Winter Sale Limited Time 60% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: bestgeek

CISSP Certified Information Systems Security Professional (CISSP) Questions and Answers

Questions 4

An organization is considering outsourcing applications and data to a Cloud Service

Provider (CSP). Which of the following is the MOST important concern regarding

privacy?

Options:

A.

The CSP determines data criticality.

B.

The CSP provides end-to-end encryption services.

C.

The CSP’s privacy policy may be developer by the organization.

D.

The CSP may not be subject to the organization’s country legation.

Buy Now
Questions 5

Which of the following is an accurate statement when an assessment results in the discovery of vulnerabilities in a critical network component?

Options:

A.

The fact that every other host is sufficiently hardened does not change the fact frat the network is placed at risk of attack.

B.

There is little likelihood that the entire network is being placed at a significant risk of attack.

C.

A second assessment should immediately be performed after all vulnerabilities are corrected.

D.

There is a low possibility that any adjacently connected components have been compromised by an attacker

Buy Now
Questions 6

An organization wants to enable uses to authenticate across multiple security domains. To accomplish this they have decided to use Federated Identity Management (F1M). Which of the following is used behind the scenes in a FIM deployment?

Options:

A.

Standard Generalized Markup Language (SGML)

B.

Extensible Markup Language (XML)

C.

Security Assertion Markup Language (SAML)

D.

Transaction Authority Markup Language (XAML)

Buy Now
Questions 7

What should be the FIRST action for a security administrator who detects an intrusion on the network based on precursors and other indicators?

Options:

A.

Isolate and contain the intrusion.

B.

Notify system and application owners.

C.

Apply patches to the Operating Systems (OS).

D.

Document and verify the intrusion.

Buy Now
Questions 8

Which of the following is the BEST statement for a professional to include as port of business continuity (BC) procedure?

Options:

A.

A full data backup must be done upon management request.

B.

An incremental data backup must be done upon management request.

C.

A full data backup must be done based on the needs of the business.

D.

In incremental data backup must be done after each system change.

Buy Now
Questions 9

Which would result in the GREATEST import following a breach to a cloud environment?

Options:

A.

The hypervisor host Is poorly seared

B.

The same Logical Unit Number (LLN) is used for ail VMs

C.

Insufficient network segregation

D.

Insufficient hardening of Virtual Machines (VM)

Buy Now
Questions 10

Which of the following types of technologies would be the MOST cost-effective method to provide a reactive control for protecting personnel in public areas?

Options:

A.

Install mantraps at the building entrances

B.

Enclose the personnel entry area with polycarbonate plastic

C.

Supply a duress alarm for personnel exposed to the public

D.

Hire a guard to protect the public area

Buy Now
Questions 11

Which of the following actions will reduce risk to a laptop before traveling to a high risk area?

Options:

A.

Examine the device for physical tampering

B.

Implement more stringent baseline configurations

C.

Purge or re-image the hard disk drive

D.

Change access codes

Buy Now
Questions 12

A company whose Information Technology (IT) services are being delivered from a Tier 4 data center, is preparing a companywide Business Continuity Planning (BCP). Which of the following failures should the IT manager be concerned with?

Options:

A.

Application

B.

Storage

C.

Power

D.

Network

Buy Now
Questions 13

All of the following items should be included in a Business Impact Analysis (BIA) questionnaire EXCEPT questions that

Options:

A.

determine the risk of a business interruption occurring

B.

determine the technological dependence of the business processes

C.

Identify the operational impacts of a business interruption

D.

Identify the financial impacts of a business interruption

Buy Now
Questions 14

What is the MOST important consideration from a data security perspective when an organization plans to relocate?

Options:

A.

Ensure the fire prevention and detection systems are sufficient to protect personnel

B.

Review the architectural plans to determine how many emergency exits are present

C.

Conduct a gap analysis of a new facilities against existing security requirements

D.

Revise the Disaster Recovery and Business Continuity (DR/BC) plan

Buy Now
Questions 15

An important principle of defense in depth is that achieving information security requires a balanced focus on which PRIMARY elements?

Options:

A.

Development, testing, and deployment

B.

Prevention, detection, and remediation

C.

People, technology, and operations

D.

Certification, accreditation, and monitoring

Buy Now
Questions 16

When assessing an organization’s security policy according to standards established by the International Organization for Standardization (ISO) 27001 and 27002, when can management responsibilities be defined?

Options:

A.

Only when assets are clearly defined

B.

Only when standards are defined

C.

Only when controls are put in place

D.

Only procedures are defined

Buy Now
Questions 17

Intellectual property rights are PRIMARY concerned with which of the following?

Options:

A.

Owner’s ability to realize financial gain

B.

Owner’s ability to maintain copyright

C.

Right of the owner to enjoy their creation

D.

Right of the owner to control delivery method

Buy Now
Questions 18

Which of the following would BEST describe the role directly responsible for data within an organization?

Options:

A.

Data custodian

B.

Information owner

C.

Database administrator

D.

Quality control

Buy Now
Questions 19

Which of the following represents the GREATEST risk to data confidentiality?

Options:

A.

Network redundancies are not implemented

B.

Security awareness training is not completed

C.

Backup tapes are generated unencrypted

D.

Users have administrative privileges

Buy Now
Questions 20

Which of the following is a PRIMARY benefit of using a formalized security testing report format and structure?

Options:

A.

Executive audiences will understand the outcomes of testing and most appropriate next steps for corrective actions to be taken

B.

Technical teams will understand the testing objectives, testing strategies applied, and business risk associated with each vulnerability

C.

Management teams will understand the testing objectives and reputational risk to the organization

D.

Technical and management teams will better understand the testing objectives, results of each test phase, and potential impact levels

Buy Now
Questions 21

In which of the following programs is it MOST important to include the collection of security process data?

Options:

A.

Quarterly access reviews

B.

Security continuous monitoring

C.

Business continuity testing

D.

Annual security training

Buy Now
Questions 22

A Virtual Machine (VM) environment has five guest Operating Systems (OS) and provides strong isolation. What MUST an administrator review to audit a user’s access to data files?

Options:

A.

Host VM monitor audit logs

B.

Guest OS access controls

C.

Host VM access controls

D.

Guest OS audit logs

Buy Now
Questions 23

Which of the following is of GREATEST assistance to auditors when reviewing system configurations?

Options:

A.

Change management processes

B.

User administration procedures

C.

Operating System (OS) baselines

D.

System backup documentation

Buy Now
Questions 24

Which of the following could cause a Denial of Service (DoS) against an authentication system?

Options:

A.

Encryption of audit logs

B.

No archiving of audit logs

C.

Hashing of audit logs

D.

Remote access audit logs

Buy Now
Questions 25

Which of the following operates at the Network Layer of the Open System Interconnection (OSI) model?

Options:

A.

Packet filtering

B.

Port services filtering

C.

Content filtering

D.

Application access control

Buy Now
Questions 26

What is the purpose of an Internet Protocol (IP) spoofing attack?

Options:

A.

To send excessive amounts of data to a process, making it unpredictable

B.

To intercept network traffic without authorization

C.

To disguise the destination address from a target’s IP filtering devices

D.

To convince a system that it is communicating with a known entity

Buy Now
Questions 27

An external attacker has compromised an organization’s network security perimeter and installed a sniffer onto an inside computer. Which of the following is the MOST effective layer of security the organization could have implemented to mitigate the attacker’s ability to gain further information?

Options:

A.

Implement packet filtering on the network firewalls

B.

Install Host Based Intrusion Detection Systems (HIDS)

C.

Require strong authentication for administrators

D.

Implement logical network segmentation at the switches

Buy Now
Questions 28

Which of the following is the BEST network defense against unknown types of attacks or stealth attacks in progress?

Options:

A.

Intrusion Prevention Systems (IPS)

B.

Intrusion Detection Systems (IDS)

C.

Stateful firewalls

D.

Network Behavior Analysis (NBA) tools

Buy Now
Questions 29

Which of the following factors contributes to the weakness of Wired Equivalent Privacy (WEP) protocol?

Options:

A.

WEP uses a small range Initialization Vector (IV)

B.

WEP uses Message Digest 5 (MD5)

C.

WEP uses Diffie-Hellman

D.

WEP does not use any Initialization Vector (IV)

Buy Now
Questions 30

An input validation and exception handling vulnerability has been discovered on a critical web-based system. Which of the following is MOST suited to quickly implement a control?

Options:

A.

Add a new rule to the application layer firewall

B.

Block access to the service

C.

Install an Intrusion Detection System (IDS)

D.

Patch the application source code

Buy Now
Questions 31

At what level of the Open System Interconnection (OSI) model is data at rest on a Storage Area Network (SAN) located?

Options:

A.

Link layer

B.

Physical layer

C.

Session layer

D.

Application layer

Buy Now
Questions 32

In a Transmission Control Protocol/Internet Protocol (TCP/IP) stack, which layer is responsible for negotiating and establishing a connection with another node?

Options:

A.

Transport layer

B.

Application layer

C.

Network layer

D.

Session layer

Buy Now
Questions 33

Which of the following is used by the Point-to-Point Protocol (PPP) to determine packet formats?

Options:

A.

Layer 2 Tunneling Protocol (L2TP)

B.

Link Control Protocol (LCP)

C.

Challenge Handshake Authentication Protocol (CHAP)

D.

Packet Transfer Protocol (PTP)

Buy Now
Questions 34

Which of the following is required to determine classification and ownership?

Options:

A.

System and data resources are properly identified

B.

Access violations are logged and audited

C.

Data file references are identified and linked

D.

System security controls are fully integrated

Buy Now
Questions 35

Which of the following problems is not addressed by using OAuth (Open Standard to Authorization) 2.0 to integrate a third-party identity provider for a service?

Options:

A.

Resource Servers are required to use passwords to authenticate end users.

B.

Revocation of access of some users of the third party instead of all the users from the third party.

C.

Compromise of the third party means compromise of all the users in the service.

D.

Guest users need to authenticate with the third party identity provider.

Buy Now
Questions 36

The use of proximity card to gain access to a building is an example of what type of security control?

Options:

A.

Legal

B.

Logical

C.

Physical

D.

Procedural

Buy Now
Questions 37

What do Capability Maturity Models (CMM) serve as a benchmark for in an organization?

Options:

A.

Experience in the industry

B.

Definition of security profiles

C.

Human resource planning efforts

D.

Procedures in systems development

Buy Now
Questions 38

Which of the following is the MOST crucial for a successful audit plan?

Options:

A.

Defining the scope of the audit to be performed

B.

Identifying the security controls to be implemented

C.

Working with the system owner on new controls

D.

Acquiring evidence of systems that are not compliant

Buy Now
Questions 39

Refer to the information below to answer the question.

An organization has hired an information security officer to lead their security department. The officer has adequate people resources but is lacking the other necessary components to have an effective security program. There are numerous initiatives requiring security involvement.

Which of the following is considered the MOST important priority for the information security officer?

Options:

A.

Formal acceptance of the security strategy

B.

Disciplinary actions taken against unethical behavior

C.

Development of an awareness program for new employees

D.

Audit of all organization system configurations for faults

Buy Now
Questions 40

An organization decides to implement a partial Public Key Infrastructure (PKI) with only the servers having digital certificates. What is the security benefit of this implementation?

Options:

A.

Clients can authenticate themselves to the servers.

B.

Mutual authentication is available between the clients and servers.

C.

Servers are able to issue digital certificates to the client.

D.

Servers can authenticate themselves to the client.

Buy Now
Questions 41

Identify the component that MOST likely lacks digital accountability related to information access.

Click on the correct device in the image below.

Options:

Buy Now
Questions 42

Which of the following provides effective management assurance for a Wireless Local Area Network (WLAN)?

Options:

A.

Maintaining an inventory of authorized Access Points (AP) and connecting devices

B.

Setting the radio frequency to the minimum range required

C.

Establishing a Virtual Private Network (VPN) tunnel between the WLAN client device and a VPN concentrator

D.

Verifying that all default passwords have been changed

Buy Now
Questions 43

Refer to the information below to answer the question.

A large organization uses unique identifiers and requires them at the start of every system session. Application access is based on job classification. The organization is subject to periodic independent reviews of access controls and violations. The organization uses wired and wireless networks and remote access. The organization also uses secure connections to branch offices and secure backup and recovery strategies for selected information and processes.

In addition to authentication at the start of the user session, best practice would require re-authentication

Options:

A.

periodically during a session.

B.

for each business process.

C.

at system sign-off.

D.

after a period of inactivity.

Buy Now
Questions 44

An organization's data policy MUST include a data retention period which is based on

Options:

A.

application dismissal.

B.

business procedures.

C.

digital certificates expiration.

D.

regulatory compliance.

Buy Now
Questions 45

Given the various means to protect physical and logical assets, match the access management area to the technology.

Options:

Buy Now
Questions 46

Refer to the information below to answer the question.

An organization experiencing a negative financial impact is forced to reduce budgets and the number of Information Technology (IT) operations staff performing basic logical access security administration functions. Security processes have been tightly integrated into normal IT operations and are not separate and distinct roles.

Which of the following will indicate where the IT budget is BEST allocated during this time?

Options:

A.

Policies

B.

Frameworks

C.

Metrics

D.

Guidelines

Buy Now
Questions 47

Refer to the information below to answer the question.

An organization experiencing a negative financial impact is forced to reduce budgets and the number of Information Technology (IT) operations staff performing basic logical access security administration functions. Security processes have been tightly integrated into normal IT operations and are not separate and distinct roles.

Which of the following will MOST likely allow the organization to keep risk at an acceptable level?

Options:

A.

Increasing the amount of audits performed by third parties

B.

Removing privileged accounts from operational staff

C.

Assigning privileged functions to appropriate staff

D.

Separating the security function into distinct roles

Buy Now
Questions 48

Refer to the information below to answer the question.

A new employee is given a laptop computer with full administrator access. This employee does not have a personal computer at home and has a child that uses the computer to send and receive e-mail, search the web, and use instant messaging. The organization’s Information Technology (IT) department discovers that a peer-to-peer program has been installed on the computer using the employee's access.

Which of the following solutions would have MOST likely detected the use of peer-to-peer programs when the computer was connected to the office network?

Options:

A.

Anti-virus software

B.

Intrusion Prevention System (IPS)

C.

Anti-spyware software

D.

Integrity checking software

Buy Now
Questions 49

After the INITIAL input o f a user identification (ID) and password, what is an authentication system that prompts the user for a different response each time the user logs on?

Options:

A.

Persons Identification Number (PIN)

B.

Secondary password

C.

Challenge response

D.

Voice authentication

Buy Now
Questions 50

Which of the following examples is BEST to minimize the attack surface for a customer's private information?

Options:

A.

Obfuscation

B.

Collection limitation

C.

Authentication

D.

Data masking

Buy Now
Questions 51

If an employee transfers from one role to another, which of the following actions should this trigger within the identity and access management (IAM) lifecycle?

Options:

A.

New account creation

B.

User access review and adjustment

C.

Deprovisioning

D.

System account access review and adjustment

Buy Now
Questions 52

A cloud service accepts Security Assertion Markup Language (SAML) assertions from users to on and security However, an attacker was able to spoof a registered account on the network and query the SAML provider.

What is the MOST common attack leverage against this flaw?

Options:

A.

Attacker forges requests to authenticate as a different user.

B.

Attacker leverages SAML assertion to register an account on the security domain.

C.

Attacker conducts denial-of-service (DoS) against the security domain by authenticating as the same user repeatedly.

D.

Attacker exchanges authentication and authorization data between security domains.

Buy Now
Questions 53

Which of the following vulnerabilities can be BEST detected using automated analysis?

Options:

A.

Valid cross-site request forgery (CSRF) vulnerabilities

B.

Multi-step process attack vulnerabilities

C.

Business logic flaw vulnerabilities

D.

Typical source code vulnerabilities

Buy Now
Questions 54

How does security in a distributed file system using mutual authentication differ from file security in a multi-user host?

Options:

A.

Access control can rely on the Operating System (OS), but eavesdropping is

B.

Access control cannot rely on the Operating System (OS), and eavesdropping

C.

Access control can rely on the Operating System (OS), and eavesdropping is

D.

Access control cannot rely on the Operating System (OS), and eavesdropping

Buy Now
Questions 55

The existence of physical barriers, card and personal identification number (PIN) access systems, cameras, alarms, and security guards BEST describes this security

approach?

Options:

A.

Security information and event management (SIEM)

B.

Security perimeter

C.

Defense-in-depth

D.

Access control

Buy Now
Questions 56

The acquisition of personal data being obtained by a lawful and fair means is an example of what principle?

Options:

A.

Data Quality Principle

B.

Openness Principle

C.

Purpose Specification Principle

D.

Collection Limitation Principle

Buy Now
Questions 57

Which of the following activities should a forensic examiner perform FIRST when determining the priority of digital evidence collection at a crime scene?

Options:

A.

Gather physical evidence,

B.

Establish order of volatility.

C.

Assign responsibilities to personnel on the scene.

D.

Establish a list of files to examine.

Buy Now
Questions 58

In software development, which of the following entities normally signs the code to protect the code integrity?

Options:

A.

The organization developing the code

B.

The quality control group

C.

The data owner

D.

The developer

Buy Now
Questions 59

Which of the following are all elements of a disaster recovery plan (DRP)?

Options:

A.

Document the actual location of the ORP, developing an incident notification procedure, evaluating costs of critical components

B.

Document the actual location of the ORP, developing an incident notification procedure, establishing recovery locations

C.

Maintain proper documentation of all server logs, developing an incident notification procedure, establishing recovery locations

D.

Document the actual location of the ORP, recording minutes at all ORP planning sessions, establishing recovery locations

Buy Now
Questions 60

A company is enrolled in a hard drive reuse program where decommissioned equipment is sold back to the vendor when it is no longer needed. The vendor pays more money for functioning drives than equipment that is no longer operational. Which method of data sanitization would provide the most secure means of preventing unauthorized data loss, while

also receiving the most money from the vendor?

Options:

A.

Pinning

B.

Single-pass wipe

C.

Degaussing

D.

Multi-pass wipes

Buy Now
Questions 61

Which security audit standard provides the BEST way for an organization to understand a vendor's Information Systems (IS) in relation to confidentiality, integrity, and availability?

Options:

A.

Statement on Auditing Standards (SAS) 70

B.

Service Organization Control (SOC) 2

C.

Service Organization Control (SOC) 1

D.

Statement on Standards for Attestation Engagements (SSAE) 18

Buy Now
Questions 62

An organization has determined that its previous waterfall approach to software development is not keeping pace with business demands. To adapt to the rapid changes required for product delivery, the organization has decided to move towards an Agile software development and release cycle. In order to ensure the success of the Agile methodology, who is MOST critical in creating acceptance tests or acceptance criteria for each release?

Options:

A.

Project managers

B.

Software developers

C.

Independent testers

D.

Business customers

Buy Now
Questions 63

Which of the following is the MOST important output from a mobile application threat modeling exercise according to Open Web Application Security Project (OWASP)?

Options:

A.

Application interface entry and endpoints

B.

The likelihood and impact of a vulnerability

C.

Countermeasures and mitigations for vulnerabilities

D.

A data flow diagram for the application and attack surface analysis

Buy Now
Questions 64

Which of the following BEST represents a defense in depth concept?

Options:

A.

Network-based data loss prevention (DLP), Network Access Control (NAC), network-based Intrusion prevention system (NIPS), Port security on core switches

B.

Host-based data loss prevention (DLP), Endpoint anti-malware solution, Host-based integrity checker, Laptop locks, hard disk drive (HDD) encryption

C.

Endpoint security management, network intrusion detection system (NIDS), Network Access Control (NAC), Privileged Access Management (PAM), security information

and event management (SIEM)

D.

Web application firewall (WAF), Gateway network device tuning, Database firewall, Next-Generation Firewall (NGFW), Tier-2 demilitarized zone (DMZ) tuning

Buy Now
Questions 65

How can lessons learned from business continuity training and actual recovery incidents BEST be used?

Options:

A.

As a means for improvement

B.

As alternative options for awareness and training

C.

As indicators of a need for policy

D.

As business function gap indicators

Buy Now
Questions 66

Secure Sockets Layer (SSL) encryption protects

Options:

A.

data at rest.

B.

the source IP address.

C.

data transmitted.

D.

data availability.

Buy Now
Questions 67

Which of the following is the MOST likely cause of a non-malicious data breach when the source of the data breach was an un-marked file cabinet containing sensitive documents?

Options:

A.

Ineffective data classification

B.

Lack of data access controls

C.

Ineffective identity management controls

D.

Lack of Data Loss Prevention (DLP) tools

Buy Now
Questions 68

Users require access rights that allow them to view the average salary of groups of employees. Which control would prevent the users from obtaining an individual employee’s salary?

Options:

A.

Limit access to predefined queries

B.

Segregate the database into a small number of partitions each with a separate security level

C.

Implement Role Based Access Control (RBAC)

D.

Reduce the number of people who have access to the system for statistical purposes

Buy Now
Questions 69

What is the BEST approach for controlling access to highly sensitive information when employees have the same level of security clearance?

Options:

A.

Audit logs

B.

Role-Based Access Control (RBAC)

C.

Two-factor authentication

D.

Application of least privilege

Buy Now
Questions 70

Which of the following BEST describes an access control method utilizing cryptographic keys derived from a smart card private key that is embedded within mobile devices?

Options:

A.

Derived credential

B.

Temporary security credential

C.

Mobile device credentialing service

D.

Digest authentication

Buy Now
Questions 71

A manufacturing organization wants to establish a Federated Identity Management (FIM) system with its 20 different supplier companies. Which of the following is the BEST solution for the manufacturing organization?

Options:

A.

Trusted third-party certification

B.

Lightweight Directory Access Protocol (LDAP)

C.

Security Assertion Markup language (SAML)

D.

Cross-certification

Buy Now
Questions 72

When implementing a data classification program, why is it important to avoid too much granularity?

Options:

A.

The process will require too many resources

B.

It will be difficult to apply to both hardware and software

C.

It will be difficult to assign ownership to the data

D.

The process will be perceived as having value

Buy Now
Questions 73

In a data classification scheme, the data is owned by the

Options:

A.

system security managers

B.

business managers

C.

Information Technology (IT) managers

D.

end users

Buy Now
Questions 74

Which of the following is MOST important when assigning ownership of an asset to a department?

Options:

A.

The department should report to the business owner

B.

Ownership of the asset should be periodically reviewed

C.

Individual accountability should be ensured

D.

All members should be trained on their responsibilities

Buy Now
Questions 75

Which of the following is an effective control in preventing electronic cloning of Radio Frequency Identification (RFID) based access cards?

Options:

A.

Personal Identity Verification (PIV)

B.

Cardholder Unique Identifier (CHUID) authentication

C.

Physical Access Control System (PACS) repeated attempt detection

D.

Asymmetric Card Authentication Key (CAK) challenge-response

Buy Now
Questions 76

An organization has doubled in size due to a rapid market share increase. The size of the Information Technology (IT) staff has maintained pace with this growth. The organization hires several contractors whose onsite time is limited. The IT department has pushed its limits building servers and rolling out workstations and has a backlog of account management requests.

Which contract is BEST in offloading the task from the IT staff?

Options:

A.

Platform as a Service (PaaS)

B.

Identity as a Service (IDaaS)

C.

Desktop as a Service (DaaS)

D.

Software as a Service (SaaS)

Buy Now
Questions 77

Which of the following is the MOST common method of memory protection?

Options:

A.

Compartmentalization

B.

Segmentation

C.

Error correction

D.

Virtual Local Area Network (VLAN) tagging

Buy Now
Questions 78

Who would be the BEST person to approve an organizations information security policy?

Options:

A.

Chief Information Officer (CIO)

B.

Chief Information Security Officer (CISO)

C.

Chief internal auditor

D.

Chief Executive Officer (CEO)

Buy Now
Questions 79

What are the steps of a risk assessment?

Options:

A.

identification, analysis, evaluation

B.

analysis, evaluation, mitigation

C.

classification, identification, risk management

D.

identification, evaluation, mitigation

Buy Now
Questions 80

Which of the following is the MOST important part of an awareness and training plan to prepare employees for emergency situations?

Options:

A.

Having emergency contacts established for the general employee population to get information

B.

Conducting business continuity and disaster recovery training for those who have a direct role in the recovery

C.

Designing business continuity and disaster recovery training programs for different audiences

D.

Publishing a corporate business continuity and disaster recovery plan on the corporate website

Buy Now
Questions 81

The configuration management and control task of the certification and accreditation process is incorporated in which phase of the System Development Life Cycle (SDLC)?

Options:

A.

System acquisition and development

B.

System operations and maintenance

C.

System initiation

D.

System implementation

Buy Now
Questions 82

Which of the following is the PRIMARY risk with using open source software in a commercial software construction?

Options:

A.

Lack of software documentation

B.

License agreements requiring release of modified code

C.

Expiration of the license agreement

D.

Costs associated with support of the software

Buy Now
Questions 83

Which of the following is a web application control that should be put into place to prevent exploitation of Operating System (OS) bugs?

Options:

A.

Check arguments in function calls

B.

Test for the security patch level of the environment

C.

Include logging functions

D.

Digitally sign each application module

Buy Now
Questions 84

Which of the following is the BEST method to prevent malware from being introduced into a production environment?

Options:

A.

Purchase software from a limited list of retailers

B.

Verify the hash key or certificate key of all updates

C.

Do not permit programs, patches, or updates from the Internet

D.

Test all new software in a segregated environment

Buy Now
Questions 85

What is the BEST approach to addressing security issues in legacy web applications?

Options:

A.

Debug the security issues

B.

Migrate to newer, supported applications where possible

C.

Conduct a security assessment

D.

Protect the legacy application with a web application firewall

Buy Now
Questions 86

A Java program is being developed to read a file from computer A and write it to computer B, using a third computer C. The program is not working as expected. What is the MOST probable security feature of Java preventing the program from operating as intended?

Options:

A.

Least privilege

B.

Privilege escalation

C.

Defense in depth

D.

Privilege bracketing

Buy Now
Questions 87

When in the Software Development Life Cycle (SDLC) MUST software security functional requirements be defined?

Options:

A.

After the system preliminary design has been developed and the data security categorization has been performed

B.

After the vulnerability analysis has been performed and before the system detailed design begins

C.

After the system preliminary design has been developed and before the data security categorization begins

D.

After the business functional analysis and the data security categorization have been performed

Buy Now
Questions 88

Which of the following is a PRIMARY advantage of using a third-party identity service?

Options:

A.

Consolidation of multiple providers

B.

Directory synchronization

C.

Web based logon

D.

Automated account management

Buy Now
Questions 89

What should be the FIRST action to protect the chain of evidence when a desktop computer is involved?

Options:

A.

Take the computer to a forensic lab

B.

Make a copy of the hard drive

C.

Start documenting

D.

Turn off the computer

Buy Now
Questions 90

Recovery strategies of a Disaster Recovery planning (DRIP) MUST be aligned with which of the following?

Options:

A.

Hardware and software compatibility issues

B.

Applications’ critically and downtime tolerance

C.

Budget constraints and requirements

D.

Cost/benefit analysis and business objectives

Buy Now
Questions 91

Which of the following is an initial consideration when developing an information security management system?

Options:

A.

Identify the contractual security obligations that apply to the organizations

B.

Understand the value of the information assets

C.

Identify the level of residual risk that is tolerable to management

D.

Identify relevant legislative and regulatory compliance requirements

Buy Now
Questions 92

Which one of the following affects the classification of data?

Options:

A.

Assigned security label

B.

Multilevel Security (MLS) architecture

C.

Minimum query size

D.

Passage of time

Buy Now
Questions 93

Due to system constraints, a group of system administrators must share a high-level access set of credentials.

Which of the following would be MOST appropriate to implement?

Options:

A.

Increased console lockout times for failed logon attempts

B.

Reduce the group in size

C.

A credential check-out process for a per-use basis

D.

Full logging on affected systems

Buy Now
Questions 94

A continuous information security monitoring program can BEST reduce risk through which of the following?

Options:

A.

Collecting security events and correlating them to identify anomalies

B.

Facilitating system-wide visibility into the activities of critical user accounts

C.

Encompassing people, process, and technology

D.

Logging both scheduled and unscheduled system changes

Buy Now
Questions 95

At a MINIMUM, audits of permissions to individual or group accounts should be scheduled

Options:

A.

annually

B.

to correspond with staff promotions

C.

to correspond with terminations

D.

continually

Buy Now
Questions 96

An organization is found lacking the ability to properly establish performance indicators for its Web hosting solution during an audit. What would be the MOST probable cause?

Options:

A.

Absence of a Business Intelligence (BI) solution

B.

Inadequate cost modeling

C.

Improper deployment of the Service-Oriented Architecture (SOA)

D.

Insufficient Service Level Agreement (SLA)

Buy Now
Questions 97

The use of private and public encryption keys is fundamental in the implementation of which of the following?

Options:

A.

Diffie-Hellman algorithm

B.

Secure Sockets Layer (SSL)

C.

Advanced Encryption Standard (AES)

D.

Message Digest 5 (MD5)

Buy Now
Questions 98

Which of the following mobile code security models relies only on trust?

Options:

A.

Code signing

B.

Class authentication

C.

Sandboxing

D.

Type safety

Buy Now
Questions 99

What is the MOST important step during forensic analysis when trying to learn the purpose of an unknown application?

Options:

A.

Disable all unnecessary services

B.

Ensure chain of custody

C.

Prepare another backup of the system

D.

Isolate the system from the network

Buy Now
Questions 100

Which of the following is the FIRST step in the incident response process?

Options:

A.

Determine the cause of the incident

B.

Disconnect the system involved from the network

C.

Isolate and contain the system involved

D.

Investigate all symptoms to confirm the incident

Buy Now
Questions 101

A Business Continuity Plan/Disaster Recovery Plan (BCP/DRP) will provide which of the following?

Options:

A.

Guaranteed recovery of all business functions

B.

Minimization of the need decision making during a crisis

C.

Insurance against litigation following a disaster

D.

Protection from loss of organization resources

Buy Now
Questions 102

Which of the following BEST describes the responsibilities of a data owner?

Options:

A.

Ensuring quality and validation through periodic audits for ongoing data integrity

B.

Maintaining fundamental data availability, including data storage and archiving

C.

Ensuring accessibility to appropriate users, maintaining appropriate levels of data security

D.

Determining the impact the information has on the mission of the organization

Buy Now
Questions 103

Who in the organization is accountable for classification of data information assets?

Options:

A.

Data owner

B.

Data architect

C.

Chief Information Security Officer (CISO)

D.

Chief Information Officer (CIO)

Buy Now
Questions 104

Which component of the Security Content Automation Protocol (SCAP) specification contains the data required to estimate the severity of vulnerabilities identified automated vulnerability assessments?

Options:

A.

Common Vulnerabilities and Exposures (CVE)

B.

Common Vulnerability Scoring System (CVSS)

C.

Asset Reporting Format (ARF)

D.

Open Vulnerability and Assessment Language (OVAL)

Buy Now
Questions 105

The core component of Role Based Access Control (RBAC) must be constructed of defined data elements.

Which elements are required?

Options:

A.

Users, permissions, operations, and protected objects

B.

Roles, accounts, permissions, and protected objects

C.

Users, roles, operations, and protected objects

D.

Roles, operations, accounts, and protected objects

Buy Now
Questions 106

Which of the following is the BEST reason for writing an information security policy?

Options:

A.

To support information security governance

B.

To reduce the number of audit findings

C.

To deter attackers

D.

To implement effective information security controls

Buy Now
Questions 107

Retaining system logs for six months or longer can be valuable for what activities?

Options:

A.

Disaster recovery and business continuity

B.

Forensics and incident response

C.

Identity and authorization management

D.

Physical and logical access control

Buy Now
Questions 108

The World Trade Organization's (WTO) agreement on Trade-Related Aspects of Intellectual Property Rights (TRIPS) requires authors of computer software to be given the

Options:

A.

right to refuse or permit commercial rentals.

B.

right to disguise the software's geographic origin.

C.

ability to tailor security parameters based on location.

D.

ability to confirm license authenticity of their works.

Buy Now
Questions 109

How does Encapsulating Security Payload (ESP) in transport mode affect the Internet Protocol (IP)?

Options:

A.

Encrypts and optionally authenticates the IP header, but not the IP payload

B.

Encrypts and optionally authenticates the IP payload, but not the IP header

C.

Authenticates the IP payload and selected portions of the IP header

D.

Encrypts and optionally authenticates the complete IP packet

Buy Now
Questions 110

An organization has developed a major application that has undergone accreditation testing. After receiving the results of the evaluation, what is the final step before the application can be accredited?

Options:

A.

Acceptance of risk by the authorizing official

B.

Remediation of vulnerabilities

C.

Adoption of standardized policies and procedures

D.

Approval of the System Security Plan (SSP)

Buy Now
Questions 111

An organization lacks a data retention policy. Of the following, who is the BEST person to consult for such requirement?

Options:

A.

Application Manager

B.

Database Administrator

C.

Privacy Officer

D.

Finance Manager

Buy Now
Questions 112

When planning a penetration test, the tester will be MOST interested in which information?

Options:

A.

Places to install back doors

B.

The main network access points

C.

Job application handouts and tours

D.

Exploits that can attack weaknesses

Buy Now
Questions 113

Which of the following is the BEST example of weak management commitment to the protection of security assets and resources?

Options:

A.

poor governance over security processes and procedures

B.

immature security controls and procedures

C.

variances against regulatory requirements

D.

unanticipated increases in security incidents and threats

Buy Now
Questions 114

What is the process called when impact values are assigned to the security objectives for information types?

Options:

A.

Qualitative analysis

B.

Quantitative analysis

C.

Remediation

D.

System security categorization

Buy Now
Questions 115

In which order, from MOST to LEAST impacted, does user awareness training reduce the occurrence of the events below?

Options:

Buy Now
Questions 116

For privacy protected data, which of the following roles has the highest authority for establishing dissemination rules for the data?

Options:

A.

Information Systems Security Officer

B.

Data Owner

C.

System Security Architect

D.

Security Requirements Analyst

Buy Now
Questions 117

Which of the following BEST avoids data remanence disclosure for cloud hosted resources?

Options:

A.

Strong encryption and deletion of the keys after data is deleted.

B.

Strong encryption and deletion of the virtual host after data is deleted.

C.

Software based encryption with two factor authentication.

D.

Hardware based encryption on dedicated physical servers.

Buy Now
Questions 118

Which of the following statements is TRUE for point-to-point microwave transmissions?

Options:

A.

They are not subject to interception due to encryption.

B.

Interception only depends on signal strength.

C.

They are too highly multiplexed for meaningful interception.

D.

They are subject to interception by an antenna within proximity.

Buy Now
Questions 119

Which of the following is ensured when hashing files during chain of custody handling?

Options:

A.

Availability

B.

Accountability

C.

Integrity

D.

Non-repudiation

Buy Now
Questions 120

Which of the following MUST be part of a contract to support electronic discovery of data stored in a cloud environment?

Options:

A.

Integration with organizational directory services for authentication

B.

Tokenization of data

C.

Accommodation of hybrid deployment models

D.

Identification of data location

Buy Now
Questions 121

The birthday attack is MOST effective against which one of the following cipher technologies?

Options:

A.

Chaining block encryption

B.

Asymmetric cryptography

C.

Cryptographic hash

D.

Streaming cryptography

Buy Now
Questions 122

Which type of control recognizes that a transaction amount is excessive in accordance with corporate policy?

Options:

A.

Detection

B.

Prevention

C.

Investigation

D.

Correction

Buy Now
Questions 123

Which one of the following is a fundamental objective in handling an incident?

Options:

A.

To restore control of the affected systems

B.

To confiscate the suspect's computers

C.

To prosecute the attacker

D.

To perform full backups of the system

Buy Now
Questions 124

The process of mutual authentication involves a computer system authenticating a user and authenticating the

Options:

A.

user to the audit process.

B.

computer system to the user.

C.

user's access to all authorized objects.

D.

computer system to the audit process.

Buy Now
Questions 125

What principle requires that changes to the plaintext affect many parts of the ciphertext?

Options:

A.

Diffusion

B.

Encapsulation

C.

Obfuscation

D.

Permutation

Buy Now
Questions 126

The BEST way to check for good security programming practices, as well as auditing for possible backdoors, is to conduct

Options:

A.

log auditing.

B.

code reviews.

C.

impact assessments.

D.

static analysis.

Buy Now
Questions 127

The key benefits of a signed and encrypted e-mail include

Options:

A.

confidentiality, authentication, and authorization.

B.

confidentiality, non-repudiation, and authentication.

C.

non-repudiation, authorization, and authentication.

D.

non-repudiation, confidentiality, and authorization.

Buy Now
Questions 128

Which of the following actions should be performed when implementing a change to a database schema in a production system?

Options:

A.

Test in development, determine dates, notify users, and implement in production

B.

Apply change to production, run in parallel, finalize change in production, and develop a back-out strategy

C.

Perform user acceptance testing in production, have users sign off, and finalize change

D.

Change in development, perform user acceptance testing, develop a back-out strategy, and implement change

Buy Now
Questions 129

When building a data center, site location and construction factors that increase the level of vulnerability to physical threats include

Options:

A.

hardened building construction with consideration of seismic factors.

B.

adequate distance from and lack of access to adjacent buildings.

C.

curved roads approaching the data center.

D.

proximity to high crime areas of the city.

Buy Now
Questions 130

An organization is designing a large enterprise-wide document repository system. They plan to have several different classification level areas with increasing levels of controls. The BEST way to ensure document confidentiality in the repository is to

Options:

A.

encrypt the contents of the repository and document any exceptions to that requirement.

B.

utilize Intrusion Detection System (IDS) set drop connections if too many requests for documents are detected.

C.

keep individuals with access to high security areas from saving those documents into lower security areas.

D.

require individuals with access to the system to sign Non-Disclosure Agreements (NDA).

Buy Now
Questions 131

Copyright provides protection for which of the following?

Options:

A.

Ideas expressed in literary works

B.

A particular expression of an idea

C.

New and non-obvious inventions

D.

Discoveries of natural phenomena

Buy Now
Questions 132

Which of the following is the FIRST step of a penetration test plan?

Options:

A.

Analyzing a network diagram of the target network

B.

Notifying the company's customers

C.

Obtaining the approval of the company's management

D.

Scheduling the penetration test during a period of least impact

Buy Now
Exam Code: CISSP
Exam Name: Certified Information Systems Security Professional (CISSP)
Last Update: Jan 30, 2023
Questions: 1487
CISSP pdf

CISSP PDF

$159.6  $399
CISSP Engine

CISSP Testing Engine

$179.6  $449
CISSP PDF + Engine

CISSP PDF + Testing Engine

$239.6  $599