CISSP Sample Questions - Feb 26, 2024 - PDF

Document Details

JollyPalmTree9160

Uploaded by JollyPalmTree9160

Basil

Tags

CISSP practice questions information security cybersecurity security certification

Summary

These are practice questions designed to help prospective CISSP candidates. The questions cover topics included in the certification exam, such as data classification, security controls, and business continuity planning. These questions do not come from a specific exam board, rather they are from a sample or study guide

Full Transcript

Welcome to download the Newest 2passeasy CISSP dumps https://www.2passeasy.com/dumps/CISSP/ (653 New Questions) Exam Questions CISSP Certified Information Systems Security Professional (CIS...

Welcome to download the Newest 2passeasy CISSP dumps https://www.2passeasy.com/dumps/CISSP/ (653 New Questions) Exam Questions CISSP Certified Information Systems Security Professional (CISSP) https://www.2passeasy.com/dumps/CISSP/ Passing Certification Exams Made Easy visit - https://www.2PassEasy.com Welcome to download the Newest 2passeasy CISSP dumps https://www.2passeasy.com/dumps/CISSP/ (653 New Questions) NEW QUESTION 1 - (Exam Topic 1) An important principle of defense in depth is that achieving information security requires a balanced focus on which PRIMARY elements? A. Development, testing, and deployment B. Prevention, detection, and remediation C. People, technology, and operations D. Certification, accreditation, and monitoring Answer: C NEW QUESTION 2 - (Exam Topic 1) Which of the following types of technologies would be the MOST cost-effective method to provide a reactive control for protecting personnel in public areas? A. Install mantraps at the building entrances B. Enclose the personnel entry area with polycarbonate plastic C. Supply a duress alarm for personnel exposed to the public D. Hire a guard to protect the public area Answer: D NEW QUESTION 3 - (Exam Topic 1) What is the MOST important consideration from a data security perspective when an organization plans to relocate? A. Ensure the fire prevention and detection systems are sufficient to protect personnel B. Review the architectural plans to determine how many emergency exits are present C. Conduct a gap analysis of a new facilities against existing security requirements D. Revise the Disaster Recovery and Business Continuity (DR/BC) plan Answer: C NEW QUESTION 4 - (Exam Topic 2) In a data classification scheme, the data is owned by the A. system security managers B. business managers C. Information Technology (IT) managers D. end users Answer: B NEW QUESTION 5 - (Exam Topic 2) Which one of the following affects the classification of data? A. Assigned security label B. Multilevel Security (MLS) architecture C. Minimum query size D. Passage of time Answer: D NEW QUESTION 6 - (Exam Topic 2) Which of the following is an initial consideration when developing an information security management system? A. Identify the contractual security obligations that apply to the organizations B. Understand the value of the information assets C. Identify the level of residual risk that is tolerable to management D. Identify relevant legislative and regulatory compliance requirements Answer: B NEW QUESTION 7 - (Exam Topic 2) Which of the following is an effective control in preventing electronic cloning of Radio Frequency Identification (RFID) based access cards? A. Personal Identity Verification (PIV) B. Cardholder Unique Identifier (CHUID) authentication C. Physical Access Control System (PACS) repeated attempt detection D. Asymmetric Card Authentication Key (CAK) challenge-response Passing Certification Exams Made Easy visit - https://www.2PassEasy.com Welcome to download the Newest 2passeasy CISSP dumps https://www.2passeasy.com/dumps/CISSP/ (653 New Questions) Answer: C NEW QUESTION 8 - (Exam Topic 2) Which of the following is MOST important when assigning ownership of an asset to a department? A. The department should report to the business owner B. Ownership of the asset should be periodically reviewed C. Individual accountability should be ensured D. All members should be trained on their responsibilities Answer: B NEW QUESTION 9 - (Exam Topic 3) Which security service is served by the process of encryption plaintext with the sender’s private key and decrypting cipher text with the sender’s public key? A. Confidentiality B. Integrity C. Identification D. Availability Answer: A NEW QUESTION 10 - (Exam Topic 3) The use of private and public encryption keys is fundamental in the implementation of which of the following? A. Diffie-Hellman algorithm B. Secure Sockets Layer (SSL) C. Advanced Encryption Standard (AES) D. Message Digest 5 (MD5) Answer: A NEW QUESTION 10 - (Exam Topic 4) An external attacker has compromised an organization’s network security perimeter and installed a sniffer onto an inside computer. Which of the following is the MOST effective layer of security the organization could have implemented to mitigate the attacker’s ability to gain further information? A. Implement packet filtering on the network firewalls B. Install Host Based Intrusion Detection Systems (HIDS) C. Require strong authentication for administrators D. Implement logical network segmentation at the switches Answer: D NEW QUESTION 15 - (Exam Topic 4) What is the purpose of an Internet Protocol (IP) spoofing attack? A. To send excessive amounts of data to a process, making it unpredictable B. To intercept network traffic without authorization C. To disguise the destination address from a target’s IP filtering devices D. To convince a system that it is communicating with a known entity Answer: D NEW QUESTION 16 - (Exam Topic 4) In a Transmission Control Protocol/Internet Protocol (TCP/IP) stack, which layer is responsible for negotiating and establishing a connection with another node? A. Transport layer B. Application layer C. Network layer D. Session layer Answer: A NEW QUESTION 19 - (Exam Topic 4) Which of the following is the BEST network defense against unknown types of attacks or stealth attacks in progress? A. Intrusion Prevention Systems (IPS) B. Intrusion Detection Systems (IDS) Passing Certification Exams Made Easy visit - https://www.2PassEasy.com Welcome to download the Newest 2passeasy CISSP dumps https://www.2passeasy.com/dumps/CISSP/ (653 New Questions) C. Stateful firewalls D. Network Behavior Analysis (NBA) tools Answer: D NEW QUESTION 24 - (Exam Topic 4) At what level of the Open System Interconnection (OSI) model is data at rest on a Storage Area Network (SAN) located? A. Link layer B. Physical layer C. Session layer D. Application layer Answer: D NEW QUESTION 25 - (Exam Topic 4) Which of the following factors contributes to the weakness of Wired Equivalent Privacy (WEP) protocol? A. WEP uses a small range Initialization Vector (IV) B. WEP uses Message Digest 5 (MD5) C. WEP uses Diffie-Hellman D. WEP does not use any Initialization Vector (IV) Answer: A NEW QUESTION 29 - (Exam Topic 5) A manufacturing organization wants to establish a Federated Identity Management (FIM) system with its 20 different supplier companies. Which of the following is the BEST solution for the manufacturing organization? A. Trusted third-party certification B. Lightweight Directory Access Protocol (LDAP) C. Security Assertion Markup language (SAML) D. Cross-certification Answer: C NEW QUESTION 31 - (Exam Topic 5) Which of the following BEST describes an access control method utilizing cryptographic keys derived from a smart card private key that is embedded within mobile devices? A. Derived credential B. Temporary security credential C. Mobile device credentialing service D. Digest authentication Answer: A NEW QUESTION 35 - (Exam Topic 6) A Virtual Machine (VM) environment has five guest Operating Systems (OS) and provides strong isolation. What MUST an administrator review to audit a user’s access to data files? A. Host VM monitor audit logs B. Guest OS access controls C. Host VM access controls D. Guest OS audit logs Answer: A NEW QUESTION 40 - (Exam Topic 6) Which of the following is of GREATEST assistance to auditors when reviewing system configurations? A. Change management processes B. User administration procedures C. Operating System (OS) baselines D. System backup documentation Answer: A NEW QUESTION 42 Passing Certification Exams Made Easy visit - https://www.2PassEasy.com Welcome to download the Newest 2passeasy CISSP dumps https://www.2passeasy.com/dumps/CISSP/ (653 New Questions) - (Exam Topic 6) Which of the following is a PRIMARY benefit of using a formalized security testing report format and structure? A. Executive audiences will understand the outcomes of testing and most appropriate next steps for corrective actions to be taken B. Technical teams will understand the testing objectives, testing strategies applied, and business risk associated with each vulnerability C. Management teams will understand the testing objectives and reputational risk to the organization D. Technical and management teams will better understand the testing objectives, results of each test phase, and potential impact levels Answer: D NEW QUESTION 44 - (Exam Topic 6) In which of the following programs is it MOST important to include the collection of security process data? A. Quarterly access reviews B. Security continuous monitoring C. Business continuity testing D. Annual security training Answer: A NEW QUESTION 47 - (Exam Topic 7) A Business Continuity Plan/Disaster Recovery Plan (BCP/DRP) will provide which of the following? A. Guaranteed recovery of all business functions B. Minimization of the need decision making during a crisis C. Insurance against litigation following a disaster D. Protection from loss of organization resources Answer: D NEW QUESTION 49 - (Exam Topic 7) Which of the following is a PRIMARY advantage of using a third-party identity service? A. Consolidation of multiple providers B. Directory synchronization C. Web based logon D. Automated account management Answer: D NEW QUESTION 54 - (Exam Topic 7) What is the MOST important step during forensic analysis when trying to learn the purpose of an unknown application? A. Disable all unnecessary services B. Ensure chain of custody C. Prepare another backup of the system D. Isolate the system from the network Answer: D NEW QUESTION 59 - (Exam Topic 7) An organization is found lacking the ability to properly establish performance indicators for its Web hosting solution during an audit. What would be the MOST probable cause? A. Absence of a Business Intelligence (BI) solution B. Inadequate cost modeling C. Improper deployment of the Service-Oriented Architecture (SOA) D. Insufficient Service Level Agreement (SLA) Answer: D NEW QUESTION 61 - (Exam Topic 7) With what frequency should monitoring of a control occur when implementing Information Security Continuous Monitoring (ISCM) solutions? A. Continuously without exception for all security controls B. Before and after each change of the control C. At a rate concurrent with the volatility of the security control D. Only during system implementation and decommissioning Answer: B Passing Certification Exams Made Easy visit - https://www.2PassEasy.com Welcome to download the Newest 2passeasy CISSP dumps https://www.2passeasy.com/dumps/CISSP/ (653 New Questions) NEW QUESTION 62 - (Exam Topic 7) What is the PRIMARY reason for implementing change management? A. Certify and approve releases to the environment B. Provide version rollbacks for system changes C. Ensure that all applications are approved D. Ensure accountability for changes to the environment Answer: D NEW QUESTION 67 - (Exam Topic 7) What should be the FIRST action to protect the chain of evidence when a desktop computer is involved? A. Take the computer to a forensic lab B. Make a copy of the hard drive C. Start documenting D. Turn off the computer Answer: C NEW QUESTION 69 - (Exam Topic 8) What is the BEST approach to addressing security issues in legacy web applications? A. Debug the security issues B. Migrate to newer, supported applications where possible C. Conduct a security assessment D. Protect the legacy application with a web application firewall Answer: D NEW QUESTION 72 - (Exam Topic 8) Which of the following is the BEST method to prevent malware from being introduced into a production environment? A. Purchase software from a limited list of retailers B. Verify the hash key or certificate key of all updates C. Do not permit programs, patches, or updates from the Internet D. Test all new software in a segregated environment Answer: D NEW QUESTION 76 - (Exam Topic 8) A Java program is being developed to read a file from computer A and write it to computer B, using a third computer C. The program is not working as expected. What is the MOST probable security feature of Java preventing the program from operating as intended? A. Least privilege B. Privilege escalation C. Defense in depth D. Privilege bracketing Answer: A NEW QUESTION 79 - (Exam Topic 8) Which of the following is the PRIMARY risk with using open source software in a commercial software construction? A. Lack of software documentation B. License agreements requiring release of modified code C. Expiration of the license agreement D. Costs associated with support of the software Answer: D NEW QUESTION 80 - (Exam Topic 9) What is the FIRST step in developing a security test and its evaluation? A. Determine testing methods B. Develop testing procedures C. Identify all applicable security requirements D. Identify people, processes, and products not in compliance Answer: Passing Certification Exams Made Easy visit - https://www.2PassEasy.com Welcome to download the Newest 2passeasy CISSP dumps https://www.2passeasy.com/dumps/CISSP/ (653 New Questions) C NEW QUESTION 81 - (Exam Topic 9) Internet Protocol (IP) source address spoofing is used to defeat A. address-based authentication. B. Address Resolution Protocol (ARP). C. Reverse Address Resolution Protocol (RARP). D. Transmission Control Protocol (TCP) hijacking. Answer: A NEW QUESTION 86 - (Exam Topic 9) Which of the following is ensured when hashing files during chain of custody handling? A. Availability B. Accountability C. Integrity D. Non-repudiation Answer: C NEW QUESTION 90 - (Exam Topic 9) Which of the following MUST be part of a contract to support electronic discovery of data stored in a cloud environment? A. Integration with organizational directory services for authentication B. Tokenization of data C. Accommodation of hybrid deployment models D. Identification of data location Answer: D NEW QUESTION 93 - (Exam Topic 9) Logical access control programs are MOST effective when they are A. approved by external auditors. B. combined with security token technology. C. maintained by computer security officers. D. made part of the operating system. Answer: D NEW QUESTION 94 - (Exam Topic 9) An organization allows ping traffic into and out of their network. An attacker has installed a program on the network that uses the payload portion of the ping packet to move data into and out of the network. What type of attack has the organization experienced? A. Data leakage B. Unfiltered channel C. Data emanation D. Covert channel Answer: D NEW QUESTION 98 - (Exam Topic 9) Contingency plan exercises are intended to do which of the following? A. Train personnel in roles and responsibilities B. Validate service level agreements C. Train maintenance personnel D. Validate operation metrics Answer: A NEW QUESTION 102 - (Exam Topic 9) Which of the following is a physical security control that protects Automated Teller Machines (ATM) from skimming? A. Anti-tampering B. Secure card reader C. Radio Frequency (RF) scanner Passing Certification Exams Made Easy visit - https://www.2PassEasy.com Welcome to download the Newest 2passeasy CISSP dumps https://www.2passeasy.com/dumps/CISSP/ (653 New Questions) D. Intrusion Prevention System (IPS) Answer: A NEW QUESTION 106 - (Exam Topic 9) What technique BEST describes antivirus software that detects viruses by watching anomalous behavior? A. Signature B. Inference C. Induction D. Heuristic Answer: D NEW QUESTION 109 - (Exam Topic 9) Which layer of the Open Systems Interconnections (OSI) model implementation adds information concerning the logical connection between the sender and receiver? A. Physical B. Session C. Transport D. Data-Link Answer: C NEW QUESTION 111 - (Exam Topic 9) The overall goal of a penetration test is to determine a system's A. ability to withstand an attack. B. capacity management. C. error recovery capabilities. D. reliability under stress. Answer: A NEW QUESTION 115 - (Exam Topic 9) During an audit of system management, auditors find that the system administrator has not been trained. What actions need to be taken at once to ensure the integrity of systems? A. A review of hiring policies and methods of verification of new employees B. A review of all departmental procedures C. A review of all training procedures to be undertaken D. A review of all systems by an experienced administrator Answer: D NEW QUESTION 118 - (Exam Topic 9) The type of authorized interactions a subject can have with an object is A. control. B. permission. C. procedure. D. protocol. Answer: B NEW QUESTION 120 - (Exam Topic 9) Which one of the following considerations has the LEAST impact when considering transmission security? A. Network availability B. Data integrity C. Network bandwidth D. Node locations Answer: C NEW QUESTION 122 - (Exam Topic 9) Including a Trusted Platform Module (TPM) in the design of a computer system is an example of a technique to what? Passing Certification Exams Made Easy visit - https://www.2PassEasy.com Welcome to download the Newest 2passeasy CISSP dumps https://www.2passeasy.com/dumps/CISSP/ (653 New Questions) A. Interface with the Public Key Infrastructure (PKI) B. Improve the quality of security software C. Prevent Denial of Service (DoS) attacks D. Establish a secure initial state Answer: D NEW QUESTION 126 - (Exam Topic 9) Which one of these risk factors would be the LEAST important consideration in choosing a building site for a new computer facility? A. Vulnerability to crime B. Adjacent buildings and businesses C. Proximity to an airline flight path D. Vulnerability to natural disasters Answer: C NEW QUESTION 128 - (Exam Topic 9) An advantage of link encryption in a communications network is that it A. makes key management and distribution easier. B. protects data from start to finish through the entire network. C. improves the efficiency of the transmission. D. encrypts all information, including headers and routing information. Answer: D NEW QUESTION 131 - (Exam Topic 9) Which of the following is an attacker MOST likely to target to gain privileged access to a system? A. Programs that write to system resources B. Programs that write to user directories C. Log files containing sensitive information D. Log files containing system calls Answer: A NEW QUESTION 135 - (Exam Topic 9) What security management control is MOST often broken by collusion? A. Job rotation B. Separation of duties C. Least privilege model D. Increased monitoring Answer: B NEW QUESTION 136 - (Exam Topic 9) The PRIMARY purpose of a security awareness program is to A. ensure that everyone understands the organization's policies and procedures. B. communicate that access to information will be granted on a need-to-know basis. C. warn all users that access to all systems will be monitored on a daily basis. D. comply with regulations related to data and information protection. Answer: A NEW QUESTION 138 - (Exam Topic 9) Which of the following does the Encapsulating Security Payload (ESP) provide? A. Authorization and integrity B. Availability and integrity C. Integrity and confidentiality D. Authorization and confidentiality Answer: C NEW QUESTION 139 - (Exam Topic 9) Passing Certification Exams Made Easy visit - https://www.2PassEasy.com Welcome to download the Newest 2passeasy CISSP dumps https://www.2passeasy.com/dumps/CISSP/ (653 New Questions) Which one of the following is the MOST important in designing a biometric access system if it is essential that no one other than authorized individuals are admitted? A. False Acceptance Rate (FAR) B. False Rejection Rate (FRR) C. Crossover Error Rate (CER) D. Rejection Error Rate Answer: A NEW QUESTION 144 - (Exam Topic 9) Which one of the following security mechanisms provides the BEST way to restrict the execution of privileged procedures? A. Role Based Access Control (RBAC) B. Biometric access control C. Federated Identity Management (IdM) D. Application hardening Answer: A NEW QUESTION 145 - (Exam Topic 9) An organization is selecting a service provider to assist in the consolidation of multiple computing sites including development, implementation and ongoing support of various computer systems. Which of the following MUST be verified by the Information Security Department? A. The service provider's policies are consistent with ISO/IEC27001 and there is evidence that the service provider is following those policies. B. The service provider will segregate the data within its systems and ensure that each region's policies are met. C. The service provider will impose controls and protections that meet or exceed the current systemscontrols and produce audit logs as verification. D. The service provider's policies can meet the requirements imposed by the new environment even if they differ from the organization's current policies. Answer: D NEW QUESTION 149 - (Exam Topic 9) Which of the following is a security feature of Global Systems for Mobile Communications (GSM)? A. It uses a Subscriber Identity Module (SIM) for authentication. B. It uses encrypting techniques for all communications. C. The radio spectrum is divided with multiple frequency carriers. D. The signal is difficult to read as it provides end-to-end encryption. Answer: A NEW QUESTION 154 - (Exam Topic 9) Which of the following methods protects Personally Identifiable Information (PII) by use of a full replacement of the data element? A. Transparent Database Encryption (TDE) B. Column level database encryption C. Volume encryption D. Data tokenization Answer: D NEW QUESTION 157 - (Exam Topic 9) An auditor carrying out a compliance audit requests passwords that are encrypted in the system to verify that the passwords are compliant with policy. Which of the following is the BEST response to the auditor? A. Provide the encrypted passwords and analysis tools to the auditor for analysis. B. Analyze the encrypted passwords for the auditor and show them the results. C. Demonstrate that non-compliant passwords cannot be created in the system. D. Demonstrate that non-compliant passwords cannot be encrypted in the system. Answer: C NEW QUESTION 158 - (Exam Topic 9) The use of strong authentication, the encryption of Personally Identifiable Information (PII) on database servers, application security reviews, and the encryption of data transmitted across networks provide A. data integrity. B. defense in depth. C. data availability. D. non-repudiation. Passing Certification Exams Made Easy visit - https://www.2PassEasy.com Welcome to download the Newest 2passeasy CISSP dumps https://www.2passeasy.com/dumps/CISSP/ (653 New Questions) Answer: B NEW QUESTION 162 - (Exam Topic 9) Which of the following is the BEST way to verify the integrity of a software patch? A. Cryptographic checksums B. Version numbering C. Automatic updates D. Vendor assurance Answer: A NEW QUESTION 165 - (Exam Topic 9) Which of the following is the MOST important consideration when storing and processing Personally Identifiable Information (PII)? A. Encrypt and hash all PII to avoid disclosure and tampering. B. Store PII for no more than one year. C. Avoid storing PII in a Cloud Service Provider. D. Adherence to collection limitation laws and regulations. Answer: D NEW QUESTION 166 - (Exam Topic 9) What would be the PRIMARY concern when designing and coordinating a security assessment for an Automatic Teller Machine (ATM) system? A. Physical access to the electronic hardware B. Regularly scheduled maintenance process C. Availability of the network connection D. Processing delays Answer: A NEW QUESTION 170 - (Exam Topic 9) Which of the following is the MAIN reason that system re-certification and re-accreditation are needed? A. To assist data owners in making future sensitivity and criticality determinations B. To assure the software development team that all security issues have been addressed C. To verify that security protection remains acceptable to the organizational security policy D. To help the security team accept or reject new systems for implementation and production Answer: C NEW QUESTION 173 - (Exam Topic 9) An external attacker has compromised an organization's network security perimeter and installed a sniffer onto an inside computer. Which of the following is the MOST effective layer of security the organization could have implemented to mitigate the attacker's ability to gain further information? A. Implement packet filtering on the network firewalls B. Require strong authentication for administrators C. Install Host Based Intrusion Detection Systems (HIDS) D. Implement logical network segmentation at the switches Answer: D NEW QUESTION 178 - (Exam Topic 9) Which one of the following effectively obscures network addresses from external exposure when implemented on a firewall or router? A. Network Address Translation (NAT) B. Application Proxy C. Routing Information Protocol (RIP) Version 2 D. Address Masking Answer: A NEW QUESTION 182 - (Exam Topic 9) In Business Continuity Planning (BCP), what is the importance of documenting business processes? A. Provides senior management with decision-making tools B. Establishes and adopts ongoing testing and maintenance strategies Passing Certification Exams Made Easy visit - https://www.2PassEasy.com Welcome to download the Newest 2passeasy CISSP dumps https://www.2passeasy.com/dumps/CISSP/ (653 New Questions) C. Defines who will perform which functions during a disaster or emergency D. Provides an understanding of the organization's interdependencies Answer: D NEW QUESTION 186 - (Exam Topic 9) A security consultant has been asked to research an organization's legal obligations to protect privacy-related information. What kind of reading material is MOST relevant to this project? A. The organization's current security policies concerning privacy issues B. Privacy-related regulations enforced by governing bodies applicable to the organization C. Privacy best practices published by recognized security standards organizations D. Organizational procedures designed to protect privacy information Answer: B NEW QUESTION 190 - (Exam Topic 9) The Hardware Abstraction Layer (HAL) is implemented in the A. system software. B. system hardware. C. application software. D. network hardware. Answer: A NEW QUESTION 193 - (Exam Topic 9) Which of the following is the FIRST step of a penetration test plan? A. Analyzing a network diagram of the target network B. Notifying the company's customers C. Obtaining the approval of the company's management D. Scheduling the penetration test during a period of least impact Answer: C NEW QUESTION 197 - (Exam Topic 9) Which one of the following is a fundamental objective in handling an incident? A. To restore control of the affected systems B. To confiscate the suspect's computers C. To prosecute the attacker D. To perform full backups of the system Answer: A NEW QUESTION 198 - (Exam Topic 9) Alternate encoding such as hexadecimal representations is MOST often observed in which of the following forms of attack? A. Smurf B. Rootkit exploit C. Denial of Service (DoS) D. Cross site scripting (XSS) Answer: D NEW QUESTION 200 - (Exam Topic 9) Which of the following elements MUST a compliant EU-US Safe Harbor Privacy Policy contain? A. An Explanation: of how long the data subject's collected information will be retained for and how it will be eventually disposed. B. An Explanation: of who can be contacted at the organization collecting the information if corrections are required by the data subject. C. An Explanation: of the regulatory frameworks and compliance standards the information collecting organization adheres to. D. An Explanation: of all the technologies employed by the collecting organization in gathering information on the data subject. Answer: B NEW QUESTION 201 - (Exam Topic 9) Which of the following would be the FIRST step to take when implementing a patch management program? Passing Certification Exams Made Easy visit - https://www.2PassEasy.com Welcome to download the Newest 2passeasy CISSP dumps https://www.2passeasy.com/dumps/CISSP/ (653 New Questions) A. Perform automatic deployment of patches. B. Monitor for vulnerabilities and threats. C. Prioritize vulnerability remediation. D. Create a system inventory. Answer: D NEW QUESTION 204 - (Exam Topic 9) Which of the following is a network intrusion detection technique? A. Statistical anomaly B. Perimeter intrusion C. Port scanning D. Network spoofing Answer: A NEW QUESTION 208 - (Exam Topic 9) In a data classification scheme, the data is owned by the A. Information Technology (IT) managers. B. business managers. C. end users. D. system security managers. Answer: B NEW QUESTION 213 - (Exam Topic 9) When implementing controls in a heterogeneous end-point network for an organization, it is critical that A. hosts are able to establish network communications. B. users can make modifications to their security software configurations. C. common software security components be implemented across all hosts. D. firewalls running on each host are fully customizable by the user. Answer: C NEW QUESTION 216 - (Exam Topic 9) While impersonating an Information Security Officer (ISO), an attacker obtains information from company employees about their User IDs and passwords. Which method of information gathering has the attacker used? A. Trusted path B. Malicious logic C. Social engineering D. Passive misuse Answer: C NEW QUESTION 219 - (Exam Topic 9) Which of the following actions should be performed when implementing a change to a database schema in a production system? A. Test in development, determine dates, notify users, and implement in production B. Apply change to production, run in parallel, finalize change in production, and develop a back-out strategy C. Perform user acceptance testing in production, have users sign off, and finalize change D. Change in development, perform user acceptance testing, develop a back-out strategy, and implement change Answer: D NEW QUESTION 224 - (Exam Topic 9) Who must approve modifications to an organization's production infrastructure configuration? A. Technical management B. Change control board C. System operations D. System users Answer: B NEW QUESTION 227 Passing Certification Exams Made Easy visit - https://www.2PassEasy.com Welcome to download the Newest 2passeasy CISSP dumps https://www.2passeasy.com/dumps/CISSP/ (653 New Questions) - (Exam Topic 9) Which of the following is a potential risk when a program runs in privileged mode? A. It may serve to create unnecessary code complexity B. It may not enforce job separation duties C. It may create unnecessary application hardening D. It may allow malicious code to be inserted Answer: D NEW QUESTION 228 - (Exam Topic 9) When designing a vulnerability test, which one of the following is likely to give the BEST indication of what components currently operate on the network? A. Topology diagrams B. Mapping tools C. Asset register D. Ping testing Answer: B NEW QUESTION 231 - (Exam Topic 9) When constructing an Information Protection Policy (IPP), it is important that the stated rules are necessary, adequate, and A. flexible. B. confidential. C. focused. D. achievable. Answer: D NEW QUESTION 234 - (Exam Topic 9) Which of the following MUST be done when promoting a security awareness program to senior management? A. Show the need for security; identify the message and the audience B. Ensure that the security presentation is designed to be all-inclusive C. Notify them that their compliance is mandatory D. Explain how hackers have enhanced information security Answer: A NEW QUESTION 237 - (Exam Topic 9) What is the MOST effective countermeasure to a malicious code attack against a mobile system? A. Sandbox B. Change control C. Memory management D. Public-Key Infrastructure (PKI) Answer: A NEW QUESTION 240 - (Exam Topic 9) By allowing storage communications to run on top of Transmission Control Protocol/Internet Protocol (TCP/IP) with a Storage Area Network (SAN), the A. confidentiality of the traffic is protected. B. opportunity to sniff network traffic exists. C. opportunity for device identity spoofing is eliminated. D. storage devices are protected against availability attacks. Answer: B NEW QUESTION 242 - (Exam Topic 9) An engineer in a software company has created a virus creation tool. The tool can generate thousands of polymorphic viruses. The engineer is planning to use the tool in a controlled environment to test the company's next generation virus scanning software. Which would BEST describe the behavior of the engineer and why? A. The behavior is ethical because the tool will be used to create a better virus scanner. B. The behavior is ethical because any experienced programmer could create such a tool. C. The behavior is not ethical because creating any kind of virus is bad. D. The behavior is not ethical because such a tool could be leaked on the Internet. Answer: A Passing Certification Exams Made Easy visit - https://www.2PassEasy.com Welcome to download the Newest 2passeasy CISSP dumps https://www.2passeasy.com/dumps/CISSP/ (653 New Questions) NEW QUESTION 247 - (Exam Topic 9) Two companies wish to share electronic inventory and purchase orders in a supplier and client relationship. What is the BEST security solution for them? A. Write a Service Level Agreement (SLA) for the two companies. B. Set up a Virtual Private Network (VPN) between the two companies. C. Configure a firewall at the perimeter of each of the two companies. D. Establish a File Transfer Protocol (FTP) connection between the two companies. Answer: B NEW QUESTION 250 - (Exam Topic 9) What should be the INITIAL response to Intrusion Detection System/Intrusion Prevention System (IDS/IPS) alerts? A. Ensure that the Incident Response Plan is available and current. B. Determine the traffic's initial source and block the appropriate port. C. Disable or disconnect suspected target and source systems. D. Verify the threat and determine the scope of the attack. Answer: D NEW QUESTION 253 - (Exam Topic 9) At a MINIMUM, a formal review of any Disaster Recovery Plan (DRP) should be conducted A. monthly. B. quarterly. C. annually. D. bi-annually. Answer: C NEW QUESTION 258 - (Exam Topic 10) What is the MAIN feature that onion routing networks offer? A. Non-repudiation B. Traceability C. Anonymity D. Resilience Answer: C NEW QUESTION 261 - (Exam Topic 10) Refer to the information below to answer the question. A new employee is given a laptop computer with full administrator access. This employee does not have a personal computer at home and has a child that uses the computer to send and receive e-mail, search the web, and use instant messaging. The organization’s Information Technology (IT) department discovers that a peer-to-peer program has been installed on the computer using the employee's access. Which of the following solutions would have MOST likely detected the use of peer-to-peer programs when the computer was connected to the office network? A. Anti-virus software B. Intrusion Prevention System (IPS) C. Anti-spyware software D. Integrity checking software Answer: B NEW QUESTION 265 - (Exam Topic 10) Which of the following violates identity and access management best practices? A. User accounts B. System accounts C. Generic accounts D. Privileged accounts Answer: C NEW QUESTION 269 - (Exam Topic 10) Refer to the information below to answer the question. A large, multinational organization has decided to outsource a portion of their Information Technology (IT) organization to a third-party provider’s facility. This provider will be responsible for the design, development, testing, and support of several critical, customer-based applications used by the organization. The organization should ensure that the third party's physical security controls are in place so that they Passing Certification Exams Made Easy visit - https://www.2PassEasy.com Welcome to download the Newest 2passeasy CISSP dumps https://www.2passeasy.com/dumps/CISSP/ (653 New Questions) A. are more rigorous than the original controls. B. are able to limit access to sensitive information. C. allow access by the organization staff at any time. D. cannot be accessed by subcontractors of the third party. Answer: B NEW QUESTION 272 - (Exam Topic 10) Which of the following is the BEST reason to review audit logs periodically? A. Verify they are operating properly B. Monitor employee productivity C. Identify anomalies in use patterns D. Meet compliance regulations Answer: C NEW QUESTION 276 - (Exam Topic 10) Which of the following provides effective management assurance for a Wireless Local Area Network (WLAN)? A. Maintaining an inventory of authorized Access Points (AP) and connecting devices B. Setting the radio frequency to the minimum range required C. Establishing a Virtual Private Network (VPN) tunnel between the WLAN client device and a VPN concentrator D. Verifying that all default passwords have been changed Answer: A NEW QUESTION 277 - (Exam Topic 10) Refer to the information below to answer the question. In a Multilevel Security (MLS) system, the following sensitivity labels are used in increasing levels of sensitivity: restricted, confidential, secret, top secret. Table A lists the clearance levels for four users, while Table B lists the security classes of four different files. Which of the following is true according to the star property (*property)? A. User D can write to File 1 B. User B can write to File 1 C. User A can write to File 1 D. User C can write to File 1 Answer: C NEW QUESTION 282 - (Exam Topic 10) Which of the following MOST influences the design of the organization's electronic monitoring policies? A. Workplace privacy laws B. Level of organizational trust C. Results of background checks D. Business ethical considerations Answer: A NEW QUESTION 287 - (Exam Topic 10) During an investigation of database theft from an organization's web site, it was determined that the Structured Query Language (SQL) injection technique was used despite input validation with client-side scripting. Which of the following provides the GREATEST protection against the same attack occurring again? A. Encrypt communications between the servers B. Encrypt the web server traffic C. Implement server-side filtering D. Filter outgoing traffic at the perimeter firewall Answer: C NEW QUESTION 289 Passing Certification Exams Made Easy visit - https://www.2PassEasy.com Welcome to download the Newest 2passeasy CISSP dumps https://www.2passeasy.com/dumps/CISSP/ (653 New Questions) - (Exam Topic 10) What physical characteristic does a retinal scan biometric device measure? A. The amount of light reflected by the retina B. The size, curvature, and shape of the retina C. The pattern of blood vessels at the back of the eye D. The pattern of light receptors at the back of the eye Answer: C NEW QUESTION 293 - (Exam Topic 10) Refer to the information below to answer the question. An organization experiencing a negative financial impact is forced to reduce budgets and the number of Information Technology (IT) operations staff performing basic logical access security administration functions. Security processes have been tightly integrated into normal IT operations and are not separate and distinct roles. Which of the following will be the PRIMARY security concern as staff is released from the organization? A. Inadequate IT support B. Loss of data and separation of duties C. Undocumented security controls D. Additional responsibilities for remaining staff Answer: B NEW QUESTION 295 - (Exam Topic 10) If an attacker in a SYN flood attack uses someone else's valid host address as the source address, the system under attack will send a large number of Synchronize/Acknowledge (SYN/ACK) packets to the A. default gateway. B. attacker's address. C. local interface being attacked. D. specified source address. Answer: D NEW QUESTION 300 - (Exam Topic 10) Refer to the information below to answer the question. During the investigation of a security incident, it is determined that an unauthorized individual accessed a system which hosts a database containing financial information. If it is discovered that large quantities of information have been copied by the unauthorized individual, what attribute of the data has been compromised? A. Availability B. Integrity C. Accountability D. Confidentiality Answer: D NEW QUESTION 304 - (Exam Topic 10) According to best practice, which of the following is required when implementing third party software in a production environment? A. Scan the application for vulnerabilities B. Contract the vendor for patching C. Negotiate end user application training D. Escrow a copy of the software Answer: A NEW QUESTION 307 - (Exam Topic 10) Which item below is a federated identity standard? A. 802.11i B. Kerberos C. Lightweight Directory Access Protocol (LDAP) D. Security Assertion Markup Language (SAML) Answer: D NEW QUESTION 309 - (Exam Topic 10) Which of the following assures that rules are followed in an identity management architecture? Passing Certification Exams Made Easy visit - https://www.2PassEasy.com Welcome to download the Newest 2passeasy CISSP dumps https://www.2passeasy.com/dumps/CISSP/ (653 New Questions) A. Policy database B. Digital signature C. Policy decision point D. Policy enforcement point Answer: D NEW QUESTION 313 - (Exam Topic 10) Refer to the information below to answer the question. A security practitioner detects client-based attacks on the organization’s network. A plan will be necessary to address these concerns. What MUST the plan include in order to reduce client-side exploitation? A. Approved web browsers B. Network firewall procedures C. Proxy configuration D. Employee education Answer: D NEW QUESTION 317 - (Exam Topic 10) What is the MOST effective method for gaining unauthorized access to a file protected with a long complex password? A. Brute force attack B. Frequency analysis C. Social engineering D. Dictionary attack Answer: C NEW QUESTION 319 - (Exam Topic 10) Which of the following are required components for implementing software configuration management systems? A. Audit control and signoff B. User training and acceptance C. Rollback and recovery processes D. Regression testing and evaluation Answer: C NEW QUESTION 324 - (Exam Topic 10) Refer to the information below to answer the question. A large, multinational organization has decided to outsource a portion of their Information Technology (IT) organization to a third-party provider’s facility. This provider will be responsible for the design, development, testing, and support of several critical, customer-based applications used by the organization. The third party needs to have A. processes that are identical to that of the organization doing the outsourcing. B. access to the original personnel that were on staff at the organization. C. the ability to maintain all of the applications in languages they are familiar with. D. access to the skill sets consistent with the programming languages used by the organization. Answer: D NEW QUESTION 328 - (Exam Topic 10) Which of the following BEST mitigates a replay attack against a system using identity federation and Security Assertion Markup Language (SAML) implementation? A. Two-factor authentication B. Digital certificates and hardware tokens C. Timed sessions and Secure Socket Layer (SSL) D. Passwords with alpha-numeric and special characters Answer: C NEW QUESTION 330 - (Exam Topic 10) Given the various means to protect physical and logical assets, match the access management area to the technology. Passing Certification Exams Made Easy visit - https://www.2PassEasy.com Welcome to download the Newest 2passeasy CISSP dumps https://www.2passeasy.com/dumps/CISSP/ (653 New Questions) A. Mastered B. Not Mastered Answer: A Explanation: NEW QUESTION 335 - (Exam Topic 10) What component of a web application that stores the session state in a cookie can be bypassed by an attacker? A. An initialization check B. An identification check C. An authentication check D. An authorization check Answer: C NEW QUESTION 336 - (Exam Topic 10) What is a common challenge when implementing Security Assertion Markup Language (SAML) for identity integration between on-premise environment and an external identity provider service? A. Some users are not provisioned into the service. B. SAML tokens are provided by the on-premise identity provider. C. Single users cannot be revoked from the service. D. SAML tokens contain user information. Answer: A NEW QUESTION 337 - (Exam Topic 10) A business has implemented Payment Card Industry Data Security Standard (PCI-DSS) compliant handheld credit card processing on their Wireless Local Area Network (WLAN) topology. The network team partitioned the WLAN to create a private segment for credit card processing using a firewall to control device access and route traffic to the card processor on the Internet. What components are in the scope of PCI-DSS? A. The entire enterprise network infrastructure. B. The handheld devices, wireless access points and border gateway. C. The end devices, wireless access points, WLAN, switches, management console, and firewall. D. The end devices, wireless access points, WLAN, switches, management console, and Internet Answer: C NEW QUESTION 341 - (Exam Topic 10) A security manager has noticed an inconsistent application of server security controls resulting in vulnerabilities on critical systems. What is the MOST likely cause of this issue? A. A lack of baseline standards B. Improper documentation of security guidelines C. A poorly designed security policy communication program Passing Certification Exams Made Easy visit - https://www.2PassEasy.com Welcome to download the Newest 2passeasy CISSP dumps https://www.2passeasy.com/dumps/CISSP/ (653 New Questions) D. Host-based Intrusion Prevention System (HIPS) policies are ineffective Answer: A NEW QUESTION 346 - (Exam Topic 10) Refer to the information below to answer the question. During the investigation of a security incident, it is determined that an unauthorized individual accessed a system which hosts a database containing financial information. If the intrusion causes the system processes to hang, which of the following has been affected? A. System integrity B. System availability C. System confidentiality D. System auditability Answer: B NEW QUESTION 351 - (Exam Topic 10) Which of the following is a MAJOR consideration in implementing a Voice over IP (VoIP) network? A. Use of a unified messaging. B. Use of separation for the voice network. C. Use of Network Access Control (NAC) on switches. D. Use of Request for Comments (RFC) 1918 addressing. Answer: B NEW QUESTION 353 - (Exam Topic 10) Refer to the information below to answer the question. A new employee is given a laptop computer with full administrator access. This employee does not have a personal computer at home and has a child that uses the computer to send and receive e-mail, search the web, and use instant messaging. The organization’s Information Technology (IT) department discovers that a peer-to-peer program has been installed on the computer using the employee's access. Which of the following documents explains the proper use of the organization's assets? A. Human resources policy B. Acceptable use policy C. Code of ethics D. Access control policy Answer: B NEW QUESTION 358 - (Exam Topic 10) Which of the following is a critical factor for implementing a successful data classification program? A. Executive sponsorship B. Information security sponsorship C. End-user acceptance D. Internal audit acceptance Answer: A NEW QUESTION 361 - (Exam Topic 10) Which of the following is the BEST solution to provide redundancy for telecommunications links? A. Provide multiple links from the same telecommunications vendor. B. Ensure that the telecommunications links connect to the network in one location. C. Ensure that the telecommunications links connect to the network in multiple locations. D. Provide multiple links from multiple telecommunications vendors. Answer: D NEW QUESTION 366 - (Exam Topic 10) Which of the following actions MUST be taken if a vulnerability is discovered during the maintenance stage in a System Development Life Cycle (SDLC)? A. Make changes following principle and design guidelines. B. Stop the application until the vulnerability is fixed. C. Report the vulnerability to product owner. D. Monitor the application and review code. Answer: C Passing Certification Exams Made Easy visit - https://www.2PassEasy.com Welcome to download the Newest 2passeasy CISSP dumps https://www.2passeasy.com/dumps/CISSP/ (653 New Questions) NEW QUESTION 370 - (Exam Topic 10) Which of the following is a detective access control mechanism? A. Log review B. Least privilege C. Password complexity D. Non-disclosure agreement Answer: A NEW QUESTION 373 - (Exam Topic 10) Which of the following is the MOST effective attack against cryptographic hardware modules? A. Plaintext B. Brute force C. Power analysis D. Man-in-the-middle (MITM) Answer: C NEW QUESTION 377 - (Exam Topic 10) When is security personnel involvement in the Systems Development Life Cycle (SDLC) process MOST beneficial? A. Testing phase B. Development phase C. Requirements definition phase D. Operations and maintenance phase Answer: C NEW QUESTION 378 - (Exam Topic 10) With data labeling, which of the following MUST be the key decision maker? A. Information security B. Departmental management C. Data custodian D. Data owner Answer: D NEW QUESTION 381 - (Exam Topic 10) A large bank deploys hardware tokens to all customers that use their online banking system. The token generates and displays a six digit numeric password every 60 seconds. The customers must log into their bank accounts using this numeric password. This is an example of A. asynchronous token. B. Single Sign-On (SSO) token. C. single factor authentication token. D. synchronous token. Answer: D NEW QUESTION 385 - (Exam Topic 10) What is the BEST method to detect the most common improper initialization problems in programming languages? A. Use and specify a strong character encoding. B. Use automated static analysis tools that target this type of weakness. C. Perform input validation on any numeric inputs by assuring that they are within the expected range. D. Use data flow analysis to minimize the number of false positives. Answer: B NEW QUESTION 388 - (Exam Topic 10) Which of the following problems is not addressed by using OAuth (Open Standard to Authorization) 2.0 to integrate a third-party identity provider for a service? A. Resource Servers are required to use passwords to authenticate end users. B. Revocation of access of some users of the third party instead of all the users from the third party. C. Compromise of the third party means compromise of all the users in the service. D. Guest users need to authenticate with the third party identity provider. Answer: Passing Certification Exams Made Easy visit - https://www.2PassEasy.com Welcome to download the Newest 2passeasy CISSP dumps https://www.2passeasy.com/dumps/CISSP/ (653 New Questions) C NEW QUESTION 389 - (Exam Topic 10) Refer to the information below to answer the question. A large organization uses unique identifiers and requires them at the start of every system session. Application access is based on job classification. The organization is subject to periodic independent reviews of access controls and violations. The organization uses wired and wireless networks and remote access. The organization also uses secure connections to branch offices and secure backup and recovery strategies for selected information and processes. Following best practice, where should the permitted access for each department and job classification combination be specified? A. Security procedures B. Security standards C. Human resource policy D. Human resource standards Answer: B NEW QUESTION 394 - (Exam Topic 10) Refer to the information below to answer the question. An organization has hired an information security officer to lead their security department. The officer has adequate people resources but is lacking the other necessary components to have an effective security program. There are numerous initiatives requiring security involvement. Given the number of priorities, which of the following will MOST likely influence the selection of top initiatives? A. Severity of risk B. Complexity of strategy C. Frequency of incidents D. Ongoing awareness Answer: A NEW QUESTION 396 - (Exam Topic 10) Refer to the information below to answer the question. A new employee is given a laptop computer with full administrator access. This employee does not have a personal computer at home and has a child that uses the computer to send and receive e-mail, search the web, and use instant messaging. The organization’s Information Technology (IT) department discovers that a peer-to-peer program has been installed on the computer using the employee's access. Which of the following could have MOST likely prevented the Peer-to-Peer (P2P) program from being installed on the computer? A. Removing employee's full access to the computer B. Supervising their child's use of the computer C. Limiting computer's access to only the employee D. Ensuring employee understands their business conduct guidelines Answer: A NEW QUESTION 399 - (Exam Topic 10) Refer to the information below to answer the question. A new employee is given a laptop computer with full administrator access. This employee does not have a personal computer at home and has a child that uses the computer to send and receive e-mail, search the web, and use instant messaging. The organization’s Information Technology (IT) department discovers that a peer-to-peer program has been installed on the computer using the employee's access. Which of the following methods is the MOST effective way of removing the Peer-to-Peer (P2P) program from the computer? A. Run software uninstall B. Re-image the computer C. Find and remove all installation files D. Delete all cookies stored in the web browser cache Answer: B NEW QUESTION 403 - (Exam Topic 10) Place the following information classification steps in sequential order. Passing Certification Exams Made Easy visit - https://www.2PassEasy.com Welcome to download the Newest 2passeasy CISSP dumps https://www.2passeasy.com/dumps/CISSP/ (653 New Questions) A. Mastered B. Not Mastered Answer: A Explanation: NEW QUESTION 407 - (Exam Topic 10) Which of the following is the MAIN goal of a data retention policy? A. Ensure that data is destroyed properly. B. Ensure that data recovery can be done on the datA. C. Ensure the integrity and availability of data for a predetermined amount of time. D. Ensure the integrity and confidentiality of data for a predetermined amount of time. Answer: C NEW QUESTION 411 - (Exam Topic 10) The use of proximity card to gain access to a building is an example of what type of security control? A. Legal B. Logical C. Physical D. Procedural Answer: C NEW QUESTION 412 - (Exam Topic 10) Refer to the information below to answer the question. A security practitioner detects client-based attacks on the organization’s network. A plan will be necessary to address these concerns. What is the BEST reason for the organization to pursue a plan to mitigate client-based attacks? Passing Certification Exams Made Easy visit - https://www.2PassEasy.com Welcome to download the Newest 2passeasy CISSP dumps https://www.2passeasy.com/dumps/CISSP/ (653 New Questions) A. Client privilege administration is inherently weaker than server privilege administration. B. Client hardening and management is easier on clients than on servers. C. Client-based attacks are more common and easier to exploit than server and network based attacks. D. Client-based attacks have higher financial impact. Answer: C NEW QUESTION 414 - (Exam Topic 10) The amount of data that will be collected during an audit is PRIMARILY determined by the A. audit scope. B. auditor's experience level. C. availability of the datA. D. integrity of the datA. Answer: A NEW QUESTION 416 - (Exam Topic 10) Refer to the information below to answer the question. In a Multilevel Security (MLS) system, the following sensitivity labels are used in increasing levels of sensitivity: restricted, confidential, secret, top secret. Table A lists the clearance levels for four users, while Table B lists the security classes of four different files. In a Bell-LaPadula system, which user has the MOST restrictions when writing data to any of the four files? A. User A B. User B C. User C D. User D Answer: D NEW QUESTION 420 - (Exam Topic 10) Refer to the information below to answer the question. Desktop computers in an organization were sanitized for re-use in an equivalent security environment. The data was destroyed in accordance with organizational policy and all marking and other external indications of the sensitivity of the data that was formerly stored on the magnetic drives were removed. After magnetic drives were degaussed twice according to the product manufacturer's directions, what is the MOST LIKELY security issue with degaussing? A. Commercial products often have serious weaknesses of the magnetic force available in the degausser product. B. Degausser products may not be properly maintained and operated. C. The inability to turn the drive around in the chamber for the second pass due to human error. D. Inadequate record keeping when sanitizing mediA. Answer: B NEW QUESTION 423 - (Exam Topic 10) An organization decides to implement a partial Public Key Infrastructure (PKI) with only the servers having digital certificates. What is the security benefit of this implementation? A. Clients can authenticate themselves to the servers. B. Mutual authentication is available between the clients and servers. C. Servers are able to issue digital certificates to the client. D. Servers can authenticate themselves to the client. Answer: D NEW QUESTION 427 - (Exam Topic 10) From a security perspective, which of the following is a best practice to configure a Domain Name Service (DNS) system? A. Configure secondary servers to use the primary server as a zone forwarder. B. Block all Transmission Control Protocol (TCP) connections. C. Disable all recursive queries on the name servers. D. Limit zone transfers to authorized devices. Answer: D Passing Certification Exams Made Easy visit - https://www.2PassEasy.com Welcome to download the Newest 2passeasy CISSP dumps https://www.2passeasy.com/dumps/CISSP/ (653 New Questions) NEW QUESTION 430 - (Exam Topic 10) What is the PRIMARY reason for ethics awareness and related policy implementation? A. It affects the workflow of an organization. B. It affects the reputation of an organization. C. It affects the retention rate of employees. D. It affects the morale of the employees. Answer: B NEW QUESTION 435 - (Exam Topic 10) Refer to the information below to answer the question. An organization experiencing a negative financial impact is forced to reduce budgets and the number of Information Technology (IT) operations staff performing basic logical access security administration functions. Security processes have been tightly integrated into normal IT operations and are not separate and distinct roles. When determining appropriate resource allocation, which of the following is MOST important to monitor? A. Number of system compromises B. Number of audit findings C. Number of staff reductions D. Number of additional assets Answer: B NEW QUESTION 439 - (Exam Topic 10) Which of the following is the BEST way to determine if a particular system is able to identify malicious software without executing it? A. Testing with a Botnet B. Testing with an EICAR file C. Executing a binary shellcode D. Run multiple antivirus programs Answer: B NEW QUESTION 443 - (Exam Topic 10) An organization publishes and periodically updates its employee policies in a file on their intranet. Which of the following is a PRIMARY security concern? A. Availability B. Confidentiality C. Integrity D. Ownership Answer: C NEW QUESTION 448 - (Exam Topic 10) During an audit, the auditor finds evidence of potentially illegal activity. Which of the following is the MOST appropriate action to take? A. Immediately call the police B. Work with the client to resolve the issue internally C. Advise the person performing the illegal activity to cease and desist D. Work with the client to report the activity to the appropriate authority Answer: D NEW QUESTION 451 - (Exam Topic 10) Refer to the information below to answer the question. A large, multinational organization has decided to outsource a portion of their Information Technology (IT) organization to a third-party provider’s facility. This provider will be responsible for the design, development, testing, and support of several critical, customer-based applications used by the organization. What additional considerations are there if the third party is located in a different country? A. The organizational structure of the third party and how it may impact timelines within the organization B. The ability of the third party to respond to the organization in a timely manner and with accurate information C. The effects of transborder data flows and customer expectations regarding the storage or processing of their data D. The quantity of data that must be provided to the third party and how it is to be used Answer: C NEW QUESTION 454 - (Exam Topic 10) Refer to the information below to answer the question. Passing Certification Exams Made Easy visit - https://www.2PassEasy.com Welcome to download the Newest 2passeasy CISSP dumps https://www.2passeasy.com/dumps/CISSP/ (653 New Questions) An organization has hired an information security officer to lead their security department. The officer has adequate people resources but is lacking the other necessary components to have an effective security program. There are numerous initiatives requiring security involvement. The effectiveness of the security program can PRIMARILY be measured through A. audit findings. B. risk elimination. C. audit requirements. D. customer satisfaction. Answer: A NEW QUESTION 458 - (Exam Topic 10) Which of the following provides the MOST protection against data theft of sensitive information when a laptop is stolen? A. Set up a BIOS and operating system password B. Encrypt the virtual drive where confidential files can be stored C. Implement a mandatory policy in which sensitive data cannot be stored on laptops, but only on the corporate network D. Encrypt the entire disk and delete contents after a set number of failed access attempts Answer: D NEW QUESTION 463 - (Exam Topic 10) What is the MOST important reason to configure unique user IDs? A. Supporting accountability B. Reducing authentication errors C. Preventing password compromise D. Supporting Single Sign On (SSO) Answer: A NEW QUESTION 465 - (Exam Topic 10) Refer to the information below to answer the question. During the investigation of a security incident, it is determined that an unauthorized individual accessed a system which hosts a database containing financial information. Aside from the potential records which may have been viewed, which of the following should be the PRIMARY concern regarding the database information? A. Unauthorized database changes B. Integrity of security logs C. Availability of the database D. Confidentiality of the incident Answer: A NEW QUESTION 470 - (Exam Topic 10) Refer to the information below to answer the question. Desktop computers in an organization were sanitized for re-use in an equivalent security environment. The data was destroyed in accordance with organizational policy and all marking and other external indications of the sensitivity of the data that was formerly stored on the magnetic drives were removed. Organizational policy requires the deletion of user data from Personal Digital Assistant (PDA) devices before disposal. It may not be possible to delete the user data if the device is malfunctioning. Which destruction method below provides the BEST assurance that the data has been removed? A. Knurling B. Grinding C. Shredding D. Degaussing Answer: C NEW QUESTION 475 - (Exam Topic 11) What is the process called when impact values are assigned to the security objectives for information types? A. Qualitative analysis B. Quantitative analysis C. Remediation D. System security categorization Answer: D NEW QUESTION 478 - (Exam Topic 11) Which Web Services Security (WS-Security) specification handles the management of security tokens and the underlying policies for granting access? Click on the correct specification in the image below. Passing Certification Exams Made Easy visit - https://www.2PassEasy.com Welcome to download the Newest 2passeasy CISSP dumps https://www.2passeasy.com/dumps/CISSP/ (653 New Questions) A. Mastered B. Not Mastered Answer: A Explanation: WS-Authorization Reference: Java Web Services: Up and Running” By Martin Kalin page 228 NEW QUESTION 482 - (Exam Topic 11) Which of the following prevents improper aggregation of privileges in Role Based Access Control (RBAC)? A. Hierarchical inheritance B. Dynamic separation of duties C. The Clark-Wilson security model D. The Bell-LaPadula security model Answer: B NEW QUESTION 486 - (Exam Topic 11) The application of which of the following standards would BEST reduce the potential for data breaches? A. ISO 9000 B. ISO 20121 C. ISO 26000 D. ISO 27001 Answer: D NEW QUESTION 491 - (Exam Topic 11) A health care provider is considering Internet access for their employees and patients. Which of the following is the organization's MOST secure solution for protection of data? A. Public Key Infrastructure (PKI) and digital signatures B. Trusted server certificates and passphrases C. User ID and password D. Asymmetric encryption and User ID Answer: A NEW QUESTION 496 - (Exam Topic 11) What is the MOST effective method of testing custom application code? A. Negative testing B. White box testing C. Penetration testing D. Black box testing Answer: B Passing Certification Exams Made Easy visit - https://www.2PassEasy.com Welcome to download the Newest 2passeasy CISSP dumps https://www.2passeasy.com/dumps/CISSP/ (653 New Questions) NEW QUESTION 501 - (Exam Topic 11) If an identification process using a biometric system detects a 100% match between a presented template and a stored template, what is the interpretation of this result? A. User error B. Suspected tampering C. Accurate identification D. Unsuccessful identification Answer: B NEW QUESTION 503 - (Exam Topic 11) What is the GREATEST challenge to identifying data leaks? A. Available technical tools that enable user activity monitoring. B. Documented asset classification policy and clear labeling of assets. C. Senior management cooperation in investigating suspicious behavior. D. Law enforcement participation to apprehend and interrogate suspects. Answer: B NEW QUESTION 507 - (Exam Topic 11) Changes to a Trusted Computing Base (TCB) system that could impact the security posture of that system and trigger a recertification activity are documented in the A. security impact analysis. B. structured code review. C. routine self assessment. D. cost benefit analysis. Answer: A NEW QUESTION 510 - (Exam Topic 11) Which of the following is the BEST approach to take in order to effectively incorporate the concepts of business continuity into the organization? A. Ensure end users are aware of the planning activities B. Validate all regulatory requirements are known and fully documented C. Develop training and awareness programs that involve all stakeholders D. Ensure plans do not violate the organization's cultural objectives and goals Answer: C NEW QUESTION 513 - (Exam Topic 11) Which of the following is the MOST important element of change management documentation? A. List of components involved B. Number of changes being made C. Business case justification D. A stakeholder communication Answer: C NEW QUESTION 514 - (Exam Topic 11) A mobile device application that restricts the storage of user information to just that which is needed to accomplish lawful business goals adheres to what privacy principle? A. Onward transfer B. Collection Limitation C. Collector Accountability D. Individual Participation Answer: B NEW QUESTION 515 - (Exam Topic 11) Which of the following PRIMARILY contributes to security incidents in web-based applications? A. Systems administration and operating systems B. System incompatibility and patch management C. Third-party applications and change controls Passing Certification Exams Made Easy visit - https://www.2PassEasy.com Welcome to download the Newest 2passeasy CISSP dumps https://www.2passeasy.com/dumps/CISSP/ (653 New Questions) D. Improper stress testing and application interfaces Answer: C NEW QUESTION 517 - (Exam Topic 11) Which of the following types of security testing is the MOST effective in providing a better indication of the everyday security challenges of an organization when performing a security risk assessment? A. External B. Overt C. Internal D. Covert Answer: D NEW QUESTION 522 - (Exam Topic 11) Which of the following is most helpful in applying the principle of LEAST privilege? A. Establishing a sandboxing environment B. Setting up a Virtual Private Network (VPN) tunnel C. Monitoring and reviewing privileged sessions D. Introducing a job rotation program Answer: A NEW QUESTION 523 - (Exam Topic 11) Which of the following analyses is performed to protect information assets? A. Business impact analysis B. Feasibility analysis C. Cost benefit analysis D. Data analysis Answer: A NEW QUESTION 525 - (Exam Topic 11) Which of the following is the MOST likely cause of a non-malicious data breach when the source of the data breach was an un-marked file cabinet containing sensitive documents? A. Ineffective data classification B. Lack of data access controls C. Ineffective identity management controls D. Lack of Data Loss Prevention (DLP) tools Answer: A NEW QUESTION 526 - (Exam Topic 11) Which of the following entities is ultimately accountable for data remanence vulnerabilities with data replicated by a cloud service provider? A. Data owner B. Data steward C. Data custodian D. Data processor Answer: A NEW QUESTION 530 - (Exam Topic 11) Which of the following is the BIGGEST weakness when using native Lightweight Directory Access Protocol (LDAP) for authentication? A. Authorizations are not included in the server response B. Unsalted hashes are passed over the network C. The authentication session can be replayed D. Passwords are passed in cleartext Answer: D NEW QUESTION 533 - (Exam Topic 11) Single Sign-On (SSO) is PRIMARILY designed to address which of the following? Passing Certification Exams Made Easy visit - https://www.2PassEasy.com Welcome to download the Newest 2passeasy CISSP dumps https://www.2passeasy.com/dumps/CISSP/ (653 New Questions) A. Confidentiality and Integrity B. Availability and Accountability C. Integrity and Availability D. Accountability and Assurance Answer: D NEW QUESTION 534 - (Exam Topic 11) Discretionary Access Control (DAC) restricts access according to A. data classification labeling. B. page views within an application. C. authorizations granted to the user. D. management accreditation. Answer: C NEW QUESTION 535 - (Exam Topic 11) Which of the following roles has the obligation to ensure that a third party provider is capable of processing and handling data in a secure manner and meeting the standards set by the organization? A. Data Custodian B. Data Owner C. Data Creator D. Data User Answer: B NEW QUESTION 536 - (Exam Topic 11) What is the MOST efficient way to secure a production program and its data? A. Disable default accounts and implement access control lists (ACL) B. Harden the application and encrypt the data C. Disable unused services and implement tunneling D. Harden the servers and backup the data Answer: B NEW QUESTION 540 - (Exam Topic 11) Which security approach will BEST minimize Personally Identifiable Information (PII) loss from a data breach? A. A strong breach notification process B. Limited collection of individuals' confidential data C. End-to-end data encryption for data in transit D. Continuous monitoring of potential vulnerabilities Answer: B NEW QUESTION 542 - (Exam Topic 11) Which of the following are Systems Engineering Life Cycle (SELC) Technical Processes? A. Concept, Development, Production, Utilization, Support, Retirement B. Stakeholder Requirements Definition, Architectural Design, Implementation, Verification, Operation C. Acquisition, Measurement, Configuration Management, Production, Operation, Support D. Concept, Requirements, Design, Implementation, Production, Maintenance, Support, Disposal Answer: B NEW QUESTION 544 - (Exam Topic 11) The World Trade Organization's (WTO) agreement on Trade-Related Aspects of Intellectual Property Rights (TRIPS) requires authors of computer software to be given the A. right to refuse or permit commercial rentals. B. right to disguise the software's geographic origin. C. ability to tailor security parameters based on location. D. ability to confirm license authenticity of their works. Answer: A NEW QUESTION 547 Passing Certification Exams Made Easy visit - https://www.2PassEasy.com Welcome to download the Newest 2passeasy CISSP dumps https://www.2passeasy.com/dumps/CISSP/ (653 New Questions) - (Exam Topic 11) What is the PRIMARY difference between security policies and security procedures? A. Policies are used to enforce violations, and procedures create penalties B. Policies point to guidelines, and procedures are more contractual in nature C. Policies are included in awareness training, and procedures give guidance D. Policies are generic in nature, and procedures contain operational details Answer: D NEW QUESTION 551 - (Exam Topic 11) An organization has hired a security services firm to conduct a penetration test. Which of the following will the organization provide to the tester? A. Limits and scope of the testing. B. Physical location of server room and wiring closet. C. Logical location of filters and concentrators. D. Employee directory and organizational chart. Answer: A NEW QUESTION 553 - (Exam Topic 11) During a fingerprint verification process, which of the following is used to verify identity and authentication? A. A pressure value is compared with a stored template B. Sets of digits are matched with stored values C. A hash table is matched to a database of stored value D. A template of minutiae is compared with a stored template Answer: D NEW QUESTION 555 - (Exam Topic 11) How does Encapsulating Security Payload (ESP) in transport mode affect the Internet Protocol (IP)? A. Encrypts and optionally authenticates the IP header, but not the IP payload B. Encrypts and optionally authenticates the IP payload, but not the IP header C. Authenticates the IP payload and selected portions of the IP header D. Encrypts and optionally authenticates the complete IP packet Answer: B NEW QUESTION 557 - (Exam Topic 11) When planning a penetration test, the tester will be MOST interested in which information? A. Places to install back doors B. The main network access points C. Job application handouts and tours D. Exploits that can attack weaknesses Answer: B NEW QUESTION 558 - (Exam Topic 11) Which of the following is the PRIMARY security concern associated with the implementation of smart cards? A. The cards have limited memory B. Vendor application compatibility C. The cards can be misplaced D. Mobile code can be embedded in the card Answer: C NEW QUESTION 562 - (Exam Topic 11) After acquiring the latest security updates, what must be done before deploying to production systems? A. Use tools to detect missing system patches B. Install the patches on a test system C. Subscribe to notifications for vulnerabilities D. Assess the severity of the situation Answer: B Passing Certification Exams Made Easy visit - https://www.2PassEasy.com Welcome to download the Newest 2passeasy CISSP dumps https://www.2passeasy.com/dumps/CISSP/ (653 New Questions) NEW QUESTION 566 - (Exam Topic 11) A software security engineer is developing a black box-based test plan that will measure the system's reaction to incorrect or illegal inputs or unexpected operational errors and situations. Match the functional testing techniques on the left with the correct input parameters on the right. A. Mastered B. Not Mastered Answer: A Explanation: NEW QUESTION 571 - (Exam Topic 11) To protect auditable information, which of the following MUST be configured to only allow read access? A. Logging configurations B. Transaction log files C. User account configurations D. Access control lists (ACL) Answer: B NEW QUESTION 573 - (Exam Topic 11) Which of the following is the BEST example of weak management commitment to the protection of security assets and resources? A. poor governance over security processes and procedures Passing Certification Exams Made Easy visit - https://www.2PassEasy.com Welcome to download the Newest 2passeasy CISSP dumps https://www.2passeasy.com/dumps/CISSP/ (653 New Questions) B. immature security controls and procedures C. variances against regulatory requirements D. unanticipated increases in security incidents and threats Answer: A NEW QUESTION 578 - (Exam Topic 11) Which of the following is the PRIMARY concern when using an Internet browser to access a cloud-based service? A. Insecure implementation of Application Programming Interfaces (API) B. Improper use and storage of management keys C. Misconfiguration of infrastructure allowing for unauthorized access D. Vulnerabilities within protocols that can expose confidential data Answer: D NEW QUESTION 583 - (Exam Topic 11) Which of the following is an essential step before performing Structured Query Language (SQL) penetration tests on a production system? A. Verify countermeasures have been deactivated. B. Ensure firewall logging has been activated. C. Validate target systems have been backed up. D. Confirm warm site is ready to accept connections. Answer: C NEW QUESTION 586 - (Exam Topic 11) What type of encryption is used to protect sensitive data in transit over a network? A. Payload encryption and transport encryption B. Authentication Headers (AH) C. Keyed-Hashing for Message Authentication D. Point-to-Point Encryption (P2PE) Answer: A NEW QUESTION 591 - (Exam Topic 11) An organization has developed a major application that has undergone accreditation testing. After receiving the results of the evaluation, what is the final step before the application can be accredited? A. Acceptance of risk by the authorizing official B. Remediation of vulnerabilities C. Adoption of standardized policies and procedures D. Approval of the System Security Plan (SSP) Answer: A NEW QUESTION 595 - (Exam Topic 11) Which Web Services Security (WS-Security) specification maintains a single authenticated identity across multiple dissimilar environments? Click on the correct specification in the image below. Passing Certification Exams Made Easy visit - https://www.2PassEasy.com Welcome to download the Newest 2passeasy CISSP dumps https://www.2passeasy.com/dumps/CISSP/ (653 New Questions) A. Mastered B. Not Mastered Answer: A Explanation: WS-Federation Reference: Java Web Services: Up and Running” By Martin Kalin page 228 NEW QUESTION 599 - (Exam Topic 11) A security professional is asked to provide a solution that restricts a bank teller to only perform a savings deposit transaction but allows a supervisor to perform corrections after the transaction. Which of the following is the MOST effective solution? A. Access is based on rules. B. Access is determined by the system. C. Access is based on user's role. D. Access is based on data sensitivity. Answer: C NEW QUESTION 600 - (Exam Topic 11) Secure Sockets Layer (SSL) encryption protects A. data at rest. B. the source IP address. C. data transmitted. D. data availability. Answer: C NEW QUESTION 603 - (Exam Topic 11) Which methodology is recommended for penetration testing to be effective in the development phase of the life-cycle process? A. White-box testing B. Software fuzz testing C. Black-box testing D. Visual testing Answer: A NEW QUESTION 607 - (Exam Topic 11) The PRIMARY characteristic of a Distributed Denial of Service (DDoS) attack is that it A. exploits weak authentication to penetrate networks. B. can be detected with signature analysis. C. looks like normal network activity. D. is commonly confused with viruses or worms. Answer: C Passing Certification Exams Made Easy visit - https://www.2PassEasy.com Welcome to download the Newest 2passeasy CISSP dumps https://www.2passeasy.com/dumps/CISSP/ (653 New Questions) NEW QUESTION 609 - (Exam Topic 11) The PRIMARY security concern for handheld devices is the A. strength of the encryption algorithm. B. spread of malware during synchronization. C. ability to bypass the authentication mechanism. D. strength of the Personal Identification Number (PIN). Answer: C NEW QUESTION 612 - (Exam Topic 11) Sensitive customer data is going to be added to a database. What is the MOST effective implementation for ensuring data privacy? A. Discretionary Access Control (DAC) procedures B. Mandatory Access Control (MAC) procedures C. Data link encryption D. Segregation of duties Answer: B NEW QUESTION 613 - (Exam Topic 11) Which of the following controls is the FIRST step in protecting privacy in an information system? A. Data Redaction B. Data Minimization C. Data Encryption D. Data Storage Answer: B NEW QUESTION 618 - (Exam Topic 11) Software Code signing is used as a method of verifying what security concept? A. Integrity B. Confidentiality C. Availability D. Access Control Answer: A NEW QUESTION 622 - (Exam Topic 11) Data leakage of sensitive information is MOST often concealed by which of the following? A. Secure Sockets Layer (SSL) B. Secure Hash Algorithm (SHA) C. Wired Equivalent Privacy (WEP) D. Secure Post Office Protocol (POP) Answer: A NEW QUESTION 623 - (Exam Topic 11) What does an organization FIRST review to assure compliance with privacy requirements? A. Best practices B. Business objectives C. Legal and regulatory mandates D. Employee's compliance to policies and standards Answer: C NEW QUESTION 624 - (Exam Topic 11) An organization has decided to contract with a cloud-based service provider to leverage their identity as a service offering. They will use Open Authentication (OAuth) 2.0 to authenticate external users to the organization's services. As part of the authentication process, which of the following must the end user provide? A. An access token B. A username and password C. A username D. A password Passing Certification Exams Made Easy visit - https://www.2PassEasy.com Welcome to download the Newest 2passeasy CISSP dumps https://www.2passeasy.com/dumps/CISSP/ (653 New Questions) Answer: A NEW QUESTION 625 - (Exam Topic 11) Which one of the following is a common risk with network configuration management? A. Patches on the network are difficult to keep current. B. It is the responsibility of the systems administrator. C. User ID and passwords are never set to expire. D. Network diagrams are not up to date. Answer: D NEW QUESTION 626 - (Exam Topic 11) Which of the following methods can be used to achieve confidentiality and integrity for data in transit? A. Multiprotocol Label Switching (MPLS) B. Internet Protocol Security (IPSec) C. Federated identity management D. Multi-factor authentication Answer: B NEW QUESTION 628 - (Exam Topic 11) Which one of the following operates at the session, transport, or network layer of the Open System Interconnection (OSI) model? A. Data at rest encryption B. Configuration Management C. Integrity checking software D. Cyclic redundancy check (CRC) Answer: D NEW QUESTION 630 - (Exam Topic 11) What is the PRIMARY goal for using Domain Name System Security Extensions (DNSSEC) to sign records? A. Integrity B. Confidentiality C. Accountability D. Availability Answer: A NEW QUESTION 631 - (Exam Topic 11) Discretionary Access Control (DAC) is based on which of the following? A. Information source and destination B. Identification of subjects and objects C. Security labels and privileges D. Standards and guidelines Answer: B NEW QUESTION 636 - (Exam Topic 11) What type of test assesses a Disaster Recovery (DR) plan using realistic disaster scenarios while maintaining minimal impact to business operations? A. Parallel B. Walkthrough C. Simulation D. Tabletop Answer: C NEW QUESTION 640 - (Exam Topic 11) Which of the following questions can be answered using user and group entitlement reporting? A. When a particular file was last accessed by a user B. Change control activities for a particular group of users C. The number of failed login attempts for a particular user Passing Certification Exams Made Easy visit - https://www.2PassEasy.com Welcome to download the Newest 2passeasy CISSP dumps https://www.2passeasy.com/dumps/CISSP/ (653 New Questions) D. Where does a particular user have access within the network Answer: D NEW QUESTION 645 - (Exam Topic 11) When in the Software Development Life Cycle (SDLC) MUST software security functional requirements be defined? A. After the system preliminary design has been developed and the data security categorization has been performed B. After the business functional analysis and the data security categorization have been performed C. After the vulnerability analysis has been performed and before the system detailed design begins D. After the system preliminary design has been developed and before the data security categorization begins Answer: B NEW QUESTION 646 - (Exam Topic 11) Which of the following protocols would allow an organization to maintain a centralized list of users that can read a protected webpage? A. Lightweight Directory Access Control (LDAP) B. Security Assertion Markup Language (SAML) C. Hypertext Transfer Protocol (HTTP) D. Kerberos Answer: A NEW QUESTION 649 - (Exam Topic 11) A Simple Power Analysis (SPA) attack against a device directly observes which of the following? A. Static discharge B. Consumption C. Generation D. Magnetism Answer: B NEW QUESTION 652 - (Exam Topic 11) While inventorying storage equipment, it is found that there are unlabeled, disconnected, and powered off devices. Which of the following is the correct procedure for handling such equipment? A. They should be recycled to save energy. B. They should be recycled according to NIST SP 800-88. C. They should be inspected and sanitized following the organizational policy. D. They should be inspected and categorized properly to sell them for reuse. Answer: C NEW QUESTION 656 - (Exam Topic 11) In the Open System Interconnection (OSI) model, which layer is responsible for the transmission of binary data over a communications network? A. Application Layer B. Physical Layer C. Data-Link Layer D. Network Layer Answer: B NEW QUESTION 658 - (Exam Topic 11) Which of the following is the MOST important output from a mobile application threat modeling exercise according to Open Web Application Security Project (OWASP)? A. Application interface entry and endpoints B. The likelihood and impact of a vulnerability C. Countermeasures and mitigations for vulnerabilities D. A data flow diagram for the application and attack surface analysis Answer: D NEW QUESTION 662 - (Exam Topic 11) Which of the following is the PRIMARY issue when collecting detailed log information? Passing Certification Exams Made Easy visit - https://www.2PassEasy.com Welcome to download the Newest 2passeasy CISSP dumps https://www.2passeasy.com/dumps/CISSP/ (653 New Questions) A. Logs may be unavailable when required B. Timely review of the data is potentially difficult C. Most systems and applications do not support logging D. Logs do not provide sufficient details of system and individual activities Answer: B NEW QUESTION 663 - (Exam Topic 11) Which of the following is the PRIMARY benefit of implementing data-in-use controls? A. If the data is lost, it must be decrypted to be opened. B. If the data is lost, it will not be accessible to unauthorized users. C. When the data is being viewed, it can only be printed by authorized users. D. When the data is being viewed, it must be accessed using secure protocols. Answer: C NEW QUESTION 668 - (Exam Topic 11) During the risk assessment phase of the project the CISO discovered that a college within the University is collecting Protected Health Information (PHI) data via an application that was developed in-house. The college collecting this data is fully aware of the regulations for Health Insurance Portability and Accountability Act (HIPAA) and is fully compliant. What is the best approach for the CISO? During the risk assessment phase of the project the CISO discovered that a college within the University is collecting Protected Health Information (PHI) data via an application that was developed in-house. The college collecting this data is fully aware of the regulations for Health Insurance Portability and Accountability Act (HIPAA) and is fully compliant. What is the best approach for the CISO? A. Document the system as high risk B. Perform a vulnerability assessment C. Perform a quantitative threat assessment D. Notate the information and move on Answer: B NEW QUESTION 672 - (Exam Topic 11) In order for a security policy to be effective within an organization, it MUST include A. strong statements that clearly define the problem. B. a list of all standards that apply to the policy. C. owner information and date of last revision. D. disciplinary measures for non compliance. Answer: D NEW QUESTION 675 - (Exam Topic 11) The MAIN reason an organization conducts a security authorization process is to A. force the organization to make conscious risk decisions. B. assure the effectiveness of security controls. C. assure the correct security organization exists. D. force the organization to enlist management support. Answer: A NEW QUESTION 680 - (Exam Topic 11) Which of the following could elicit a Denial of Service (DoS) attack against a credential management system? A. Delayed revocation or destruction of credentials B. Modification of Certificate Revocation List C. Unauthorized renewal or re-issuance D. Token use after decommissioning Answer: B NEW QUESTION 684 - (Exam Topic 11) In which order, from MOST to LEAST impacted, does user awareness training reduce the occurrence of the events below? Passing Certification Exams Made Easy visit - https://www.2PassEasy.com Welcome to download the Newest 2passeasy CISSP dumps https://www.2passeasy.com/dumps/CISSP/ (653 New Questions) A. Mastered B. Not Mastered Answer: A Explanation: NEW QUESTION 687 - (Exam Topic 12) A proxy firewall operates at what layer of the Open System Interconnection (OSI) model? A. Transport B. Data link C. Network D. Application Answer: D NEW QUESTION 690 - (Exam Topic 12) As a best practice, the Security Assessment Report (SAR) should include which of the following sections? A. Data classification policy B. Software and hardware inventory C. Remediation recommendations D. Names of participants Answer: B NEW QUESTION 691 - (Exam Topic 12) What is the difference between media marking and media labeling? A. Media marking refers to the use of human-readable security attributes, while media labeling refers to the use of security attributes in internal data structures. B. Media labeling refers to the use of human-readable security attributes, while media marking refers to the use of security attributes in internal data structures. C. Media labeling refers to security attributes required by public policy/law, while media marking refers to security required by internal organizational policy. D. Media marking refers to security attributes required by public policy/law, while media labeling refers to security attributes required by internal organizational policy. Answer: D NEW QUESTION 696 - (Exam Topic 12) Match the name of access control model with its associated restriction. Drag each access control model to its appropriate restriction access on the right. Passing Certification Exams Made Easy visit - https://www.2PassEasy.com Welcome to download the Newest 2passeasy CISSP dumps https://www.2passeasy.com/dumps/CISSP/ (653 New Questions) A. Mastered B. Not Mastered Answer: A Explanation: Mandatory Access Control – End user cannot set controls Discretionary Access Control (DAC) –

Use Quizgecko on...
Browser
Browser