRIMARY reason for ethics awareness and related policy implementation?

Options:

A.  

It affects the workflow of an organization.

B.  

It affects the reputation of an organization.

C.  

It affects the retention rate of employees.

D.  

It affects the morale of the employees.

Discussion 0
Question # 109

Multi-Factor Authentication (MFA) is necessary in many systems given common types of password attacks. Which of the following is a correct list of password attacks?

Options:

A.  

Masquerading, salami, malware, polymorphism

B.  

Brute force, dictionary, phishing, keylogger

C.  

Zeus, netbus, rabbit, turtle

D.  

Token, biometrics, IDS, DLP

Discussion 0
Question # 110

What is the BEST method to detect the most common improper initialization problems in programming languages?

Options:

A.  

Use and specify a strong character encoding.

B.  

Use automated static analysis tools that target this type of weakness.

C.  

Perform input validation on any numeric inputs by assuring that they are within the expected range.

D.  

Use data flow analysis to minimize the number of false positives.

Discussion 0
Question # 111

The use of proximity card to gain access to a building is an example of what type of security control?

Options:

A.  

Legal

B.  

Logical

C.  

Physical

D.  

Procedural

Discussion 0
Question # 112

Refer to the information below to answer the question.

A security practitioner detects client-based attacks on the organization’s network. A plan will be necessary to address these concerns.

In the plan, what is the BEST approach to mitigate future internal client-based attacks?

Options:

A.  

Block all client side web exploits at the perimeter.

B.  

Remove all non-essential client-side web services from the network.

C.  

Screen for harmful exploits of client-side services before implementation.

D.  

Harden the client image before deployment.

Discussion 0
Question # 113

Refer to the information below to answer the question.

A security practitioner detects client-based attacks on the organization’s network. A plan will be necessary to address these concerns.

In addition to web browsers, what PRIMARY areas need to be addressed concerning mobile code used for malicious purposes?

Options:

A.  

Text editors, database, and Internet phone applications

B.  

Email, presentation, and database applications

C.  

Image libraries, presentation and spreadsheet applications

D.  

Email, media players, and instant messaging applications

Discussion 0
Question # 114

Refer to the information below to answer the question.

In a Multilevel Security (MLS) system, the following sensitivity labels are used in increasing levels of sensitivity: restricted, confidential, secret, top secret. Table A lists the clearance levels for four users, while Table B lists the security classes of four different files.

Question # 114

In a Bell-LaPadula system, which user has the MOST restrictions when writing data to any of the four files?

Options:

A.  

User A

B.  

User B

C.  

User C

D.  

User D

Discussion 0
Question # 115

What is the MOST important consideration from a data security perspective when an organization plans to relocate?

Options:

A.  

Ensure the fire prevention and detection systems are sufficient to protect personnel

B.  

Review the architectural plans to determine how many emergency exits are present

C.  

Conduct a gap analysis of a new facilities against existing security requirements

D.  

Revise the Disaster Recovery and Business Continuity (DR/BC) plan

Discussion 0
Question # 116

All of the following items should be included in a Business Impact Analysis (BIA) questionnaire EXCEPT questions that

Options:

A.  

determine the risk of a business interruption occurring

B.  

determine the technological dependence of the business processes

C.  

Identify the operational impacts of a business interruption

D.  

Identify the financial impacts of a business interruption

Discussion 0
Question # 117

Which of the following actions will reduce risk to a laptop before traveling to a high risk area?

Options:

A.  

Examine the device for physical tampering

B.  

Implement more stringent baseline configurations

C.  

Purge or re-image the hard disk drive

D.  

Change access codes

Discussion 0
Question # 118

A company wants to store data related to users on an offsite server. What method can be deployed to protect the privacy of the user’s information while maintaining the field-level configuration of the database?

Options:

A.  

{Encryption

B.  

Encoding

C.  

Tokenization

D.  

Hashing

Discussion 0
Question # 119

Which of the following is the MAIN benefit of off-site storage?

Options:

A.  

Cost effectiveness

B.  

Backup simplicity

C.  

Fast recovery

D.  

Data availability

Discussion 0
Question # 120

The security operations center (SOC) has received credible intelligence that a threat actor is planning to attack with multiple variants of a destructive virus. After obtaining a sample set of this virus’ variants and reverse engineering them to understand how they work, a commonality was found. All variants are coded to write to a specific memory location. It is determined this virus is of no threat to the organization because they had the focresight to enable what feature on all endpoints?

Options:

A.  

Process isolation

B.  

Trusted Platform Module (TPM)

C.  

Address Space Layout Randomization (ASLR)

D.  

Virtualization

Discussion 0
Question # 121

Which of the following types of hosts should be operating in the demilitarized zone (DMZ)?

Options:

A.  

Hosts intended to provide limited access to public resources

B.  

Database servers that can provide useful information to the public

C.  

Hosts that store unimportant data such as demographical information

D.  

File servers containing organizational data

Discussion 0
Question # 122

Which of the following statements is TRUE about Secure Shell (SSH)?

Options:

A.  

SSH does not protect against man-in-the-middle (MITM) attacks.

B.  

SSH supports port forwarding, which can be used to protect less secured protocols.

C.  

SSH can be used with almost any application because it is concerned with maintaining a circuit.

D.  

SSH is easy to deploy because it requires a Web browser only.

Discussion 0
Question # 123

What is the MAIN objective of risk analysis in Disaster Recovery (DR) planning?

Options:

A.  

Establish Maximum Tolerable Downtime (MTD) Information Systems (IS).

B.  

Define the variable cost for extended downtime scenarios.

C.  

Identify potential threats to business availability.

D.  

Establish personnel requirements for various downtime scenarios.

Discussion 0
Question # 124

Which of the following is an authentication protocol in which a new random number is generated uniquely for each login session?

Options:

A.  

Challenge Handshake Authentication Protocol (CHAP)

B.  

Point-to-Point Protocol (PPP)

C.  

Extensible Authentication Protocol (EAP)

D.  

Password Authentication Protocol (PAP)

Discussion 0
Question # 125

Which Hyper Text Markup Language 5 (HTML5) option presents a security challenge for network data leakage prevention and/or monitoring?

Options:

A.  

Cross Origin Resource Sharing (CORS)

B.  

WebSockets

C.  

Document Object Model (DOM) trees

D.  

Web Interface Definition Language (IDL)

Discussion 0
Question # 126

Internet Protocol (IP) source address spoofing is used to defeat

Options:

A.  

address-based authentication.

B.  

Address Resolution Protocol (ARP).

C.  

Reverse Address Resolution Protocol (RARP).

D.  

Transmission Control Protocol (TCP) hijacking.

Discussion 0
Question # 127

Which of the following is considered best practice for preventing e-mail spoofing?

Options:

A.  

Spam filtering

B.  

Cryptographic signature

C.  

Uniform Resource Locator (URL) filtering

D.  

Reverse Domain Name Service (DNS) lookup

Discussion 0
Question # 128

A disadvantage of an application filtering firewall is that it can lead to

Options:

A.  

a crash of the network as a result of user activities.

B.  

performance degradation due to the rules applied.

C.  

loss of packets on the network due to insufficient bandwidth.

D.  

Internet Protocol (IP) spoofing by hackers.

Discussion 0
Question # 129

Which security action should be taken FIRST when computer personnel are terminated from their jobs?

Options:

A.  

Remove their computer access

B.  

Require them to turn in their badge

C.  

Conduct an exit interview

D.  

Reduce their physical access level to the facility

Discussion 0
Question # 130

When building a data center, site location and construction factors that increase the level of vulnerability to physical threats include

Options:

A.  

hardened building construction with consideration of seismic factors.

B.  

adequate distance from and lack of access to adjacent buildings.

C.  

curved roads approaching the data center.

D.  

proximity to high crime areas of the city.

Discussion 0
Question # 131

The BEST method of demonstrating a company's security level to potential customers is

Options:

A.  

a report from an external auditor.

B.  

responding to a customer's security questionnaire.

C.  

a formal report from an internal auditor.

D.  

a site visit by a customer's security team.

Discussion 0
Question # 132

Why is a system's criticality classification important in large organizations?

Options:

A.  

It provides for proper prioritization and scheduling of security and maintenance tasks.

B.  

It reduces critical system support workload and reduces the time required to apply patches.

C.  

It allows for clear systems status communications to executive management.

D.  

It provides for easier determination of ownership, reducing confusion as to the status of the asset.

Discussion 0
Question # 133

An advantage of link encryption in a communications network is that it

Options:

A.  

makes key management and distribution easier.

B.  

protects data from start to finish through the entire network.

C.  

improves the efficiency of the transmission.

D.  

encrypts all information, including headers and routing information.

Discussion 0
Question # 134

What would be the PRIMARY concern when designing and coordinating a security assessment for an Automatic Teller Machine (ATM) system?

Options:

A.  

Physical access to the electronic hardware

B.  

Regularly scheduled maintenance process

C.  

Availability of the network connection

D.  

Processing delays

Discussion 0
Question # 135

A vulnerability test on an Information System (IS) is conducted to

Options:

A.  

exploit security weaknesses in the IS.

B.  

measure system performance on systems with weak security controls.

C.  

evaluate the effectiveness of security controls.

D.  

prepare for Disaster Recovery (DR) planning.

Discussion 0
Question # 136

Which of the following statements is TRUE for point-to-point microwave transmissions?

Options:

A.  

They are not subject to interception due to encryption.

B.  

Interception only depends on signal strength.

C.  

They are too highly multiplexed for meaningful interception.

D.  

They are subject to interception by an antenna within proximity.

Discussion 0
Question # 137

The stringency of an Information Technology (IT) security assessment will be determined by the

Options:

A.  

system's past security record.

B.  

size of the system's database.

C.  

sensitivity of the system's dat

A.  

D.  

age of the system.

Discussion 0
Question # 138

The PRIMARY purpose of a security awareness program is to

Options:

A.  

ensure that everyone understands the organization's policies and procedures.

B.  

communicate that access to information will be granted on a need-to-know basis.

C.  

warn all users that access to all systems will be monitored on a daily basis.

D.  

comply with regulations related to data and information protection.

Discussion 0
Question # 139

Which component of the Security Content Automation Protocol (SCAP) specification contains the data required to estimate the severity of vulnerabilities identified automated vulnerability assessments?

Options:

A.  

Common Vulnerabilities and Exposures (CVE)

B.  

Common Vulnerability Scoring System (CVSS)

C.  

Asset Reporting Format (ARF)

D.  

Open Vulnerability and Assessment Language (OVAL)

Discussion 0
Question # 140

Who in the organization is accountable for classification of data information assets?

Options:

A.  

Data owner

B.  

Data architect

C.  

Chief Information Security Officer (CISO)

D.  

Chief Information Officer (CIO)

Discussion 0
Question # 141

Which of the following mobile code security models relies only on trust?

Options:

A.  

Code signing

B.  

Class authentication

C.  

Sandboxing

D.  

Type safety

Discussion 0
Question # 142

What is the second phase of Public Key Infrastructure (PKI) key/certificate life-cycle management?

Options:

A.  

Implementation Phase

B.  

Initialization Phase

C.  

Cancellation Phase

D.  

Issued Phase

Discussion 0
Get CISSP dumps and pass your exam in 24 hours!

Free Exams Sample Questions