New Year Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: cramtick70

CISSP Certified Information Systems Security Professional (CISSP) Questions and Answers

Questions 4

Who is responsible for the protection of information when it is shared with or provided to other organizations?

Options:

A.

Systems owner

B.

Authorizing Official (AO)

C.

Information owner

D.

Security officer

Buy Now
Questions 5

A minimal implementation of endpoint security includes which of the following?

Options:

A.

Trusted platforms

B.

Host-based firewalls

C.

Token-based authentication

D.

Wireless Access Points (AP)

Buy Now
Questions 6

Which of the following mechanisms will BEST prevent a Cross-Site Request Forgery (CSRF) attack?

Options:

A.

parameterized database queries

B.

whitelist input values

C.

synchronized session tokens

D.

use strong ciphers

Buy Now
Questions 7

When developing a business case for updating a security program, the security program owner MUST do

which of the following?

Options:

A.

Identify relevant metrics

B.

Prepare performance test reports

C.

Obtain resources for the security program

D.

Interview executive management

Buy Now
Questions 8

Who is accountable for the information within an Information System (IS)?

Options:

A.

Security manager

B.

System owner

C.

Data owner

D.

Data processor

Buy Now
Questions 9

Mandatory Access Controls (MAC) are based on:

Options:

A.

security classification and security clearance

B.

data segmentation and data classification

C.

data labels and user access permissions

D.

user roles and data encryption

Buy Now
Questions 10

The security accreditation task of the System Development Life Cycle (SDLC) process is completed at the end of which phase?

Options:

A.

System acquisition and development

B.

System operations and maintenance

C.

System initiation

D.

System implementation

Buy Now
Questions 11

What Is the FIRST step in establishing an information security program?

Options:

A.

Establish an information security policy.

B.

Identify factors affecting information security.

C.

Establish baseline security controls.

D.

Identify critical security infrastructure.

Buy Now
Questions 12

What can happen when an Intrusion Detection System (IDS) is installed inside a firewall-protected internal network?

Options:

A.

The IDS can detect failed administrator logon attempts from servers.

B.

The IDS can increase the number of packets to analyze.

C.

The firewall can increase the number of packets to analyze.

D.

The firewall can detect failed administrator login attempts from servers

Buy Now
Questions 13

What is the expected outcome of security awareness in support of a security awareness program?

Options:

A.

Awareness activities should be used to focus on security concerns and respond to those concerns

accordingly

B.

Awareness is not an activity or part of the training but rather a state of persistence to support the program

C.

Awareness is training. The purpose of awareness presentations is to broaden attention of security.

D.

Awareness is not training. The purpose of awareness presentation is simply to focus attention on security.

Buy Now
Questions 14

Transport Layer Security (TLS) provides which of the following capabilities for a remote access server?

Options:

A.

Transport layer handshake compression

B.

Application layer negotiation

C.

Peer identity authentication

D.

Digital certificate revocation

Buy Now
Questions 15

Which security access policy contains fixed security attributes that are used by the system to determine a

user’s access to a file or object?

Options:

A.

Mandatory Access Control (MAC)

B.

Access Control List (ACL)

C.

Discretionary Access Control (DAC)

D.

Authorized user control

Buy Now
Questions 16

Which of the following is the MOST challenging issue in apprehending cyber criminals?

Options:

A.

They often use sophisticated method to commit a crime.

B.

It is often hard to collect and maintain integrity of digital evidence.

C.

The crime is often committed from a different jurisdiction.

D.

There is often no physical evidence involved.

Buy Now
Questions 17

Which of the BEST internationally recognized standard for evaluating security products and systems?

Options:

A.

Payment Card Industry Data Security Standards (PCI-DSS)

B.

Common Criteria (CC)

C.

Health Insurance Portability and Accountability Act (HIPAA)

D.

Sarbanes-Oxley (SOX)

Buy Now
Questions 18

A control to protect from a Denial-of-Service (DoS) attach has been determined to stop 50% of attacks, and additionally reduces the impact of an attack by 50%. What is the residual risk?

Options:

A.

25%

B.

50%

C.

75%

D.

100%

Buy Now
Questions 19

A security practitioner is tasked with securing the organization’s Wireless Access Points (WAP). Which of these is the MOST effective way of restricting this environment to authorized users?

Options:

A.

Enable Wi-Fi Protected Access 2 (WPA2) encryption on the wireless access point

B.

Disable the broadcast of the Service Set Identifier (SSID) name

C.

Change the name of the Service Set Identifier (SSID) to a random value not associated with the organization

D.

Create Access Control Lists (ACL) based on Media Access Control (MAC) addresses

Buy Now
Questions 20

Which of the following is the BEST Identity-as-a-Service (IDaaS) solution for validating users?

Options:

A.

Single Sign-On (SSO)

B.

Security Assertion Markup Language (SAML)

C.

Lightweight Directory Access Protocol (LDAP)

D.

Open Authentication (OAuth)

Buy Now
Questions 21

After following the processes defined within the change management plan, a super user has upgraded a

device within an Information system.

What step would be taken to ensure that the upgrade did NOT affect the network security posture?

Options:

A.

Conduct an Assessment and Authorization (A&A)

B.

Conduct a security impact analysis

C.

Review the results of the most recent vulnerability scan

D.

Conduct a gap analysis with the baseline configuration

Buy Now
Questions 22

At a MINIMUM, audits of permissions to individual or group accounts should be scheduled

Options:

A.

annually

B.

to correspond with staff promotions

C.

to correspond with terminations

D.

continually

Buy Now
Questions 23

Which of the following is a characteristic of an internal audit?

Options:

A.

An internal audit is typically shorter in duration than an external audit.

B.

The internal audit schedule is published to the organization well in advance.

C.

The internal auditor reports to the Information Technology (IT) department

D.

Management is responsible for reading and acting upon the internal audit results

Buy Now
Questions 24

Which security service is served by the process of encryption plaintext with the sender’s private key and decrypting cipher text with the sender’s public key?

Options:

A.

Confidentiality

B.

Integrity

C.

Identification

D.

Availability

Buy Now
Questions 25

Which component of the Security Content Automation Protocol (SCAP) specification contains the data required to estimate the severity of vulnerabilities identified automated vulnerability assessments?

Options:

A.

Common Vulnerabilities and Exposures (CVE)

B.

Common Vulnerability Scoring System (CVSS)

C.

Asset Reporting Format (ARF)

D.

Open Vulnerability and Assessment Language (OVAL)

Buy Now
Questions 26

Which of the following mobile code security models relies only on trust?

Options:

A.

Code signing

B.

Class authentication

C.

Sandboxing

D.

Type safety

Buy Now
Questions 27

Who in the organization is accountable for classification of data information assets?

Options:

A.

Data owner

B.

Data architect

C.

Chief Information Security Officer (CISO)

D.

Chief Information Officer (CIO)

Buy Now
Questions 28

What is the second phase of Public Key Infrastructure (PKI) key/certificate life-cycle management?

Options:

A.

Implementation Phase

B.

Initialization Phase

C.

Cancellation Phase

D.

Issued Phase

Buy Now
Questions 29

The use of private and public encryption keys is fundamental in the implementation of which of the following?

Options:

A.

Diffie-Hellman algorithm

B.

Secure Sockets Layer (SSL)

C.

Advanced Encryption Standard (AES)

D.

Message Digest 5 (MD5)

Buy Now
Questions 30

Which technique can be used to make an encryption scheme more resistant to a known plaintext attack?

Options:

A.

Hashing the data before encryption

B.

Hashing the data after encryption

C.

Compressing the data after encryption

D.

Compressing the data before encryption

Buy Now
Questions 31

What is the BEST approach to addressing security issues in legacy web applications?

Options:

A.

Debug the security issues

B.

Migrate to newer, supported applications where possible

C.

Conduct a security assessment

D.

Protect the legacy application with a web application firewall

Buy Now
Questions 32

Which of the following is the PRIMARY risk with using open source software in a commercial software construction?

Options:

A.

Lack of software documentation

B.

License agreements requiring release of modified code

C.

Expiration of the license agreement

D.

Costs associated with support of the software

Buy Now
Questions 33

Which of the following is the BEST way to reduce the impact of an externally sourced flood attack?

Options:

A.

Have the service provider block the soiree address.

B.

Have the soiree service provider block the address.

C.

Block the source address at the firewall.

D.

Block all inbound traffic until the flood ends.

Buy Now
Questions 34

Which of the following is considered a secure coding practice?

Options:

A.

Use concurrent access for shared variables and resources

B.

Use checksums to verify the integrity of libraries

C.

Use new code for common tasks

D.

Use dynamic execution functions to pass user supplied data

Buy Now
Questions 35

Digital certificates used in Transport Layer Security (TLS) support which of the following?

Options:

A.

Information input validation

B.

Non-repudiation controls and data encryption

C.

Multi-Factor Authentication (MFA)

D.

Server identity and data confidentially

Buy Now
Questions 36

What is the process of removing sensitive data from a system or storage device with the intent that the data cannot be reconstructed by any known technique?

Options:

A.

Purging

B.

Encryption

C.

Destruction

D.

Clearing

Buy Now
Questions 37

What is the foundation of cryptographic functions?

Options:

A.

Encryption

B.

Cipher

C.

Hash

D.

Entropy

Buy Now
Questions 38

What is the purpose of an Internet Protocol (IP) spoofing attack?

Options:

A.

To send excessive amounts of data to a process, making it unpredictable

B.

To intercept network traffic without authorization

C.

To disguise the destination address from a target’s IP filtering devices

D.

To convince a system that it is communicating with a known entity

Buy Now
Questions 39

An external attacker has compromised an organization’s network security perimeter and installed a sniffer onto an inside computer. Which of the following is the MOST effective layer of security the organization could have implemented to mitigate the attacker’s ability to gain further information?

Options:

A.

Implement packet filtering on the network firewalls

B.

Install Host Based Intrusion Detection Systems (HIDS)

C.

Require strong authentication for administrators

D.

Implement logical network segmentation at the switches

Buy Now
Questions 40

In a Transmission Control Protocol/Internet Protocol (TCP/IP) stack, which layer is responsible for negotiating and establishing a connection with another node?

Options:

A.

Transport layer

B.

Application layer

C.

Network layer

D.

Session layer

Buy Now
Questions 41

Which of the following is the BEST network defense against unknown types of attacks or stealth attacks in progress?

Options:

A.

Intrusion Prevention Systems (IPS)

B.

Intrusion Detection Systems (IDS)

C.

Stateful firewalls

D.

Network Behavior Analysis (NBA) tools

Buy Now
Questions 42

Which of the following factors contributes to the weakness of Wired Equivalent Privacy (WEP) protocol?

Options:

A.

WEP uses a small range Initialization Vector (IV)

B.

WEP uses Message Digest 5 (MD5)

C.

WEP uses Diffie-Hellman

D.

WEP does not use any Initialization Vector (IV)

Buy Now
Questions 43

An input validation and exception handling vulnerability has been discovered on a critical web-based system. Which of the following is MOST suited to quickly implement a control?

Options:

A.

Add a new rule to the application layer firewall

B.

Block access to the service

C.

Install an Intrusion Detection System (IDS)

D.

Patch the application source code

Buy Now
Questions 44

Which of the following is used by the Point-to-Point Protocol (PPP) to determine packet formats?

Options:

A.

Layer 2 Tunneling Protocol (L2TP)

B.

Link Control Protocol (LCP)

C.

Challenge Handshake Authentication Protocol (CHAP)

D.

Packet Transfer Protocol (PTP)

Buy Now
Questions 45

Which of the following operates at the Network Layer of the Open System Interconnection (OSI) model?

Options:

A.

Packet filtering

B.

Port services filtering

C.

Content filtering

D.

Application access control

Buy Now
Questions 46

At what level of the Open System Interconnection (OSI) model is data at rest on a Storage Area Network (SAN) located?

Options:

A.

Link layer

B.

Physical layer

C.

Session layer

D.

Application layer

Buy Now
Questions 47

The development team has been tasked with collecting data from biometric devices. The application will support a variety of collection data streams. During the testing phase, the team utilizes data from an old production database in a secure testing environment. What principle has the team taken into consideration?

Options:

A.

biometric data cannot be changed.

B.

Separate biometric data streams require increased security.

C.

The biometric devices are unknown.

D.

Biometric data must be protected from disclosure.

Buy Now
Questions 48

All hosts on the network are sending logs via syslog-ng to the log collector. The log collector is behind its own firewall, The security professional wants to make sure not to put extra load on the firewall due to the amount of traffic that is passing through it. Which of the following types of filtering would MOST likely be used?

Options:

A.

Uniform Resource Locator (URL) Filtering

B.

Web Traffic Filtering

C.

Dynamic Packet Filtering

D.

Static Packet Filtering

Buy Now
Questions 49

What BEST describes the confidentiality, integrity, availability triad?

Options:

A.

A tool used to assist in understanding how to protect the organization's data

B.

The three-step approach to determine the risk level of an organization

C.

The implementation of security systems to protect the organization's data

D.

A vulnerability assessment to see how well the organization's data is protected

Buy Now
Questions 50

Which of the following access control models is MOST restrictive?

Options:

A.

Discretionary Access Control (DAC)

B.

Mandatory Access Control (MAC)

C.

Role Based Access Control (RBAC)

D.

Rule based access control

Buy Now
Questions 51

An attacker is able to remain indefinitely logged into a exploiting to remain on the web service?

Options:

A.

Alert management

B.

Password management

C.

Session management

D.

Identity management (IM)

Buy Now
Questions 52

Which of the following will an organization's network vulnerability testing process BEST enhance?

Options:

A.

Firewall log review processes

B.

Asset management procedures

C.

Server hardening processes

D.

Code review procedures

Buy Now
Questions 53

The security team has been tasked with performing an interface test against a frontend external facing application and needs to verify that all input fields protect against

invalid input. Which of the following BEST assists this process?

Options:

A.

Application fuzzing

B.

Instruction set simulation

C.

Regression testing

D.

Sanity testing

Buy Now
Questions 54

Why do certificate Authorities (CA) add value to the security of electronic commerce transactions?

Options:

A.

They maintain the certificate revocation list.

B.

They maintain the private keys of transition parties.

C.

They verify the transaction parties' private keys.

D.

They provide a secure communication enamel to the transaction parties.

Buy Now
Questions 55

A small office is running WiFi 4 APs, and neighboring offices do not want to increase the throughput to associated devices. Which of the following is the MOST cost-efficient way for the office to increase network performance?

Options:

A.

Add another AP.

B.

Disable the 2.4GHz radios

C.

Enable channel bonding.

D.

Upgrade to WiFi 5.

Buy Now
Questions 56

Which of the following is a characteristic of the independent testing of a program?

Options:

A.

Independent testing increases the likelihood that a test will expose the effect of a hidden feature.

B.

Independent testing decreases the likelihood that a test will expose the effect of a hidden feature.

C.

Independent testing teams help decrease the cost of creating test data and system design specification.

D.

Independent testing teams help identify functional requirements and Service Level Agreements (SLA)

Buy Now
Questions 57

In Federated Identity Management (FIM), which of the following represents the concept of federation?

Options:

A.

Collection of information logically grouped into a single entity

B.

Collection, maintenance, and deactivation of user objects and attributes in one or more systems, directories or applications

C.

Collection of information for common identities in a system

D.

Collection of domains that have established trust among themselves

Buy Now
Questions 58

Which is the BEST control to meet the Statement on Standards for Attestation Engagements 18 (SSAE-18) confidentiality category?

Options:

A.

Data processing

B.

Storage encryption

C.

File hashing

D.

Data retention policy

Buy Now
Questions 59

An organization that has achieved a Capability Maturity model Integration (CMMI) level of 4 has done which of the following?

Options:

A.

Addressed continuous innovative process improvement

B.

Addressed the causes of common process variance

C.

Achieved optimized process performance

D.

Achieved predictable process performance

Buy Now
Questions 60

Which of the following authorization standards is built to handle Application Programming Interface (API) access for Federated Identity Management (FIM)?

Options:

A.

Security Assertion Markup Language (SAML)

B.

Open Authentication (OAUTH)

C.

Remote Authentication Dial-in User service (RADIUS)

D.

Terminal Access Control Access Control System Plus (TACACS+)

Buy Now
Questions 61

While classifying credit card data related to Payment Card Industry Data Security Standards (PCI-DSS), which of the following is a PRIMARY security requirement?

Options:

A.

Processor agreements with card holders

B.

Three-year retention of data

C.

Encryption of data

D.

Specific card disposal methodology

Buy Now
Questions 62

Which of the following is the MOST secure password technique?

Options:

A.

Passphrase

B.

One-time password

C.

Cognitive password

D.

dphertext

Buy Now
Questions 63

In order to support the least privilege security principle when a resource is transferring within the organization from a production support system administration role to a developer role, what changes should be made to the resource’s access to the production operating system (OS) directory structure?

Options:

A.

From Read Only privileges to No Access Privileges

B.

From Author privileges to Administrator privileges

C.

From Administrator privileges to No Access privileges

D.

From No Access Privileges to Author privileges

Buy Now
Questions 64

A security professional can BEST mitigate the risk of using a Commercial Off-The-Shelf (COTS) solution by deploying the application with which of the following controls in ?

Options:

A.

Whitelisting application

B.

Network segmentation

C.

Hardened configuration

D.

Blacklisting application

Buy Now
Questions 65

Which of the following security objectives for industrial control systems (ICS) can be adapted to securing any Internet of Things (IoT) system?

Options:

A.

Prevent unauthorized modification of data.

B.

Restore the system after an incident.

C.

Detect security events and incidents.

D.

Protect individual components from exploitation

Buy Now
Questions 66

What does the term “100-year floodplain” mean to emergency preparedness officials?

Options:

A.

The area is expected to be safe from flooding for at least 100 years.

B.

The odds of a flood at this level are 1 in 100 in any given year.

C.

The odds are that the next significant flood will hit within the next 100 years.

D.

The last flood of any kind to hit the area was more than 100 years ago.

Buy Now
Questions 67

The Rivest-Shamir-Adleman (RSA) algorithm is BEST suited for which of the following operations?

Options:

A.

Bulk data encryption and decryption

B.

One-way secure hashing for user and message authentication

C.

Secure key exchange for symmetric cryptography

D.

Creating digital checksums for message integrity

Buy Now
Questions 68

A security professional should ensure that clients support which secondary algorithm for digital signatures when a Secure Multipurpose Internet Mail Extension (S/MIME) is used?

Options:

A.

Triple Data Encryption Standard (3DES)

B.

Advanced Encryption Standard (AES)

C.

Digital Signature Algorithm (DSA)

D.

Rivest-Shamir-Adieman (RSA)

Buy Now
Questions 69

A security professional should consider the protection of which of the following elements FIRST when developing a defense-in-depth strategy for a mobile workforce?

Options:

A.

Network perimeters

B.

Demilitarized Zones (DM2)

C.

Databases and back-end servers

D.

End-user devices

Buy Now
Questions 70

Which of the following is the top barrier for companies to adopt cloud technology?

Options:

A.

Migration period

B.

Data integrity

C.

Cost

D.

Security

Buy Now
Questions 71

When reviewing vendor certifications for handling and processing of company data, which of the following is the BEST Service Organization Controls (SOC) certification for the vendor to possess?

Options:

A.

SOC 1 Type 1

B.

SOC 2 Type 1

C.

SOC 2 Type 2

D.

SOC 3

Buy Now
Questions 72

According to the (ISC)? ethics canon “act honorably, honestly, justly, responsibly, and legally," which order should be used when resolving conflicts?

Options:

A.

Public safety and duties to principals, individuals, and the profession

B.

Individuals, the profession, and public safety and duties to principals

C.

Individuals, public safety and duties to principals, and the profession

D.

The profession, public safety and duties to principals, and individuals

Buy Now
Questions 73

When implementing a data classification program, why is it important to avoid too much granularity?

Options:

A.

The process will require too many resources

B.

It will be difficult to apply to both hardware and software

C.

It will be difficult to assign ownership to the data

D.

The process will be perceived as having value

Buy Now
Questions 74

Which of the following is an effective control in preventing electronic cloning of Radio Frequency Identification (RFID) based access cards?

Options:

A.

Personal Identity Verification (PIV)

B.

Cardholder Unique Identifier (CHUID) authentication

C.

Physical Access Control System (PACS) repeated attempt detection

D.

Asymmetric Card Authentication Key (CAK) challenge-response

Buy Now
Questions 75

Which of the following is MOST important when assigning ownership of an asset to a department?

Options:

A.

The department should report to the business owner

B.

Ownership of the asset should be periodically reviewed

C.

Individual accountability should be ensured

D.

All members should be trained on their responsibilities

Buy Now
Questions 76

Which of the following BEST describes the responsibilities of a data owner?

Options:

A.

Ensuring quality and validation through periodic audits for ongoing data integrity

B.

Maintaining fundamental data availability, including data storage and archiving

C.

Ensuring accessibility to appropriate users, maintaining appropriate levels of data security

D.

Determining the impact the information has on the mission of the organization

Buy Now
Questions 77

Which one of the following affects the classification of data?

Options:

A.

Assigned security label

B.

Multilevel Security (MLS) architecture

C.

Minimum query size

D.

Passage of time

Buy Now
Questions 78

An organization has doubled in size due to a rapid market share increase. The size of the Information Technology (IT) staff has maintained pace with this growth. The organization hires several contractors whose onsite time is limited. The IT department has pushed its limits building servers and rolling out workstations and has a backlog of account management requests.

Which contract is BEST in offloading the task from the IT staff?

Options:

A.

Platform as a Service (PaaS)

B.

Identity as a Service (IDaaS)

C.

Desktop as a Service (DaaS)

D.

Software as a Service (SaaS)

Buy Now
Questions 79

Which of the following is an initial consideration when developing an information security management system?

Options:

A.

Identify the contractual security obligations that apply to the organizations

B.

Understand the value of the information assets

C.

Identify the level of residual risk that is tolerable to management

D.

Identify relevant legislative and regulatory compliance requirements

Buy Now
Questions 80

In a data classification scheme, the data is owned by the

Options:

A.

system security managers

B.

business managers

C.

Information Technology (IT) managers

D.

end users

Buy Now
Questions 81

What is the BEST approach for controlling access to highly sensitive information when employees have the same level of security clearance?

Options:

A.

Audit logs

B.

Role-Based Access Control (RBAC)

C.

Two-factor authentication

D.

Application of least privilege

Buy Now
Questions 82

Users require access rights that allow them to view the average salary of groups of employees. Which control would prevent the users from obtaining an individual employee’s salary?

Options:

A.

Limit access to predefined queries

B.

Segregate the database into a small number of partitions each with a separate security level

C.

Implement Role Based Access Control (RBAC)

D.

Reduce the number of people who have access to the system for statistical purposes

Buy Now
Questions 83

Which of the following BEST describes an access control method utilizing cryptographic keys derived from a smart card private key that is embedded within mobile devices?

Options:

A.

Derived credential

B.

Temporary security credential

C.

Mobile device credentialing service

D.

Digest authentication

Buy Now
Questions 84

A manufacturing organization wants to establish a Federated Identity Management (FIM) system with its 20 different supplier companies. Which of the following is the BEST solution for the manufacturing organization?

Options:

A.

Trusted third-party certification

B.

Lightweight Directory Access Protocol (LDAP)

C.

Security Assertion Markup language (SAML)

D.

Cross-certification

Buy Now
Questions 85

A continuous information security-monitoring program can BEST reduce risk through which of the following?

Options:

A.

Collecting security events and correlating them to identify anomalies

B.

Facilitating system-wide visibility into the activities of critical user accounts

C.

Encompassing people, process, and technology

D.

Logging both scheduled and unscheduled system changes

Buy Now
Questions 86

A Business Continuity Plan/Disaster Recovery Plan (BCP/DRP) will provide which of the following?

Options:

A.

Guaranteed recovery of all business functions

B.

Minimization of the need decision making during a crisis

C.

Insurance against litigation following a disaster

D.

Protection from loss of organization resources

Buy Now
Questions 87

Which of the following is the FIRST step in the incident response process?

Options:

A.

Determine the cause of the incident

B.

Disconnect the system involved from the network

C.

Isolate and contain the system involved

D.

Investigate all symptoms to confirm the incident

Buy Now
Questions 88

Recovery strategies of a Disaster Recovery planning (DRIP) MUST be aligned with which of the following?

Options:

A.

Hardware and software compatibility issues

B.

Applications’ critically and downtime tolerance

C.

Budget constraints and requirements

D.

Cost/benefit analysis and business objectives

Buy Now
Questions 89

What is the PRIMARY reason for implementing change management?

Options:

A.

Certify and approve releases to the environment

B.

Provide version rollbacks for system changes

C.

Ensure that all applications are approved

D.

Ensure accountability for changes to the environment

Buy Now
Questions 90

What is the MOST important step during forensic analysis when trying to learn the purpose of an unknown application?

Options:

A.

Disable all unnecessary services

B.

Ensure chain of custody

C.

Prepare another backup of the system

D.

Isolate the system from the network

Buy Now
Questions 91

What should be the FIRST action to protect the chain of evidence when a desktop computer is involved?

Options:

A.

Take the computer to a forensic lab

B.

Make a copy of the hard drive

C.

Start documenting

D.

Turn off the computer

Buy Now
Questions 92

Which of the following is a PRIMARY advantage of using a third-party identity service?

Options:

A.

Consolidation of multiple providers

B.

Directory synchronization

C.

Web based logon

D.

Automated account management

Buy Now
Questions 93

With what frequency should monitoring of a control occur when implementing Information Security Continuous Monitoring (ISCM) solutions?

Options:

A.

Continuously without exception for all security controls

B.

Before and after each change of the control

C.

At a rate concurrent with the volatility of the security control

D.

Only during system implementation and decommissioning

Buy Now
Questions 94

An organization is found lacking the ability to properly establish performance indicators for its Web hosting solution during an audit. What would be the MOST probable cause?

Options:

A.

Absence of a Business Intelligence (BI) solution

B.

Inadequate cost modeling

C.

Improper deployment of the Service-Oriented Architecture (SOA)

D.

Insufficient Service Level Agreement (SLA)

Buy Now
Questions 95

What would be the MOST cost effective solution for a Disaster Recovery (DR) site given that the organization’s systems cannot be unavailable for more than 24 hours?

Options:

A.

Warm site

B.

Hot site

C.

Mirror site

D.

Cold site

Buy Now
Questions 96

Which of the following types of business continuity tests includes assessment of resilience to internal and external risks without endangering live operations?

Options:

A.

Walkthrough

B.

Simulation

C.

Parallel

D.

White box

Buy Now
Questions 97

When is a Business Continuity Plan (BCP) considered to be valid?

Options:

A.

When it has been validated by the Business Continuity (BC) manager

B.

When it has been validated by the board of directors

C.

When it has been validated by all threat scenarios

D.

When it has been validated by realistic exercises

Buy Now
Questions 98

Which of the following MUST be done when promoting a security awareness program to senior management?

Options:

A.

Show the need for security; identify the message and the audience

B.

Ensure that the security presentation is designed to be all-inclusive

C.

Notify them that their compliance is mandatory

D.

Explain how hackers have enhanced information security

Buy Now
Questions 99

Which of the following does Temporal Key Integrity Protocol (TKIP) support?

Options:

A.

Multicast and broadcast messages

B.

Coordination of IEEE 802.11 protocols

C.

Wired Equivalent Privacy (WEP) systems

D.

Synchronization of multiple devices

Buy Now
Questions 100

What is the FIRST step in developing a security test and its evaluation?

Options:

A.

Determine testing methods

B.

Develop testing procedures

C.

Identify all applicable security requirements

D.

Identify people, processes, and products not in compliance

Buy Now
Questions 101

What is the MOST effective countermeasure to a malicious code attack against a mobile system?

Options:

A.

Sandbox

B.

Change control

C.

Memory management

D.

Public-Key Infrastructure (PKI)

Buy Now
Questions 102

When constructing an Information Protection Policy (IPP), it is important that the stated rules are necessary, adequate, and

Options:

A.

flexible.

B.

confidential.

C.

focused.

D.

achievable.

Buy Now
Questions 103

Which of the following is the MAIN reason that system re-certification and re-accreditation are needed?

Options:

A.

To assist data owners in making future sensitivity and criticality determinations

B.

To assure the software development team that all security issues have been addressed

C.

To verify that security protection remains acceptable to the organizational security policy

D.

To help the security team accept or reject new systems for implementation and production

Buy Now
Questions 104

In a financial institution, who has the responsibility for assigning the classification to a piece of information?

Options:

A.

Chief Financial Officer (CFO)

B.

Chief Information Security Officer (CISO)

C.

Originator or nominated owner of the information

D.

Department head responsible for ensuring the protection of the information

Buy Now
Questions 105

Why must all users be positively identified prior to using multi-user computers?

Options:

A.

To provide access to system privileges

B.

To provide access to the operating system

C.

To ensure that unauthorized persons cannot access the computers

D.

To ensure that management knows what users are currently logged on

Buy Now
Questions 106

At a MINIMUM, a formal review of any Disaster Recovery Plan (DRP) should be conducted

Options:

A.

monthly.

B.

quarterly.

C.

annually.

D.

bi-annually.

Buy Now
Questions 107

Which one of the following transmission media is MOST effective in preventing data interception?

Options:

A.

Microwave

B.

Twisted-pair

C.

Fiber optic

D.

Coaxial cable

Buy Now
Questions 108

What should happen when an emergency change to a system must be performed?

Options:

A.

The change must be given priority at the next meeting of the change control board.

B.

Testing and approvals must be performed quickly.

C.

The change must be performed immediately and then submitted to the change board.

D.

The change is performed and a notation is made in the system log.

Buy Now
Questions 109

In general, servers that are facing the Internet should be placed in a demilitarized zone (DMZ). What is MAIN purpose of the DMZ?

Options:

A.

Reduced risk to internal systems.

B.

Prepare the server for potential attacks.

C.

Mitigate the risk associated with the exposed server.

D.

Bypass the need for a firewall.

Buy Now
Questions 110

When writing security assessment procedures, what is the MAIN purpose of the test outputs and reports?

Options:

A.

To force the software to fail and document the process

B.

To find areas of compromise in confidentiality and integrity

C.

To allow for objective pass or fail decisions

D.

To identify malware or hidden code within the test results

Buy Now
Questions 111

The PRIMARY characteristic of a Distributed Denial of Service (DDoS) attack is that it

Options:

A.

exploits weak authentication to penetrate networks.

B.

can be detected with signature analysis.

C.

looks like normal network activity.

D.

is commonly confused with viruses or worms.

Buy Now
Questions 112

A security architect plans to reference a Mandatory Access Control (MAC) model for implementation. This indicates that which of the following properties are being prioritized?

Options:

A.

Confidentiality

B.

Integrity

C.

Availability

D.

Accessibility

Buy Now
Questions 113

The application of a security patch to a product previously validate at Common Criteria (CC) Evaluation Assurance Level (EAL) 4 would

Options:

A.

require an update of the Protection Profile (PP).

B.

require recertification.

C.

retain its current EAL rating.

D.

reduce the product to EAL 3.

Buy Now
Questions 114

An organization’s information security strategic plan MUST be reviewed

Options:

A.

whenever there are significant changes to a major application.

B.

quarterly, when the organization’s strategic plan is updated.

C.

whenever there are major changes to the business.

D.

every three years, when the organization’s strategic plan is updated.

Buy Now
Questions 115

Which of the following questions can be answered using user and group entitlement reporting?

Options:

A.

When a particular file was last accessed by a user

B.

Change control activities for a particular group of users

C.

The number of failed login attempts for a particular user

D.

Where does a particular user have access within the network

Buy Now
Questions 116

In which identity management process is the subject’s identity established?

Options:

A.

Trust

B.

Provisioning

C.

Authorization

D.

Enrollment

Buy Now
Questions 117

Which of the following is the MOST important element of change management documentation?

Options:

A.

List of components involved

B.

Number of changes being made

C.

Business case justification

D.

A stakeholder communication

Buy Now
Questions 118

What type of test assesses a Disaster Recovery (DR) plan using realistic disaster scenarios while maintaining minimal impact to business operations?

Options:

A.

Parallel

B.

Walkthrough

C.

Simulation

D.

Tabletop

Buy Now
Questions 119

Which of the following is the PRIMARY reason for employing physical security personnel at entry points in facilities where card access is in operation?

Options:

A.

To verify that only employees have access to the facility.

B.

To identify present hazards requiring remediation.

C.

To monitor staff movement throughout the facility.

D.

To provide a safe environment for employees.

Buy Now
Questions 120

Which of the following information MUST be provided for user account provisioning?

Options:

A.

Full name

B.

Unique identifier

C.

Security question

D.

Date of birth

Buy Now
Questions 121

An organization regularly conducts its own penetration tests. Which of the following scenarios MUST be covered for the test to be effective?

Options:

A.

Third-party vendor with access to the system

B.

System administrator access compromised

C.

Internal attacker with access to the system

D.

Internal user accidentally accessing data

Buy Now
Questions 122

How does a Host Based Intrusion Detection System (HIDS) identify a potential attack?

Options:

A.

Examines log messages or other indications on the system.

B.

Monitors alarms sent to the system administrator

C.

Matches traffic patterns to virus signature files

D.

Examines the Access Control List (ACL)

Buy Now
Questions 123

By carefully aligning the pins in the lock, which of the following defines the opening of a mechanical lock without the proper key?

Options:

A.

Lock pinging

B.

Lock picking

C.

Lock bumping

D.

Lock bricking

Buy Now
Questions 124

In order for a security policy to be effective within an organization, it MUST include

Options:

A.

strong statements that clearly define the problem.

B.

a list of all standards that apply to the policy.

C.

owner information and date of last revision.

D.

disciplinary measures for non compliance.

Buy Now
Questions 125

Which of the following is the PRIMARY security concern associated with the implementation of smart cards?

Options:

A.

The cards have limited memory

B.

Vendor application compatibility

C.

The cards can be misplaced

D.

Mobile code can be embedded in the card

Buy Now
Questions 126

The application of which of the following standards would BEST reduce the potential for data breaches?

Options:

A.

ISO 9000

B.

ISO 20121

C.

ISO 26000

D.

ISO 27001

Buy Now
Questions 127

Which of the following is the PRIMARY concern when using an Internet browser to access a cloud-based service?

Options:

A.

Insecure implementation of Application Programming Interfaces (API)

B.

Improper use and storage of management keys

C.

Misconfiguration of infrastructure allowing for unauthorized access

D.

Vulnerabilities within protocols that can expose confidential data

Buy Now
Questions 128

Which of the following adds end-to-end security inside a Layer 2 Tunneling Protocol (L2TP) Internet Protocol Security (IPSec) connection?

Options:

A.

Temporal Key Integrity Protocol (TKIP)

B.

Secure Hash Algorithm (SHA)

C.

Secure Shell (SSH)

D.

Transport Layer Security (TLS)

Buy Now
Questions 129

Data remanence refers to which of the following?

Options:

A.

The remaining photons left in a fiber optic cable after a secure transmission.

B.

The retention period required by law or regulation.

C.

The magnetic flux created when removing the network connection from a server or personal computer.

D.

The residual information left on magnetic storage media after a deletion or erasure.

Buy Now
Questions 130

Which of the following command line tools can be used in the reconnaisance phase of a network vulnerability assessment?

Options:

A.

dig

B.

ifconfig

C.

ipconfig

D.

nbtstat

Buy Now
Questions 131

Which Web Services Security (WS-Security) specification negotiates how security tokens will be issued, renewed and validated? Click on the correct specification in the image below.

Options:

Buy Now
Questions 132

Which of the following PRIMARILY contributes to security incidents in web-based applications?

Options:

A.

Systems administration and operating systems

B.

System incompatibility and patch management

C.

Third-party applications and change controls

D.

Improper stress testing and application interfaces

Buy Now
Questions 133

Which technology is a prerequisite for populating the cloud-based directory in a federated identity solution?

Options:

A.

Notification tool

B.

Message queuing tool

C.

Security token tool

D.

Synchronization tool

Buy Now
Questions 134

Which of the following is an essential step before performing Structured Query Language (SQL) penetration tests on a production system?

Options:

A.

Verify countermeasures have been deactivated.

B.

Ensure firewall logging has been activated.

C.

Validate target systems have been backed up.

D.

Confirm warm site is ready to accept connections.

Buy Now
Questions 135

Which of the following is the BEST method to reduce the effectiveness of phishing attacks?

Options:

A.

User awareness

B.

Two-factor authentication

C.

Anti-phishing software

D.

Periodic vulnerability scan

Buy Now
Questions 136

What type of encryption is used to protect sensitive data in transit over a network?

Options:

A.

Payload encryption and transport encryption

B.

Authentication Headers (AH)

C.

Keyed-Hashing for Message Authentication

D.

Point-to-Point Encryption (P2PE)

Buy Now
Questions 137

The BEST example of the concept of "something that a user has" when providing an authorized user access to a computing system is

Options:

A.

the user's hand geometry.

B.

a credential stored in a token.

C.

a passphrase.

D.

the user's face.

Buy Now
Questions 138

Which of the following is the BIGGEST weakness when using native Lightweight Directory Access Protocol (LDAP) for authentication?

Options:

A.

Authorizations are not included in the server response

B.

Unsalted hashes are passed over the network

C.

The authentication session can be replayed

D.

Passwords are passed in clear text

Buy Now
Questions 139

Which of the following would BEST describe the role directly responsible for data within an organization?

Options:

A.

Data custodian

B.

Information owner

C.

Database administrator

D.

Quality control

Buy Now
Questions 140

Which Radio Frequency Interference (RFI) phenomenon associated with bundled cable runs can create information leakage?

Options:

A.

Transference

B.

Covert channel

C.

Bleeding

D.

Cross-talk

Buy Now
Questions 141

In configuration management, what baseline configuration information MUST be maintained for each computer system?

Options:

A.

Operating system and version, patch level, applications running, and versions.

B.

List of system changes, test reports, and change approvals

C.

Last vulnerability assessment report and initial risk assessment report

D.

Date of last update, test report, and accreditation certificate

Buy Now
Questions 142

A vulnerability in which of the following components would be MOST difficult to detect?

Options:

A.

Kernel

B.

Shared libraries

C.

Hardware

D.

System application

Buy Now
Questions 143

All of the following items should be included in a Business Impact Analysis (BIA) questionnaire EXCEPT questions that

Options:

A.

determine the risk of a business interruption occurring

B.

determine the technological dependence of the business processes

C.

Identify the operational impacts of a business interruption

D.

Identify the financial impacts of a business interruption

Buy Now
Questions 144

A company whose Information Technology (IT) services are being delivered from a Tier 4 data center, is preparing a companywide Business Continuity Planning (BCP). Which of the following failures should the IT manager be concerned with?

Options:

A.

Application

B.

Storage

C.

Power

D.

Network

Buy Now
Questions 145

Intellectual property rights are PRIMARY concerned with which of the following?

Options:

A.

Owner’s ability to realize financial gain

B.

Owner’s ability to maintain copyright

C.

Right of the owner to enjoy their creation

D.

Right of the owner to control delivery method

Buy Now
Questions 146

An important principle of defense in depth is that achieving information security requires a balanced focus on which PRIMARY elements?

Options:

A.

Development, testing, and deployment

B.

Prevention, detection, and remediation

C.

People, technology, and operations

D.

Certification, accreditation, and monitoring

Buy Now
Questions 147

What is the MOST important consideration from a data security perspective when an organization plans to relocate?

Options:

A.

Ensure the fire prevention and detection systems are sufficient to protect personnel

B.

Review the architectural plans to determine how many emergency exits are present

C.

Conduct a gap analysis of a new facilities against existing security requirements

D.

Revise the Disaster Recovery and Business Continuity (DR/BC) plan

Buy Now
Questions 148

Which of the following types of technologies would be the MOST cost-effective method to provide a reactive control for protecting personnel in public areas?

Options:

A.

Install mantraps at the building entrances

B.

Enclose the personnel entry area with polycarbonate plastic

C.

Supply a duress alarm for personnel exposed to the public

D.

Hire a guard to protect the public area

Buy Now
Questions 149

Which of the following represents the GREATEST risk to data confidentiality?

Options:

A.

Network redundancies are not implemented

B.

Security awareness training is not completed

C.

Backup tapes are generated unencrypted

D.

Users have administrative privileges

Buy Now
Questions 150

Which of the following actions will reduce risk to a laptop before traveling to a high risk area?

Options:

A.

Examine the device for physical tampering

B.

Implement more stringent baseline configurations

C.

Purge or re-image the hard disk drive

D.

Change access codes

Buy Now
Questions 151

When assessing an organization’s security policy according to standards established by the International Organization for Standardization (ISO) 27001 and 27002, when can management responsibilities be defined?

Options:

A.

Only when assets are clearly defined

B.

Only when standards are defined

C.

Only when controls are put in place

D.

Only procedures are defined

Buy Now
Questions 152

Refer to the information below to answer the question.

A large, multinational organization has decided to outsource a portion of their Information Technology (IT) organization to a third-party provider’s facility. This provider will be responsible for the design, development, testing, and support of several critical, customer-based applications used by the organization.

The third party needs to have

Options:

A.

processes that are identical to that of the organization doing the outsourcing.

B.

access to the original personnel that were on staff at the organization.

C.

the ability to maintain all of the applications in languages they are familiar with.

D.

access to the skill sets consistent with the programming languages used by the organization.

Buy Now
Questions 153

Refer to the information below to answer the question.

An organization has hired an information security officer to lead their security department. The officer has adequate people resources but is lacking the other necessary components to have an effective security program. There are numerous initiatives requiring security involvement.

The effectiveness of the security program can PRIMARILY be measured through

Options:

A.

audit findings.

B.

risk elimination.

C.

audit requirements.

D.

customer satisfaction.

Buy Now
Questions 154

A thorough review of an organization's audit logs finds that a disgruntled network administrator has intercepted emails meant for the Chief Executive Officer (CEO) and changed them before forwarding them to their intended recipient. What type of attack has MOST likely occurred?

Options:

A.

Spoofing

B.

Eavesdropping

C.

Man-in-the-middle

D.

Denial of service

Buy Now
Questions 155

Refer to the information below to answer the question.

A large, multinational organization has decided to outsource a portion of their Information Technology (IT) organization to a third-party provider’s facility. This provider will be responsible for the design, development, testing, and support of several critical, customer-based applications used by the organization.

What additional considerations are there if the third party is located in a different country?

Options:

A.

The organizational structure of the third party and how it may impact timelines within the organization

B.

The ability of the third party to respond to the organization in a timely manner and with accurate information

C.

The effects of transborder data flows and customer expectations regarding the storage or processing of their data

D.

The quantity of data that must be provided to the third party and how it is to be used

Buy Now
Questions 156

What is a common challenge when implementing Security Assertion Markup Language (SAML) for identity integration between on-premise environment and an external identity provider service?

Options:

A.

Some users are not provisioned into the service.

B.

SAML tokens are provided by the on-premise identity provider.

C.

Single users cannot be revoked from the service.

D.

SAML tokens contain user information.

Buy Now
Questions 157

Which of the following violates identity and access management best practices?

Options:

A.

User accounts

B.

System accounts

C.

Generic accounts

D.

Privileged accounts

Buy Now
Questions 158

When using third-party software developers, which of the following is the MOST effective method of providing software development Quality Assurance (QA)?

Options:

A.

Retain intellectual property rights through contractual wording.

B.

Perform overlapping code reviews by both parties.

C.

Verify that the contractors attend development planning meetings.

D.

Create a separate contractor development environment.

Buy Now
Questions 159

If an attacker in a SYN flood attack uses someone else's valid host address as the source address, the system under attack will send a large number of Synchronize/Acknowledge (SYN/ACK) packets to the

Options:

A.

default gateway.

B.

attacker's address.

C.

local interface being attacked.

D.

specified source address.

Buy Now
Questions 160

Which of the following is the PRIMARY benefit of a formalized information classification program?

Options:

A.

It drives audit processes.

B.

It supports risk assessment.

C.

It reduces asset vulnerabilities.

D.

It minimizes system logging requirements.

Buy Now
Questions 161

Multi-Factor Authentication (MFA) is necessary in many systems given common types of password attacks. Which of the following is a correct list of password attacks?

Options:

A.

Masquerading, salami, malware, polymorphism

B.

Brute force, dictionary, phishing, keylogger

C.

Zeus, netbus, rabbit, turtle

D.

Token, biometrics, IDS, DLP

Buy Now
Questions 162

When dealing with compliance with the Payment Card Industry-Data Security Standard (PCI-DSS), an organization that shares card holder information with a service provider MUST do which of the following?

Options:

A.

Perform a service provider PCI-DSS assessment on a yearly basis.

B.

Validate the service provider's PCI-DSS compliance status on a regular basis.

C.

Validate that the service providers security policies are in alignment with those of the organization.

D.

Ensure that the service provider updates and tests its Disaster Recovery Plan (DRP) on a yearly basis.

Buy Now
Questions 163

What is the MOST effective method for gaining unauthorized access to a file protected with a long complex password?

Options:

A.

Brute force attack

B.

Frequency analysis

C.

Social engineering

D.

Dictionary attack

Buy Now
Questions 164

Which of the following is the MOST beneficial to review when performing an IT audit?

Options:

A.

Audit policy

B.

Security log

C.

Security policies

D.

Configuration settings

Buy Now
Questions 165

An organization decides to implement a partial Public Key Infrastructure (PKI) with only the servers having digital certificates. What is the security benefit of this implementation?

Options:

A.

Clients can authenticate themselves to the servers.

B.

Mutual authentication is available between the clients and servers.

C.

Servers are able to issue digital certificates to the client.

D.

Servers can authenticate themselves to the client.

Buy Now
Questions 166

Refer to the information below to answer the question.

In a Multilevel Security (MLS) system, the following sensitivity labels are used in increasing levels of sensitivity: restricted, confidential, secret, top secret. Table A lists the clearance levels for four users, while Table B lists the security classes of four different files.

In a Bell-LaPadula system, which user has the MOST restrictions when writing data to any of the four files?

Options:

A.

User A

B.

User B

C.

User C

D.

User D

Buy Now
Questions 167

Which of the following methods provides the MOST protection for user credentials?

Options:

A.

Forms-based authentication

B.

Digest authentication

C.

Basic authentication

D.

Self-registration

Buy Now
Questions 168

Refer to the information below to answer the question.

During the investigation of a security incident, it is determined that an unauthorized individual accessed a system which hosts a database containing financial information.

If it is discovered that large quantities of information have been copied by the unauthorized individual, what attribute of the data has been compromised?

Options:

A.

Availability

B.

Integrity

C.

Accountability

D.

Confidentiality

Buy Now
Questions 169

A large bank deploys hardware tokens to all customers that use their online banking system. The token generates and displays a six digit numeric password every 60 seconds. The customers must log into their bank accounts using this numeric password. This is an example of

Options:

A.

asynchronous token.

B.

Single Sign-On (SSO) token.

C.

single factor authentication token.

D.

synchronous token.

Buy Now
Questions 170

A large university needs to enable student access to university resources from their homes. Which of the following provides the BEST option for low maintenance and ease of deployment?

Options:

A.

Provide students with Internet Protocol Security (IPSec) Virtual Private Network (VPN) client software.

B.

Use Secure Sockets Layer (SSL) VPN technology.

C.

Use Secure Shell (SSH) with public/private keys.

D.

Require students to purchase home router capable of VPN.

Buy Now
Questions 171

With data labeling, which of the following MUST be the key decision maker?

Options:

A.

Information security

B.

Departmental management

C.

Data custodian

D.

Data owner

Buy Now
Questions 172

Which of the following is the MOST crucial for a successful audit plan?

Options:

A.

Defining the scope of the audit to be performed

B.

Identifying the security controls to be implemented

C.

Working with the system owner on new controls

D.

Acquiring evidence of systems that are not compliant

Buy Now
Questions 173

Which of the following secure startup mechanisms are PRIMARILY designed to thwart attacks?

Options:

A.

Timing

B.

Cold boot

C.

Side channel

D.

Acoustic cryptanalysis

Buy Now
Questions 174

Which of the following describes the concept of a Single Sign -On (SSO) system?

Options:

A.

Users are authenticated to one system at a time.

B.

Users are identified to multiple systems with several credentials.

C.

Users are authenticated to multiple systems with one login.

D.

Only one user is using the system at a time.

Buy Now
Questions 175

Without proper signal protection, embedded systems may be prone to which type of attack?

Options:

A.

Brute force

B.

Tampering

C.

Information disclosure

D.

Denial of Service (DoS)

Buy Now
Questions 176

According to best practice, which of the following groups is the MOST effective in performing an information security compliance audit?

Options:

A.

In-house security administrators

B.

In-house Network Team

C.

Disaster Recovery (DR) Team

D.

External consultants

Buy Now
Questions 177

When implementing a secure wireless network, which of the following supports authentication and authorization for individual client endpoints.

Options:

A.

Temporal Key Integrity Protocol (TKIP)

B.

Wi-Fi Protected Access (WPA) Pre-Shared Key (PSK)

C.

Wi-Fi Protected Access 2 (WPA2) Enterprise

D.

Counter Mode with Cipher Block Chaining Message Authentication Code Protocol (CCMP)

Buy Now
Questions 178

Which of the following is of GREATEST assistance to auditors when reviewing system configurations?

Options:

A.

Change management processes

B.

User administration procedures

C.

Operating System (OS) baselines

D.

System backup documentation

Buy Now
Questions 179

A Virtual Machine (VM) environment has five guest Operating Systems (OS) and provides strong isolation. What MUST an administrator review to audit a user’s access to data files?

Options:

A.

Host VM monitor audit logs

B.

Guest OS access controls

C.

Host VM access controls

D.

Guest OS audit logs

Buy Now
Questions 180

Which of the following could cause a Denial of Service (DoS) against an authentication system?

Options:

A.

Encryption of audit logs

B.

No archiving of audit logs

C.

Hashing of audit logs

D.

Remote access audit logs

Buy Now
Questions 181

In which of the following programs is it MOST important to include the collection of security process data?

Options:

A.

Quarterly access reviews

B.

Security continuous monitoring

C.

Business continuity testing

D.

Annual security training

Buy Now
Questions 182

Which of the following is a PRIMARY benefit of using a formalized security testing report format and structure?

Options:

A.

Executive audiences will understand the outcomes of testing and most appropriate next steps for corrective actions to be taken

B.

Technical teams will understand the testing objectives, testing strategies applied, and business risk associated with each vulnerability

C.

Management teams will understand the testing objectives and reputational risk to the organization

D.

Technical and management teams will better understand the testing objectives, results of each test phase, and potential impact levels

Buy Now
Questions 183

A Java program is being developed to read a file from computer A and write it to computer B, using a third computer C. The program is not working as expected. What is the MOST probable security feature of Java preventing the program from operating as intended?

Options:

A.

Least privilege

B.

Privilege escalation

C.

Defense in depth

D.

Privilege bracketing

Buy Now
Questions 184

The configuration management and control task of the certification and accreditation process is incorporated in which phase of the System Development Life Cycle (SDLC)?

Options:

A.

System acquisition and development

B.

System operations and maintenance

C.

System initiation

D.

System implementation

Buy Now
Questions 185

Which of the following is a web application control that should be put into place to prevent exploitation of Operating System (OS) bugs?

Options:

A.

Check arguments in function calls

B.

Test for the security patch level of the environment

C.

Include logging functions

D.

Digitally sign each application module

Buy Now
Questions 186

When in the Software Development Life Cycle (SDLC) MUST software security functional requirements be defined?

Options:

A.

After the system preliminary design has been developed and the data security categorization has been performed

B.

After the vulnerability analysis has been performed and before the system detailed design begins

C.

After the system preliminary design has been developed and before the data security categorization begins

D.

After the business functional analysis and the data security categorization have been performed

Buy Now
Questions 187

Which of the following is the BEST method to prevent malware from being introduced into a production environment?

Options:

A.

Purchase software from a limited list of retailers

B.

Verify the hash key or certificate key of all updates

C.

Do not permit programs, patches, or updates from the Internet

D.

Test all new software in a segregated environment

Buy Now
Exam Code: CISSP
Exam Name: Certified Information Systems Security Professional (CISSP)
Last Update: Dec 25, 2024
Questions: 1486
CISSP pdf

CISSP PDF

$119.7  $399
CISSP Engine

CISSP Testing Engine

$134.7  $449
CISSP PDF + Engine

CISSP PDF + Testing Engine

$179.7  $599