It is more faster and easier to pass the ISC2 CISSP exam by using Vivid ISC2 Certified Information Systems Security Professional (CISSP) questuins and answers. Immediate access to the Up to date CISSP Exam and find the same core area CISSP questions with professionally verified answers, then PASS your exam with a high score now.
Online CISSP free questions and answers of New Version:
NEW QUESTION 1
At a MINIMUM, a formal review of any Disaster Recovery Plan (DRP) should be conducted
- A. monthly.
- B. quarterly.
- C. annually.
- D. bi-annually.
Answer: C
NEW QUESTION 2
The BEST way to check for good security programming practices, as well as auditing for possible backdoors, is to conduct
- A. log auditing.
- B. code reviews.
- C. impact assessments.
- D. static analysis.
Answer: B
NEW QUESTION 3
At which layer of the Open Systems Interconnect (OSI) model are the source and destination address for a datagram handled?
- A. Transport Layer
- B. Data-Link Layer
- C. Network Layer
- D. Application Layer
Answer: C
NEW QUESTION 4
Which of the following is a MAJOR consideration in implementing a Voice over IP (VoIP) network?
- A. Use of a unified messaging.
- B. Use of separation for the voice network.
- C. Use of Network Access Control (NAC) on switches.
- D. Use of Request for Comments (RFC) 1918 addressing.
Answer: B
NEW QUESTION 5
When planning a penetration test, the tester will be MOST interested in which information?
- A. Places to install back doors
- B. The main network access points
- C. Job application handouts and tours
- D. Exploits that can attack weaknesses
Answer: B
NEW QUESTION 6
A chemical plan wants to upgrade the Industrial Control System (ICS) to transmit data using Ethernet instead of RS422. The project manager wants to simplify administration and maintenance by utilizing the office network infrastructure and staff to implement this upgrade.
Which of the following is the GREATEST impact on security for the network?
- A. The network administrators have no knowledge of ICS
- B. The ICS is now accessible from the office network
- C. The ICS does not support the office password policy
- D. RS422 is more reliable than Ethernet
Answer: B
NEW QUESTION 7
The application of which of the following standards would BEST reduce the potential for data breaches?
- A. ISO 9000
- B. ISO 20121
- C. ISO 26000
- D. ISO 27001
Answer: D
NEW QUESTION 8
Including a Trusted Platform Module (TPM) in the design of a computer system is an example of a technique to what?
- A. Interface with the Public Key Infrastructure (PKI)
- B. Improve the quality of security software
- C. Prevent Denial of Service (DoS) attacks
- D. Establish a secure initial state
Answer: D
NEW QUESTION 9
In a financial institution, who has the responsibility for assigning the classification to a piece of information?
- A. Chief Financial Officer (CFO)
- B. Chief Information Security Officer (CISO)
- C. Originator or nominated owner of the information
- D. Department head responsible for ensuring the protection of the information
Answer: C
NEW QUESTION 10
A network scan found 50% of the systems with one or more critical vulnerabilities. Which of the following represents the BEST action?
- A. Assess vulnerability risk and program effectiveness.
- B. Assess vulnerability risk and business impact.
- C. Disconnect all systems with critical vulnerabilities.
- D. Disconnect systems with the most number of vulnerabilities.
Answer: B
NEW QUESTION 11
What type of encryption is used to protect sensitive data in transit over a network?
- A. Payload encryption and transport encryption
- B. Authentication Headers (AH)
- C. Keyed-Hashing for Message Authentication
- D. Point-to-Point Encryption (P2PE)
Answer: A
NEW QUESTION 12
Copyright provides protection for which of the following?
- A. Ideas expressed in literary works
- B. A particular expression of an idea
- C. New and non-obvious inventions
- D. Discoveries of natural phenomena
Answer: B
NEW QUESTION 13
The goal of a Business Continuity Plan (BCP) training and awareness program is to
- A. enhance the skills required to create, maintain, and execute the plan.
- B. provide for a high level of recovery in case of disaster.
- C. describe the recovery organization to new employees.
- D. provide each recovery team with checklists and procedures.
Answer: A
NEW QUESTION 14
What is a common challenge when implementing Security Assertion Markup Language (SAML) for identity integration between on-premise environment and an external identity provider service?
- A. Some users are not provisioned into the service.
- B. SAML tokens are provided by the on-premise identity provider.
- C. Single users cannot be revoked from the service.
- D. SAML tokens contain user information.
Answer: A
NEW QUESTION 15
What maintenance activity is responsible for defining, implementing, and testing updates to application systems?
- A. Program change control
- B. Regression testing
- C. Export exception control
- D. User acceptance testing
Answer: A
NEW QUESTION 16
What are the steps of a risk assessment?
- A. identification, analysis, evaluation
- B. analysis, evaluation, mitigation
- C. classification, identification, risk management
- D. identification, evaluation, mitigation
Answer: A
Explanation:
Section: Security Assessment and Testing
NEW QUESTION 17
What is the MAIN reason for testing a Disaster Recovery Plan (DRP)?
- A. To ensure Information Technology (IT) staff knows and performs roles assigned to each of them
- B. To validate backup sites’ effectiveness
- C. To find out what does not work and fix it
- D. To create a high level DRP awareness among Information Technology (IT) staff
Answer: B
NEW QUESTION 18
When designing a networked Information System (IS) where there will be several different types of individual access, what is the FIRST step that should be taken to ensure all access control requirements are addressed?
- A. Create a user profile.
- B. Create a user access matrix.
- C. Develop an Access Control List (ACL).
- D. Develop a Role Based Access Control (RBAC) list.
Answer: B
NEW QUESTION 19
A company was ranked as high in the following National Institute of Standards and Technology (NIST) functions: Protect, Detect, Respond and Recover. However, a low maturity grade was attributed to the Identify function. In which of the following the controls categories does this company need to improve when analyzing its processes individually?
- A. Asset Management, Business Environment, Governance and Risk Assessment
- B. Access Control, Awareness and Training, Data Security and Maintenance
- C. Anomalies and Events, Security Continuous Monitoring and Detection Processes
- D. Recovery Planning, Improvements and Communications
Answer: A
NEW QUESTION 20
A large university needs to enable student access to university resources from their homes. Which of the following provides the BEST option for low maintenance and ease of deployment?
- A. Provide students with Internet Protocol Security (IPSec) Virtual Private Network (VPN) client software.
- B. Use Secure Sockets Layer (SSL) VPN technology.
- C. Use Secure Shell (SSH) with public/private keys.
- D. Require students to purchase home router capable of VPN.
Answer: B
NEW QUESTION 21
How should an organization determine the priority of its remediation efforts after a vulnerability assessment has been conducted?
- A. Use an impact-based approach.
- B. Use a risk-based approach.
- C. Use a criticality-based approach.
- D. Use a threat-based approach.
Answer: B
NEW QUESTION 22
As part of an application penetration testing process, session hijacking can BEST be achieved by which of the following?
- A. Known-plaintext attack
- B. Denial of Service (DoS)
- C. Cookie manipulation
- D. Structured Query Language (SQL) injection
Answer: D
Explanation:
Section: Security Assessment and Testing
NEW QUESTION 23
The restoration priorities of a Disaster Recovery Plan (DRP) are based on which of the following documents?
- A. Service Level Agreement (SLA)
- B. Business Continuity Plan (BCP)
- C. Business Impact Analysis (BIA)
- D. Crisis management plan
Answer: B
NEW QUESTION 24
The MAIN use of Layer 2 Tunneling Protocol (L2TP) is to tunnel data
- A. through a firewall at the Session layer
- B. through a firewall at the Transport layer
- C. in the Point-to-Point Protocol (PPP)
- D. in the Payload Compression Protocol (PCP)
Answer: C
NEW QUESTION 25
A vulnerability assessment report has been submitted to a client. The client indicates that one third of the hosts that were in scope are missing from the report.
In which phase of the assessment was this error MOST likely made?
- A. Enumeration
- B. Reporting
- C. Detection
- D. Discovery
Answer: A
Explanation:
Section: Security Assessment and Testing
NEW QUESTION 26
From a security perspective, which of the following assumptions MUST be made about input to an
application?
- A. It is tested
- B. It is logged
- C. It is verified
- D. It is untrusted
Answer: D
NEW QUESTION 27
Which of the following is a method used to prevent Structured Query Language (SQL) injection attacks?
- A. Data compression
- B. Data classification
- C. Data warehousing
- D. Data validation
Answer: D
NEW QUESTION 28
A continuous information security monitoring program can BEST reduce risk through which of the following?
- A. Collecting security events and correlating them to identify anomalies
- B. Facilitating system-wide visibility into the activities of critical user accounts
- C. Encompassing people, process, and technology
- D. Logging both scheduled and unscheduled system changes
Answer: B
NEW QUESTION 29
......
Thanks for reading the newest CISSP exam dumps! We recommend you to try the PREMIUM Passcertsure CISSP dumps in VCE and PDF here: https://www.passcertsure.com/CISSP-test/ (653 Q&As Dumps)