CISSP | ISC2 CISSP Pack 2020

Act now and download your ISC2 CISSP test today! Do not waste time for the worthless ISC2 CISSP tutorials. Download Improve ISC2 Certified Information Systems Security Professional (CISSP) exam with real questions and answers and begin to learn ISC2 CISSP with a classic professional.

Also have CISSP free dumps questions for you:

NEW QUESTION 1

A security manager has noticed an inconsistent application of server security controls resulting in vulnerabilities on critical systems. What is the MOST likely cause of this issue?

  • A. A lack of baseline standards
  • B. Improper documentation of security guidelines
  • C. A poorly designed security policy communication program
  • D. Host-based Intrusion Prevention System (HIPS) policies are ineffective

Answer: A

NEW QUESTION 2

What would be the PRIMARY concern when designing and coordinating a security assessment for an Automatic Teller Machine (ATM) system?

  • A. Physical access to the electronic hardware
  • B. Regularly scheduled maintenance process
  • C. Availability of the network connection
  • D. Processing delays

Answer: A

NEW QUESTION 3

The application of a security patch to a product previously validate at Common Criteria (CC) Evaluation Assurance Level (EAL) 4 would

  • A. require an update of the Protection Profile (PP).
  • B. require recertification.
  • C. retain its current EAL rating.
  • D. reduce the product to EAL 3.

Answer: B

NEW QUESTION 4

Which of the following is the MOST effective practice in managing user accounts when an employee is terminated?

  • A. Implement processes for automated removal of access for terminated employees.
  • B. Delete employee network and system IDs upon termination.
  • C. Manually remove terminated employee user-access to all systems and applications.
  • D. Disable terminated employee network ID to remove all access.

Answer: B

NEW QUESTION 5

When is security personnel involvement in the Systems Development Life Cycle (SDLC) process MOST beneficial?

  • A. Testing phase
  • B. Development phase
  • C. Requirements definition phase
  • D. Operations and maintenance phase

Answer: C

NEW QUESTION 6

The PRIMARY characteristic of a Distributed Denial of Service (DDoS) attack is that it

  • A. exploits weak authentication to penetrate networks.
  • B. can be detected with signature analysis.
  • C. looks like normal network activity.
  • D. is commonly confused with viruses or worms.

Answer: C

NEW QUESTION 7

An important principle of defense in depth is that achieving information security requires a balanced focus on which PRIMARY elements?

  • A. Development, testing, and deployment
  • B. Prevention, detection, and remediation
  • C. People, technology, and operations
  • D. Certification, accreditation, and monitoring

Answer: C

NEW QUESTION 8

The PRIMARY outcome of a certification process is that it provides documented

  • A. interconnected systems and their implemented security controls.
  • B. standards for security assessment, testing, and process evaluation.
  • C. system weakness for remediation.
  • D. security analyses needed to make a risk-based decision.

Answer: D

NEW QUESTION 9

What does an organization FIRST review to assure compliance with privacy requirements?

  • A. Best practices
  • B. Business objectives
  • C. Legal and regulatory mandates
  • D. Employee's compliance to policies and standards

Answer: C

NEW QUESTION 10

A security consultant has been asked to research an organization's legal obligations to protect privacy-related information. What kind of reading material is MOST relevant to this project?

  • A. The organization's current security policies concerning privacy issues
  • B. Privacy-related regulations enforced by governing bodies applicable to the organization
  • C. Privacy best practices published by recognized security standards organizations
  • D. Organizational procedures designed to protect privacy information

Answer: B

NEW QUESTION 11

What can happen when an Intrusion Detection System (IDS) is installed inside a firewall-protected internal network?

  • A. The IDS can detect failed administrator logon attempts from servers.
  • B. The IDS can increase the number of packets to analyze.
  • C. The firewall can increase the number of packets to analyze.
  • D. The firewall can detect failed administrator login attempts from servers

Answer: A

NEW QUESTION 12

Which of the following is the MOST important consideration when storing and processing Personally Identifiable Information (PII)?

  • A. Encrypt and hash all PII to avoid disclosure and tampering.
  • B. Store PII for no more than one year.
  • C. Avoid storing PII in a Cloud Service Provider.
  • D. Adherence to collection limitation laws and regulations.

Answer: D

NEW QUESTION 13

When implementing a secure wireless network, which of the following supports authentication and authorization for individual client endpoints?

  • A. Temporal Key Integrity Protocol (TKIP)
  • B. Wi-Fi Protected Access (WPA) Pre-Shared Key (PSK)
  • C. Wi-Fi Protected Access 2 (WPA2) Enterprise
  • D. Counter Mode with Cipher Block Chaining Message Authentication Code Protocol (CCMP)

Answer: C

NEW QUESTION 14

According to best practice, which of the following is required when implementing third party software in a production environment?

  • A. Scan the application for vulnerabilities
  • B. Contract the vendor for patching
  • C. Negotiate end user application training
  • D. Escrow a copy of the software

Answer: A

NEW QUESTION 15

Refer to the information below to answer the question.
An organization has hired an information security officer to lead their security department. The officer has adequate people resources but is lacking the other necessary components to have an effective security program. There are numerous initiatives requiring security involvement.
The security program can be considered effective when

  • A. vulnerabilities are proactively identified.
  • B. audits are regularly performed and reviewed.
  • C. backups are regularly performed and validated.
  • D. risk is lowered to an acceptable level.

Answer: D

NEW QUESTION 16

Refer to the information below to answer the question.
A large, multinational organization has decided to outsource a portion of their Information Technology (IT) organization to a third-party provider’s facility. This provider will be responsible for the design, development, testing, and support of several critical, customer-based applications used by the organization.
What additional considerations are there if the third party is located in a different country?

  • A. The organizational structure of the third party and how it may impact timelines within the organization
  • B. The ability of the third party to respond to the organization in a timely manner and with accurate information
  • C. The effects of transborder data flows and customer expectations regarding the storage or processing of their data
  • D. The quantity of data that must be provided to the third party and how it is to be used

Answer: C

NEW QUESTION 17

Which of the following activities BEST identifies operational problems, security misconfigurations, and malicious attacks?

  • A. Policy documentation review
  • B. Authentication validation
  • C. Periodic log reviews
  • D. Interface testing

Answer: C

NEW QUESTION 18

Which one of the following is the MOST important in designing a biometric access system if it is essential that no one other than authorized individuals are admitted?

  • A. False Acceptance Rate (FAR)
  • B. False Rejection Rate (FRR)
  • C. Crossover Error Rate (CER)
  • D. Rejection Error Rate

Answer: A

NEW QUESTION 19

An organization is designing a large enterprise-wide document repository system. They plan to have several different classification level areas with increasing levels of controls. The BEST way to ensure document confidentiality in the repository is to

  • A. encrypt the contents of the repository and document any exceptions to that requirement.
  • B. utilize Intrusion Detection System (IDS) set drop connections if too many requests for documents are detected.
  • C. keep individuals with access to high security areas from saving those documents into lower security areas.
  • D. require individuals with access to the system to sign Non-Disclosure Agreements (NDA).

Answer: C

NEW QUESTION 20

Which one of the following affects the classification of data?

  • A. Assigned security label
  • B. Multilevel Security (MLS) architecture
  • C. Minimum query size
  • D. Passage of time

Answer: D

NEW QUESTION 21

Which of the following does the Encapsulating Security Payload (ESP) provide?

  • A. Authorization and integrity
  • B. Availability and integrity
  • C. Integrity and confidentiality
  • D. Authorization and confidentiality

Answer: C

NEW QUESTION 22

Which of the following provides the minimum set of privileges required to perform a job function and restricts the user to a domain with the required privileges?

  • A. Access based on rules
  • B. Access based on user's role
  • C. Access determined by the system
  • D. Access based on data sensitivity

Answer: B

NEW QUESTION 23

Passive Infrared Sensors (PIR) used in a non-climate controlled environment should

  • A. reduce the detected object temperature in relation to the background temperature.
  • B. increase the detected object temperature in relation to the background temperature.
  • C. automatically compensate for variance in background temperature.
  • D. detect objects of a specific temperature independent of the background temperature.

Answer: C

NEW QUESTION 24

Refer to the information below to answer the question.
A new employee is given a laptop computer with full administrator access. This employee does not have a personal computer at home and has a child that uses the computer to send and receive e-mail, search the web, and use instant messaging. The organization’s Information Technology (IT) department discovers that a peer-to-peer program has been installed on the computer using the employee's access.
Which of the following could have MOST likely prevented the Peer-to-Peer (P2P) program from being installed on the computer?

  • A. Removing employee's full access to the computer
  • B. Supervising their child's use of the computer
  • C. Limiting computer's access to only the employee
  • D. Ensuring employee understands their business conduct guidelines

Answer: A

NEW QUESTION 25

What is the MOST important element when considering the effectiveness of a training program for Business Continuity (BC) and Disaster Recovery (DR)?

  • A. Management support
  • B. Consideration of organizational need
  • C. Technology used for delivery
  • D. Target audience

Answer: B

NEW QUESTION 26

What principle requires that changes to the plaintext affect many parts of the ciphertext?

  • A. Diffusion
  • B. Encapsulation
  • C. Obfuscation
  • D. Permutation

Answer: A

NEW QUESTION 27

Which of the following factors contributes to the weakness of Wired Equivalent Privacy (WEP) protocol?

  • A. WEP uses a small range Initialization Vector (IV)
  • B. WEP uses Message Digest 5 (MD5)
  • C. WEP uses Diffie-Hellman
  • D. WEP does not use any Initialization Vector (IV)

Answer: A

NEW QUESTION 28

An organization has outsourced its financial transaction processing to a Cloud Service Provider (CSP) who will provide them with Software as a Service (SaaS). If there was a data breach who is responsible for monetary losses?

  • A. The Data Protection Authority (DPA)
  • B. The Cloud Service Provider (CSP)
  • C. The application developers
  • D. The data owner

Answer: B

NEW QUESTION 29

The overall goal of a penetration test is to determine a system's

  • A. ability to withstand an attack.
  • B. capacity management.
  • C. error recovery capabilities.
  • D. reliability under stress.

Answer: A

NEW QUESTION 30

Which Radio Frequency Interference (RFI) phenomenon associated with bundled cable runs can create information leakage?

  • A. Transference
  • B. Covert channel
  • C. Bleeding
  • D. Cross-talk

Answer: D

NEW QUESTION 31
......

P.S. Certstest now are offering 100% pass ensure CISSP dumps! All CISSP exam questions have been updated with correct answers: https://www.certstest.com/dumps/CISSP/ (653 New Questions)