ISC2 CISSP Last 24 Hours Result


8

Students Passed

90%

Average Marks

94%

Questions from this dumps

1485

Total Questions

ISC2 CISSP Dumps

Dumps4download providing 100% reliable Exam dumps that are verified by experts panel. Our Dumps4download CISSP study material are totally unique and exam questions are valid all over the world. By using our CISSP dumps we assure you that you will pass your exam on first attempt. You can easily score more than 97%.

100% exam passing Guarantee on your purchased exams.

100% money back guarantee if you will not clear your exam.

ISC2 CISSP Practice Test Helps You Turn Dreams To Reality!

IT Professionals from every sector are looking up certifications to boost their careers. ISC2 being the leader certification provider earns the most demand in the industry.

The ISC2 Certification is your short-cut to an ever-growing success. In the process, Dumps4download is your strongest coordinator, providing you with the best CISSP Dumps PDF as well as Online Test Engine. Let’s steer your career to a more stable future with interactive and effective CISSP Practice Exam Dumps.

Many of our customers are already excelling in their careers after achieving their goals with our help. You can too be a part of that specialized bunch with a little push in the right direction. Let us help you tread the heights of success.

Apply for the CISSP Exam right away so you can get certified by using our ISC2 Dumps.



Bulk Exams Package



2 Exams Files

10% off

  • 2 Different Exams
  • Latest and Most Up-todate Dumps
  • Free 3 Months Updates
  • Exam Passing Guarantee
  • Secure Payment
  • Privacy Protection

3 Exams Files

15% off

  • 3 Different Exams
  • Latest and Most Up-todate Dumps
  • Free 3 Months Updates
  • Exam Passing Guarantee
  • Secure Payment
  • Privacy Protection

5 Exams Files

20% off

  • 5 Different Exams
  • Latest and Most Up-todate Dumps
  • Free 3 Months Updates
  • Exam Passing Guarantee
  • Secure Payment
  • Privacy Protection

10 Exams Files

25% off

  • 10 Different Exams
  • Latest and Most Up-todate Dumps
  • Free 3 Months Updates
  • Exam Passing Guarantee
  • Secure Payment
  • Privacy Protection

Dumps4download Leads You To A 100% Success in First Attempt!

Our CISSP Dumps PDF is intended to meet the requirements of the most suitable method for exam preparation. We especially hired a team of experts to make sure you get the latest and compliant CISSP Practice Test Questions Answers. These questions are been selected according to the most relevance as well as the highest possibility of appearing in the exam. So, you can be sure of your success in the first attempt.

Interactive & Effective CISSP Dumps PDF + Online Test Engine

Aside from our ISC2 CISSP Dumps PDF, we invest in your best practice through Online Test Engine. They are designed to reflect the actual exam format covering each topic of your exam. Also, with our interactive interface focusing on the exam preparation is easier than ever. With an easy-to-understand, interactive and effective study material assisting you there is nothing that could go wrong. We are 100% sure that our CISSP Questions Answers Practice Exam is the best choice you can make to pass the exam with top score.

How Dumps4download Creates Better Opportunities for You!

Dumps4download knows how hard it is for you to beat this tough ISC2 Exam terms and concepts. That is why to ease your preparation we offer the best possible training tactics we know best. Online Test Engine provides you an exam-like environment and PDF helps you take your study guide wherever you are. Best of all, you can download CISSP Dumps PDF easily or better print it. For the purpose of getting concepts across as easily as possible, we have used simple language. Adding explanations at the end of the CISSP Questions and Answers Practice Test we ensure nothing slips your grasp.

The exam stimulation is 100 times better than any other test material you would encounter. Besides, if you are troubled with anything concerning Certified Information Systems Security Professional (CISSP) Exam or the CISSP Dumps PDF, our 24/7 active team is quick to respond. So, leave us a message and your problem will be solved in a few minutes.

Get an Absolutely Free Demo Today!

Dumps4download offers an absolutely free demo version to test the product with sample features before actually buying it. This shows our concern for your best experience. Once you are thoroughly satisfied with the demo you can get the Certified Information Systems Security Professional (CISSP) Practice Test Questions instantly.

24/7 Online Support – Anytime, Anywhere

Have a question? You can contact us anytime, anywhere. Our 24/7 Online Support makes sure you have absolutely no problem accessing or using Certified Information Systems Security Professional (CISSP) Practice Exam Dumps. What’s more, Dumps4download is mobile compatible so you can access the site without having to log in to your Laptop or PC.

Features to use Dumps4download CISSP Dumps:

  • Thousands of satisfied customers.
  • Good grades are 100% guaranteed.
  • 100% verified by Experts panel.
  • Up to date exam data.
  • Dumps4download data is 100% trustworthy.
  • Passing ratio more than 99%
  • 100% money back guarantee.

ISC2 CISSP Frequently Asked Questions

ISC2 CISSP Sample Questions

Question # 1

What protocol is often used between gateway hosts on the Internet’ To control the scope of a Business Continuity Management (BCM) system, a security practitioner should identify which of the following?

A. Size, nature, and complexity of the organization  
B. Business needs of the security organization  
C. All possible risks  
D. Adaptation model for future recovery planning  


Question # 2

The core component of Role Based Access control (RBAC) must be constructed of defined data elements. Which elements are required? 

A. Users, permissions, operators, and protected objects  
B. Users, rotes, operations, and protected objects  
C. Roles, accounts, permissions, and protected objects  
D. Roles, operations, accounts, and protected objects  


Question # 3

Which of the following access management procedures would minimize the possibility of an organization's employees retaining access to secure werk areas after they change roles? 

A. User access modification  
B. user access recertification  
C. User access termination  
D. User access provisioning  


Question # 4

What Is the FIRST step in establishing an information security program? 

A. Establish an information security policy.  
B. Identify factors affecting information security.  
C. Establish baseline security controls.  
D. Identify critical security infrastructure.  


Question # 5

During the Security Assessment and Authorization process, what is the PRIMARY purpose for conducting a hardware and software inventory?

A. Calculate the value of assets being accredited.  
B. Create a list to include in the Security Assessment and Authorization package.  
C. Identify obsolete hardware and software.  
D. Define the boundaries of the information system.  


Question # 6

In which identity management process is the subject’s identity established? 

A. Trust  
B. Provisioning  
C. Authorization  
D. Enrollment  


Question # 7

Although code using a specific program language may not be susceptible to a buffer overflow attack,

A. most calls to plug-in programs are susceptible.  
B. most supporting application code is susceptible.  
C. the graphical images used by the application could be susceptible.  
D. the supporting virtual machine could be susceptible.  


Question # 8

In general, servers that are facing the Internet should be placed in a demilitarized zone (DMZ). What is MAIN purpose of the DMZ?

A. Reduced risk to internal systems.  
B. Prepare the server for potential attacks.  
C. Mitigate the risk associated with the exposed server.  
D. Bypass the need for a firewall.  


Question # 9

What is a characteristic of Secure Socket Layer (SSL) and Transport Layer Security (TLS)?

A. SSL and TLS provide a generic channel security mechanism on top of Transmission Control Protocol (TCP). 
B. SSL and TLS provide nonrepudiation by default.  
C. SSL and TLS do not provide security for most routed protocols.  
D. SSL and TLS provide header encapsulation over HyperText Transfer Protocol (HTTP).  


Question # 10

Which of the following media sanitization techniques is MOST likely to be effective for an organization using public cloud services? 

A. Low-level formatting  
B. Secure-grade overwrite erasure  
C. Cryptographic erasure  
D. Drive degaussing  


Question # 11

Which of the following is the BEST example of weak management commitment to the protection of security assets and resources?

A. poor governance over security processes and procedures  
B. immature security controls and procedures  
C. variances against regulatory requirements  
D. unanticipated increases in security incidents and threats  


Question # 12

Which of the following is the PRIMARY concern when using an Internet browser to access a cloud-based service? 

A. Insecure implementation of Application Programming Interfaces (API)  
B. Improper use and storage of management keys  
C. Misconfiguration of infrastructure allowing for unauthorized access  
D. Vulnerabilities within protocols that can expose confidential data  


Question # 13

The amount of data that will be collected during an audit is PRIMARILY determined by the. 

A. audit scope.  
B. auditor's experience level.  
C. availability of the data.  
D. integrity of the data.  


Question # 14

The key benefits of a signed and encrypted e-mail include 

A. confidentiality, authentication, and authorization.  
B. confidentiality, non-repudiation, and authentication.  
C. non-repudiation, authorization, and authentication.  
D. non-repudiation, confidentiality, and authorization.  


Question # 15

An internal Service Level Agreement (SLA) covering security is signed by senior managers and is in place. When should compliance to the SLA be reviewed to ensure that a good security posture is being delivered? 

A. As part of the SLA renewal process  
B. Prior to a planned security audit  
C. Immediately after a security breach  
D. At regularly scheduled meetings  


Question # 16

Which one of the following effectively obscures network addresses from external exposure when implemented on a firewall or router?

A. Network Address Translation (NAT)  
B. Application Proxy  
C. Routing Information Protocol (RIP) Version 2  
D. Address Masking  


Question # 17

Which layer of the Open Systems Interconnections (OSI) model implementation adds information concerning the logical connection between the sender and receiver?

A. Physical  
B. Session  
C. Transport  
D. Data-Link  


Question # 18

Which of the following can BEST prevent security flaws occurring in outsourced software development? 

A. Contractual requirements for code quality  
B. Licensing, code ownership and intellectual property rights  
C. Certification of the quality and accuracy of the work done  
D. Delivery dates, change management control and budgetary control  


Question # 19

How should the retention period for an organization's social media content be defined? 

A. By the retention policies of each social media service  
B. By the records retention policy of the organization  
C. By the Chief Information Officer (CIO)  
D. By the amount of available storage space  


Question # 20

What is the PRIMARY purpose of auditing, as it relates to the security review cycle? 

A. To ensure the organization's controls and pokies are working as intended  
B. To ensure the organization can still be publicly traded  
C. To ensure the organization's executive team won't be sued  
D. To ensure the organization meets contractual requirements  


Question # 21

An application is used for funds transfer between an organization and a third-party. During a security audit, an issue with the business continuity/disaster recovery policy and procedures for this application. Which of the following reports should the audit file with the organization?

A. Service Organization Control (SOC) 1  
B. Statement on Auditing Standards (SAS) 70
C. Service Organization Control (SOC) 2  
D. Statement on Auditing Standards (SAS) 70-1  


Question # 22

The Industrial Control System (ICS) Computer Emergency Response Team (CERT) has released an alert regarding ICS-focused malware specifically propagating through Windows-based business networks. Technicians at a local water utility note that their dams, canals, and locks controlled by an internal Supervisory Control and Data Acquisition (SCADA) system have been malfunctioning. A digital forensics professional is consulted in the Incident Response (IR) and recovery. Which of the following is the MOST challenging aspect of this investigation?

A. SCADA network latency  
B. Group policy implementation  
C. Volatility of data  
D. Physical access to the system


Question # 23

Which of the following needs to be tested to achieve a Cat 6a certification for a company's data cabling?

A. RJ11  
B. LC ports  
C. Patch panel  
D. F-type connector  


Question # 24

Which access control method is based on users issuing access requests on system resources, features assigned to those resources, the operational or situational context, and a set of policies specified in terms of those features and context?

A. Mandatory Access Control (MAC)  
B. Role Based Access Control (RBAC)  
C. Discretionary Access Control (DAC)  
D. Attribute Based Access Control (ABAC)  


Question # 25

Which of the following are the B EST characteristics of security metrics? 

A. They are generalized and provide a broad overview  
B. They use acronyms and abbreviations to be concise  
C. They use bar charts and Venn diagrams  
D. They are consistently measured and quantitatively expressed  


Question # 26

Which reporting type requires a service organization to describe its system and define its control objectives and controls that are relevant to users' internal control over financial reporting?

A. Statement on Auditing Standards (SAS)70  
B. Service Organization Control 1 (SOC1)  
C. Service Organization Control 2 (SOC2)  
D. Service Organization Control 3 (SOC3)  


Question # 27

Which of the following is the PRIMARY purpose of installing a mantrap within a facility? 

A. Control traffic  
B. Prevent rapid movement  
C. Prevent plggybacking  
C. Prevent piggybacking  


Question # 28

A manager identified two conflicting sensitive user functions that were assigned to a single user account that had the potential to result in a financial and regulatory risk to the company. The manager MOST likely discovered this during which of the following?

A. Security control assessment.  
B. Separation of duties analysis  
C. Network Access Control (NAC) review  
D. Federated identity management (FIM) evaluation  


Question # 29

Which of the following system components enforces access controls on an object? 

A. Security perimeter  
B. Access control matrix  
C. Trusted domain  
D. Reference monitor  


Question # 30

Which of the following provides the MOST secure method for Network Access Control (NAC)?

A. Media Access Control (MAC) filtering  
B. 802.IX authentication  
C. Application layer filtering  
D. Network Address Translation (NAT)  


Question # 31

A software development company found odd behavior in some recently developed software, creating a need for a more thorough code review. What is the MOST effective argument for a more thorough code review?

A. It will increase the flexibility of the applications developed.  
B. It will increase accountability with the customers.  
C. It will impede the development process.  
D. lt will reduce the potential for vulnerabilities.  


Question # 32

How should the retention period for an organization's social media content be defined? 

A. Wireless Access Points (AP)  
B. Token-based authentication  
C. Host-based firewalls  
D. Trusted platforms  


Question # 33

When designing a new Voice over Internet Protocol (VoIP) network, an organization's top concern is preventing unauthorized users from accessing the VoIP network. Which of the following will BEST help secure the VoIP network?

A. Transport Layer Security (TLS)  
B. 802.1x  
C. 802.119  
D. Web application firewall (WAF)


Question # 34

Which of the following factors should be considered characteristics of Attribute Based Access Control (ABAC) in terms of the attributes used?

A. Mandatory Access Control (MAC) and Discretionary Access Control (DAC)  
B. Discretionary Access Control (DAC) and Access Control List (ACL)  
C. Role Based Access Control (RBAC) and Mandatory Access Control (MAC)  
D. Role Based Access Control (RBAC) and Access Control List (ACL)  


Question # 35

What is the PRIMARY purpose of creating and reporting metrics for a security awareness, training, and education program?

A. Make all stakeholders aware of the program's progress.  
B. Measure the effect of the program on the organization's workforce.  
C. Facilitate supervision of periodic training events.  
D. Comply with legal regulations and document due diligence in security practices.  


Question # 36

In a DevOps environment, which of the following actions is MOST necessary to have confidence in the quality of the changes being made?

A. Prepare to take corrective actions quickly.  
B. Receive approval from the change review board.  
C. Review logs for any anomalies.  
D. Automate functionality testing.


Question # 37

A Chief Information Officer (CIO) has delegated responsibility of their system security to the head of the information technology (IT) department. While corporate policy dictates that only the CIO can make decisions on the level of data protection required, technical implementation decisions are done by the head of the IT department. Which of the following BEST describes the security role filled by the head of the IT department?

A. System analyst  
B. System security officer  
C. System processor  
D. System custodian  


Question # 38

During a Disaster Recovery (DR) simulation, it is discovered that the shared recovery site lacks adequate data restoration capabilities to support the implementation of multiple plans simultaneously. What would be impacted by this fact if left unchanged?

A. Recovery Point Objective (RPO) 
B. Recovery Time Objective (RTO) 
C. Business Impact Analysis (BIA) 
D. Return on Investment (ROI) 


Question # 39

In a multi-tenant cloud environment, what approach will secure logical access to assets? 

A. Hybrid cloud  
B. Transparency/Auditability of administrative access  
C. Controlled configuration management (CM)  
D. Virtual private cloud (VPC)


Question # 40

A company is moving from the V model to Agile development. How can the information security department BEST ensure that secure design principles are implemented in the new methodology?

A. All developers receive mandatory targeted information security training.  
B. The non-financial information security requirements remain mandatory for the new model. 
C. The information security department performs an information security assessment after each sprint.
D. Information security requirements are captured in mandatory user stories.  


Question # 41

Which of the following is the BEST method to gather evidence from a computer's hard drive?

A. Disk duplication  
B. Disk replacement  
C. Forensic signature  
D. Forensic imaging  


Question # 42

What is the FIRST step when developing an Information Security Continuous Monitoring (ISCM) program? 

A. Establish an ISCM technical architecture.  
B. Collect the security-related information required for metrics, assessments, and reporting.  
C. Establish an ISCM program determining metrics, status monitoring frequencies, and control assessment frequencies.  
D. Define an ISCM strategy based on risk tolerance.  


Question # 43

The security team is notified that a device on the network is infected with malware. Which of the following is MOST effective in enabling the device to be quickly located and remediated?

A. data loss protection (DLP)  
B. Intrusion detection  
C. Vulnerability scanner  
D. Information Technology Asset Management (ITAM)  


Question # 44

Which of the following BEST describes the objectives of the Business Impact Analysis (BIA)?

A. Identifying the events and environmental factors that can adversely affect an organization
B. Identifying what is important and critical based on disruptions that can affect the organization. 
C. Establishing the need for a Business Continuity Plan (BCP) based on threats that can affect an organization 
D. Preparing a program to create an organizational awareness for executing the Business Continuity Plan (BCP) 


Question # 45

Computer forensics requires which of the following MAIN steps? 

A. Announce the incident to responsible sections, analyze the data, assimilate the data for correlation
B. Take action to contain the damage, announce the incident to responsible sections, analyze the data 
C. Acquire the data without altering, authenticate the recovered data, analyze the data  
D. Access the data before destruction, assimilate the data for correlation, take action to contain the damage 


Question # 46

An attacker is able to remain indefinitely logged into a exploit to remain on the web service?

A. Alert management  
B. Password management  
C. Session management  
D. Identity management (IM)  


Question # 47

Which of the following would qualify as an exception to the "right to be forgotten" of the General Data Protection Regulation (GDPR)?

A. For the establishment, exercise, or defense of legal claims  
B. The personal data has been lawfully processed and collected  
C. The personal data remains necessary to the purpose for which it was collected  
D. For the reasons of private interest  


Question # 48

The initial security categorization should be done early in the system life cycle and should be reviewed periodically. Why is it important for this to be done correctly?

A. It determines the security requirements.
B. It affects other steps in the certification and accreditation process.  
C. It determines the functional and operational requirements.  
D. The system engineering process works with selected security controls.  


Question # 49

When defining a set of security controls to mitigate a risk, which of the following actions MUST occur?

A. Each control's effectiveness must be evaluated individually.  
B. Each control must completely mitigate the risk.  
C. The control set must adequately mitigate the risk.  
D. The control set must evenly divided the risk.  


Question # 50

When conducting a third-party risk assessment of a new supplier, which of the following reports should be reviewed to confirm the operating effectiveness of the security, availability, confidentiality, and privacy trust principles?

A. Service Organization Control (SOC) 1, Type 2  
B. Service Organization Control (SOC) 2, Type 2  
C. International Organization for Standardization (ISO) 27001  
D. International Organization for Standardization (ISO) 27002  


Question # 51

During a penetration test, what are the three PRIMARY objectives of the planning phase? 

A. Determine testing goals, identify rules of engagement and conduct an initial discovery scan. 
B. Finalize management approval, determine testing goals, and gather port and service information. 
C. Identify rules of engagement, finalize management approval, and determine testing goals. 
D. Identify rules of engagement, document management approval, and collect system and application information. 


Question # 52

What is the PRIMARY reason that a bit-level copy is more desirable than a file-level copy when replicating a hard drive's contents for an e-discovery investigation?

A. Files that have been deleted will be transferred.  
B. The file and directory structure is retained.  
C. File-level security settings will be preserved.  
D. The corruption of files is less likely.


Question # 53

An organization wants to migrate to Session Initiation Protocol (SIP) to save on telephony expenses. Which of the following security related statements should be considered in the decision-making process? 

A. Cloud telephony is less secure and more expensive than digital telephony services.  
B. SIP services are more secure when used with multi-layer security proxies.  
C. H.323 media gateways must be used to ensure end-to-end security tunnels.  
D. Given the behavior of SIP traffic, additional security controls would be required.  


Question # 54

When assessing the audit capability of an application, which of the following activities is MOST important?

A. Determine if audit records contain sufficient information.  
B. Review security plan for actions to be taken in the event of audit failure.  
C. Verify if sufficient storage is allocated for audit records.  
D. Identify procedures to investigate suspicious activity.  


Question # 55

Which of the following vulnerabilities can be BEST detected using automated analysis? 

A. Valid cross-site request forgery (CSRF) vulnerabilities  
B. Multi-step process attack vulnerabilities
C. Business logic flaw vulnerabilities  
D. Typical source code vulnerabilities  


Question # 56

In setting expectations when reviewing the results of a security test, which of the following statements is MOST important to convey to reviewers?

A. The target’s security posture cannot be further compromised.  
B. The results of the tests represent a point-in-time assessment of the target(s).  
C. The accuracy of testing results can be greatly improved if the target(s) are properly hardened. 
D. The deficiencies identified can be corrected immediately  


Question # 57

Who should perform the design review to uncover security design flaws as part of the Software Development Life Cycle (SDLC)?

A. The business owner  
B. security subject matter expert (SME)  
C. The application owner  
D. A developer subject matter expert (SME)


Question # 58

An organization is trying to secure instant messaging (IM) communications through its network perimeter. Which of the following is the MOST significant challenge?

A. IM clients can interoperate between multiple vendors.  
B. IM clients can run without administrator privileges.  
C. IM clients can utilize random port numbers.  
D. IM clients can run as executables that do not require installation.  


Question # 59

When designing a Cyber-Physical System (CPS), which of the following should be a security practitioner's first consideration?

A. Detection of sophisticated attackers  
B. Resiliency of the system  
C. Topology of the network used for the system  
D. Risk assessment of the system


Question # 60

Which of the following is fundamentally required to address potential security issues when initiating software development?

A. Implement ongoing security audits in all environments.  
B. Ensure isolation of development from production.  
C. Add information security objectives into development.  
D. Conduct independent source code review.


Question # 61

A project manager for a large software firm has acquired a government contract that generates large amounts of Controlled Unclassified Information (CUI). The organization's information security manager has received a request to transfer project-related CUI between systems of differing security classifications. What role provides the authoritative guidance for this transfer?

A. Information owner  
B. PM  
C. Data Custodian  
D. Mission/Business Owner  


Question # 62

What is the MOST appropriate hierarchy of documents when implementing a security program? 

A. Organization principle, policy, standard, guideline  
B. Policy, organization principle, standard, guideline  
C. Standard, policy, organization principle, guideline  
D. Organization principle, guideline, policy, standard  


Question # 63

employee training, risk management, and data handling procedures and policies could be characterized as which type of security measure?

A. Non-essential  
B. Management  
C. Preventative  
D. Administrative  


Question # 64

A network security engineer needs to ensure that a security solution analyzes traffic for protocol manipulation and various sorts of common attacks. In addition, all Uniform Resource Locator (URL) traffic must be inspected and users prevented from browsing inappropriate websites. Which of the following solutions should be implemented to enable administrators the capability to analyze traffic, blacklist external sites, and log user traffic for later analysis?

A. Intrusion detection system (IDS)  
B. Circuit-Level Proxy  
C. Application-Level Proxy  
D. Host-based Firewall  


Question # 65

An organization with divisions in the United States (US) and the United Kingdom (UK) processes data comprised of personal information belonging to subjects living in the European Union (EU) and in the US. Which data MUST be handled according to the privacy protections of General Data Protection Regulation (GDPR)?

A. Only the EU citizens’ data  
B. Only the EU residents' data  
C. Only the UK citizens’ data  
D. Only data processed in the UK


Question # 66

A company wants to store data related to users on an offsite server. What method can be deployed to protect the privacy of the user’s information while maintaining the field-level configuration of the database?

A. {Encryption  
B. Encoding  
C. Tokenization  
D. Hashing  


Question # 67

Which of the following determines how traffic should flow based on the status of the infrastructure layer?

A. Traffic plane  
B. Application plane  
C. Data plane  
D. Control plane  


Question # 68

Which of the following is security control volatility? 

A. A reference to the stability of the security control.  
B. A reference to how unpredictable the security control is.  
C. A reference to the impact of the security control.  
D. A reference to the likelihood of change in the security control.  


Question # 69

An organization has implemented a password complexity and an account lockout policy enforcing five incorrect logins tries within ten minutes. Network users have reported significantly increased account lockouts. Which of the following security principles is this company affecting?

A. Availability  
B. Integrity  
C. Confidentiality  
D. Authentication  


Question # 70

An organization implements Network Access Control (NAC) ay Institute of Electrical and Electronics Engineers (IEEE) 802.1x and discovers the printers do not support the IEEE 802.1x standard. Which of the following is the BEST resolution?

A. Implement port security on the switch ports for the printers.  
B. Implement a virtual local area network (VLAN) for the printers.  
C. Do nothing; IEEE 802.1x is irrelevant to printers.  
D. Install an IEEE 802. 1x bridge for the printers.  


Question # 71

An information security professional is reviewing user access controls on a customer-facing application. The application must have multi-factor authentication (MFA) in place. The application currently requires a username and password to log in. Which of the following options would BEST implement MFA?

A. Geolocate the user and compare to previous logins  
B. Require a pre-selected number as part of the login  
C. Have the user answer a secret question that is known to them  
D. Enter an automatically generated number from a hardware token  


Question # 72

Which of the following is a limitation of the Bell-LaPadula model? 

A. Segregation of duties (SoD) is difficult to implement as the "no read-up" rule limits the ability of an object to access information with a higher classification. 
B. Mandatory access control (MAC) is enforced at all levels making discretionary access control (DAC) impossible to implement. 
C. It contains no provision or policy for changing data access control and works well only with access systems that are static in nature. 
D. It prioritizes integrity over confidentiality which can lead to inadvertent information disclosure. 


Question # 73

What is the benefit of using Network Admission Control (NAC)? 

A. Operating system (OS) versions can be validated prior to allowing network access.  
B. NAC supports validation of the endpoint's security posture prior to allowing the session to go into an authorized state. 
C. NAC can require the use of certificates, passwords, or a combination of both before allowing network admission. 
D. NAC only supports Windows operating systems (OS).  


Question # 74

Which combination of cryptographic algorithms are compliant with Federal Information Processing Standard (FIPS) Publication 140-2 for non-legacy systems?

A. Diffie-hellman (DH) key exchange: DH (>=2048 bits) Symmetric Key: Advanced Encryption Standard (AES) > 128 bits Digital Signature: Rivest-Shamir-Adleman (RSA) (1024 bits)
B. Diffie-hellman (DH) key exchange: DH (>=2048 bits) Symmetric Key: Advanced Encryption Standard (AES) > 128 bits Digital Signature: Digital Signature Algorithm (DSA) (>=2048 bits)
C. Diffie-hellman (DH) key exchange: DH (<= 1024 bits) Symmetric Key: Blowfish Digital Signature: Rivest-Shamir-Adleman (RSA) (>=2048 bits)
D. Diffie-hellman (DH) key exchange: DH (>=2048 bits) Symmetric Key: Advanced Encryption Standard (AES) < 128 bits Digital Signature: Elliptic Curve Digital Signature Algorithm (ECDSA) (>=256 bits)


Question # 75

When designing a Cyber-Physical System (CPS), which of the following should be a security practitioner’s first consideration?

A. Resiliency of the system  
B. Detection of sophisticated attackers  
C. Risk assessment of the system  
D. Topology of the network used for the system  


Question # 76

Which of the following vulnerability assessment activities BEST exemplifies the Examine method of assessment?

A. Ensuring that system audit logs capture all relevant data fields required by the security controls baseline 
B. Performing Port Scans of selected network hosts to enumerate active services  
C. Asking the Information System Security Officer (ISSO) to describe the organization’s patch management processes 
D. Logging into a web server using the default administrator account and a default password 


Question # 77

Building blocks for software-defined networks (SDN) require which of the following? 

A. The SDN is mostly composed of virtual machines (VM).  
B. The SDN is composed entirely of client-server pairs.  
C. Virtual memory is used in preference to random-access memory (RAM).  
D. Random-access memory (RAM) is used in preference to virtual memory.  


Question # 78

Which of the following BEST describes why software assurance is critical in helping prevent an increase in business and mission risk for an organization? 

A. Software that does not perform as intended may be exploitable which makes it vulnerable to attack.
B. Request for proposals (RFP) avoid purchasing software that does not meet business needs. 
C. Contracting processes eliminate liability for security vulnerabilities for the purchaser.  
D. Decommissioning of old software reduces long-term costs related to technical debt.  


Question # 79

What is the FIRST step for an organization to take before allowing personnel to access social media from a corporate device or user account?

A. Publish a social media guidelines document.  
B. Publish an acceptable usage policy.  
C. Document a procedure for accessing social media sites.  
D. Deliver security awareness training.  


Question # 80

All hosts on the network are sending logs via syslog-ng to the log collector. The log collector is behind its own firewall, The security professional wants to make sure not to put extra load on the firewall due to the amount of traffic that is passing through it. Which of the following types of filtering would MOST likely be used?

A. Uniform Resource Locator (URL) Filtering  
B. Web Traffic Filtering  
C. Dynamic Packet Filtering  
D. Static Packet Filtering  


Question # 81

When designing a business continuity plan (BCP), what is the formula to determine the Maximum Tolerable Downtime (MTD)?

A. Annual Loss Expectancy (ALE) + Work Recovery Time (WRT)  
B. Business impact analysis (BIA) + Recovery Point Objective (RPO)  
C. Recovery Time Objective (RTO) + Work Recovery Time (WRT)  
D. Estimated Maximum Loss (EML) + Recovery Time Objective (RTO)  


Question # 82

Which of the following will an organization's network vulnerability testing process BEST enhance?

A. Firewall log review processes  
B. Asset management procedures  
C. Server hardening processes  
D. Code review procedures  


Question # 83

What are the three key benefits that application developers should derive from the northbound application programming interface (API) of software-defined networking (SDN)?

A. Familiar syntax, abstraction of network topology, and definition of network protocols  
B. Network syntax, abstraction of network flow, and abstraction of network protocols  
C. Network syntax, abstraction of network commands, and abstraction of network protocols  
D. Familiar syntax, abstraction of network topology, and abstraction of network protocols  


Question # 84

An organization wants to share data securely with their partners via the Internet. Which standard port is typically used to meet this requirement?

A. Setup a server on User Datagram Protocol (UDP) port 69  
B. Setup a server on Transmission Control Protocol (TCP) port 21  
C. Setup a server on Transmission Control Protocol (TCP) port 22  
D. Setup a server on Transmission Control Protocol (TCP) port 80  


Question # 85

A criminal organization is planning an attack on a government network. Which of the following scenarios presents the HIGHEST risk to the organization?

A. Network is flooded with communication traffic by the attacker.  
B. Organization loses control of their network devices.  
C. Network management communications is disrupted.  
D. Attacker accesses sensitive information regarding the network topology.  


Question # 86

Which media sanitization methods should be used for data with a high security categorization?

A. Clear or destroy  
B. Clear or purge  
C. Destroy or delete  
D. Purge or destroy  


Question # 87

What is the PRIMARY benefit of relying on Security Content Automation Protocol (SCAP)? 

A. Save security costs for the organization.  
B. Improve vulnerability assessment capabilities.  
C. Standardize specifications between software security products.  
D. Achieve organizational compliance with international standards.  


Question # 88

Of the following, which BEST provides non- repudiation with regards to access to a server room?

A. Fob and Personal Identification Number (PIN)  
B. Locked and secured cages  
C. Biometric readers  
D. Proximity readers  


Question # 89

Which of the fallowing statements is MOST accurate regarding information assets? 

A. International Organization for Standardization (ISO) 27001 compliance specifies which information assets must be included in asset inventory.
B. S3 Information assets include any information that is valuable to the organization,  
C. Building an information assets register is a resource-intensive job.  
D. Information assets inventory is not required for risk assessment.  


Question # 90

Which of the following security tools will ensure authorized data is sent to the application when implementing a cloud based application?

A. Host-based intrusion prevention system (HIPS)  
B. Access control list (ACL)  
C. File integrity monitoring (FIM)  
D. Data loss prevention (DLP)


Question # 91

Which of the following would be the BEST mitigation practice for man-in-the-middle (MITM) Voice over Internet Protocol (VoIP) attacks?

A. Use Media Gateway Control Protocol (MGCP)  
B. Use Transport Layer Security (TLS) protocol
C. Use File Transfer Protocol (FTP)  
D. Use Secure Shell (SSH) protocol


Question # 92

Write Once, Read Many (WORM) data storage devices are designed to BEST support which of the following core security concepts?

A. lntegrity  
B. Scalability  
C. Availability  
D. Confidentiality  


Question # 93

Which of the following types of web-based attack is happening when an attacker is able to send a well-crafted, malicious request to an authenticated user without the user realizing it?

A. ross-Site Scripting (XSS)  
B. Cross-Site request forgery (CSRF)  
C. Cross injection  
D. Broken Authentication And Session Management  


Question # 94

Which of the following is the PRIMARY type of cryptography required to support nonrepudiation of a digitally signed document?

A. Message digest (MD)  
B. Asymmetric  
C. Symmetric  
D. Hashing  


Question # 95

Which of the following is the MOST important first step in preparing for a security audit? 

A. Identify team members.  
B. Define the scope.  
C. Notify system administrators.  
D. Collect evidence.  


Question # 96

In which of the following scenarios is locking server cabinets and limiting access to keys preferable to locking the server room to prevent unauthorized access?

A. Server cabinets are located in an unshared workspace.  
B. Server cabinets are located in an isolated server farm.  
C. Server hardware is located in a remote area.  
D. Server cabinets share workspace with multiple projects.  


Question # 97

Information Security Continuous Monitoring (1SCM) is defined as maintaining ongoing awareness of information security, vulnerabilities, and threats to support organizational risk management decisions. Which of the following is the FIRST step in developing an ISCM strategy and implementing an ISCM program?

A. Define a strategy based on risk tolerance that maintains clear visibility into assets, awareness of vulnerabilities, up-to-date threat information, and mission/business impacts.
B. Conduct a vulnerability assessment to discover current threats against the environment and incorporate them into the program.
C. Respond to findings with technical management, and operational mitigating activities or acceptance, transference/sharing, or avoidance/rejection. 
D. Analyze the data collected and report findings, determining the appropriate response. It may be necessary to collect additional information to clarify or supplement existing monitoring data. 


Question # 98

The Rivest-Shamir-Adleman (RSA) algorithm is BEST suited for which of the following operations?

A. Bulk data encryption and decryption  
B. One-way secure hashing for user and message authentication  
C. Secure key exchange for symmetric cryptography  
D. Creating digital checksums for message integrity  


Question # 99

Which security feature fully encrypts code and data as it passes to the servers and only decrypts below the hypervisor layer?

A. File-system level encryption  
B. Transport Layer Security (TLS)  
C. Key management service  
D. Trusted execution environments


Question # 100

Which of the following BEST describes the use of network architecture in reducing corporate risks associated with mobile devices?

A. Maintaining a "closed applications model on all mobile devices depends on demilitarized 2one (DM2) servers 
B. Split tunneling enabled for mobile devices improves demilitarized zone (DMZ) security posture
C. Segmentation and demilitarized zone (DMZ) monitoring are implemented to secure a virtual private network (VPN) access for mobile devices
D. Applications that manage mobile devices are located in an Internet demilitarized zone (DMZ) 


Question # 101

Which section of the assessment report addresses separate vulnerabilities, weaknesses, and gaps? 

A. Key findings section  
B. Executive summary with full details  
C. Risk review section  
D. Findings definition section


Question # 102

What is the BEST method to use for assessing the security impact of acquired software? 

A. Common vulnerability review  
B. Software security compliance validation
C. Threat modeling  
D. Vendor assessment  


Question # 103

What is the correct order of execution for security architecture? 

A. Governance, strategy and program management, project delivery, operations  
B. Strategy and program management, governance, project delivery, operations  
C. Governance, strategy and program management, operations, project delivery  
D. Strategy and program management, project delivery, governance, operations  


Question # 104

A cloud service accepts Security Assertion Markup Language (SAML) assertions from users to on and security However, an attacker was able to spoof a registered account on the network and query the SAML provider. What is the MOST common attack leverage against this flaw? 

A. Attacker forges requests to authenticate as a different user.  
B. Attacker leverages SAML assertion to register an account on the security domain.  
C. Attacker conducts denial-of-service (DoS) against the security domain by authenticating as the same user repeatedly.
D. Attacker exchanges authentication and authorization data between security domains.  


Question # 105

Network Access Control (NAC) capability BEST meets this objective? 

A. Application firewall  
B. Port security  
C. Strong passwords  
D. Two-factor authentication (2FA)


Question # 106

Which of the following is performed to determine a measure of success of a security awareness training program designed to prevent social engineering attacks?

A. Employee evaluation of the training program  
B. Internal assessment of the training program's effectiveness  
C. Multiple choice tests to participants  
D. Management control of reviews


Question # 107

Two computers, each with a single connection on the same physical 10 gigabit Ethernet network segment, need to communicate with each other. The first machine has a single Internet Protocol (IP) Classless Inter-Domain Routing (CIDR) address of 192.168.1.3/30 and the second machine has an IP/CIDR address 192.168.1.6/30. Which of the following is correct?

A. Since each computer is on a different layer 3 networks, traffic between the computers must be processed by a network bridge in order to communicate. 
B. Since each computer is on the same layer 3 networks, traffic between the computers may be processed by a network bridge in order to communicate. 
C. Since each computer is on the same layer 3 networks, traffic between the computers may be processed by a network router in order to communicate. 
D. Since each computer is on a different layer 3 networks, traffic between the computers must be processed by a network router in order to communicate. 


Question # 108

The customer continues to experience attacks on their email, web, and File Transfer Protocol (FTP) servers. These attacks are impacting their business operations. Which of the following is the BEST recommendation to make?

A. Configure an intrusion detection system (IDS).  
B. Create a demilitarized zone (DMZ).  
C. Deploy a bastion host.  
D. Setup a network firewall.  


Question # 109

When testing password strength, which of the following is the BEST method for brute forcing passwords?

A. Conduct an offline attack on the hashed password information.  
B. Conduct an online password attack until the account being used is locked.  
C. Use a comprehensive list of words to attempt to guess the password.  
D. Use social engineering methods to attempt to obtain the password.  


Question # 110

A hospital’s building controls system monitors and operates the environmental equipment to maintain a safe and comfortable environment. Which of the following could be used to minimize the risk of utility supply interruption?

A. Digital devices that can turn equipment off and continuously cycle rapidly in order to increase supplies and conceal activity on the hospital network 
B. Standardized building controls system software with high connectivity to hospital networks 
C. Lock out maintenance personnel from the building controls system access that can impact critical utility supplies
D. Digital protection and control devices capable of minimizing the adverse impact to critical utility 


Question # 111

During an internal audit of an organizational Information Security Management System (ISMS), nonconformities are identified. In which of the following management stages are nonconformities reviewed, assessed and/or corrected by the organization?

A. Planning  
B. Operation  
C. Assessment  
D. Improvement  


Question # 112

Which of the following is established to collect information Se eee ee ee nation readily available in part through implemented security controls?

A. Security Assessment Report (SAR)  
B. Organizational risk tolerance  
C. Information Security Continuous Monitoring (ISCM)  
D. Risk assessment report  


Question # 113

Two remote offices need to be connected securely over an untrustworthy MAN. Each office needs to access network shares at the other site. Which of the following will BEST provide this functionality?

A. Client-to-site VPN  
B. Third-party VPN service  
C. Site-to-site VPN  
D. Split-tunnel VPN  


Question # 114

An organization has discovered that organizational data is posted by employees to data storage accessible to the general public. What is the PRIMARY step an organization must take to ensure data is properly protected from public release? 

A. Implement a data classification policy.
B. Implement a data encryption policy.  
C. Implement a user training policy.  
D. Implement a user reporting policy.  


Question # 115

Which of the following is the FIRST step during digital identity provisioning? 

A. Authorizing the entity for resource access  
B. Synchronizing directories  
C. Issuing an initial random password  
D. Creating the entity record with the correct attributes  


Question # 116

Which of the following is the BEST way to protect an organization's data assets? 

A. Monitor and enforce adherence to security policies.  
B. Encrypt data in transit and at rest using up-to-date cryptographic algorithms.  
C. Create the Demilitarized Zone (DMZ) with proxies, firewalls, and hardened bastion hosts.  
D. Require Multi-Factor Authentication (MFA) and Separation of Duties (SoD).  


Question # 117

What is the FINAL step in the waterfall method for contingency planning? 

A. Maintenance  
B. Testing  
C. Implementation  
D. Training  


Question # 118

Which of the following is an open standard for exchanging authentication and authorization data between parties?

A. Wired markup language  
B. Hypertext Markup Language (HTML)  
C. Extensible Markup Language (XML)  
D. Security Assertion Markup Language (SAML)


Question # 119

Which of the following is the BEST method to identify security controls that should be implemented for a web-based application while in development?

A. Application threat modeling  
B. Secure software development.  
C. Agile software development  
D. Penetration testing  


Question # 120

Which of the following BEST describes the purpose of Border Gateway Protocol (BGP)? 

A. Maintain a list of network paths between internet routers.  
B. Provide Routing Information Protocol (RIP) version 2 advertisements to neighboring layer 3 devices. 
C. Provide firewall services to cloud-enabled applications.  
D. Maintain a list of efficient network paths between autonomous systems.  


Question # 121

Configuring a Wireless Access Point (WAP) with the same Service Set Identifier (SSID) as another WAP in order to have users unknowingly connect is referred to as which of the following?

A. Jamming  
B. Man-right-Middle (MITM)  
C. War driving  
D. Internet Protocol (IP) spoofing


Question # 122

A company hired an external vendor to perform a penetration test ofa new payroll system. The company’s internal test team had already performed an in-depth application and security test of the system and determined that it met security requirements. However, the external vendor uncovered significant security weaknesses where sensitive personal data was being sent unencrypted to the tax processing systems. What is the MOST likely cause of the security issues?

A. Failure to perform interface testing  
B. Failure to perform negative testing  
C. Inadequate performance testing  
D. Inadequate application level testing  


Question # 123

What BEST describes the confidentiality, integrity, availability triad? 

A. A tool used to assist in understanding how to protect the organization's data  
B. The three-step approach to determine the risk level of an organization  
C. The implementation of security systems to protect the organization's data  
D. A vulnerability assessment to see how well the organization's data is protected  


Question # 124

Which of the following minimizes damage to information technology (IT) equipment stored in a data center when a false fire alarm event occurs?

A. A pre-action system is installed.  
B. An open system is installed.  
C. A dry system is installed.  
D. A wet system is installed.


Question # 125

Which of the following BEST ensures the integrity of transactions to intended recipients? 

A. Public key infrastructure (PKI)  
B. Blockchain technology  
C. Pre-shared key (PSK)  
D. Web of trust  


Question # 126

An organization has determined that its previous waterfall approach to software development is not keeping pace with business demands. To adapt to the rapid changes required for product delivery, the organization has decided to move towards an Agile software development and release cycle. In order to ensure the success of the Agile methodology, who is MOST critical in creating acceptance tests or acceptance criteria for each release?

A. Project managers  
B. Software developers  
C. Independent testers  
D. Business customers  


Question # 127

What documentation is produced FIRST when performing an effective physical loss control process?

A. Deterrent controls list  
B. Security standards list  
C. inventory list  
D. Asset valuation list  


Question # 128

A security professional should ensure that clients support which secondary algorithm for digital signatures when a Secure Multipurpose Internet Mail Extension (S/MIME) is used?

A. Triple Data Encryption Standard (3DES)
B. Advanced Encryption Standard (AES)  
C. Digital Signature Algorithm (DSA)  
D. Rivest-Shamir-Adieman (RSA)


Question # 129

Which of the (ISC)? Code of Ethics canons is MOST reflected when preserving the value of systems, applications, and entrusted information while avoiding conflicts of interest?

A. Act honorably, honestly, justly, responsibly, and legally.  
B. Protect society, the commonwealth, and the infrastructure.  
C. Provide diligent and competent service to principles.  
D. Advance and protect the profession.  


Question # 130

An organization is implementing data encryption using symmetric ciphers and the Chief Information Officer (CIO) is concerned about the risk of using one key to protect all sensitive data, The security practitioner has been tasked with recommending a solution to address the CIO's concerns, Which of the following is the BEST approach to achieving the objective by encrypting all sensitive data? 

A. Use a Secure Hash Algorithm 256 (SHA-256).  
B. Use a hierarchy of encryption keys.  
C. Use Hash Message Authentication Code (HMAC) keys.  
D. Use Rivest-Shamir-Adleman (RSA) keys.  


Question # 131

Which of the following are the three MAIN categories of security controls? 

A. Administrative, technical, physical  
B. Corrective, detective, recovery  
C. Confidentiality, integrity, availability
D. Preventative, corrective, detective  


Question # 132

Which of the following is the FIRST requirement a data owner should consider before implementing a data retention policy?

A. Training  
B. Legal  
C. Business  
D. Storage  


Question # 133

Compared to a traditional network, which of the following is a security-related benefit that software-defined networking (SDN) provides?

A. Centralized network provisioning  
B. Centralized network administrator control
C. Reduced network latency when scaled  
D. Reduced hardware footprint and cost  


Question # 134

A software developer installs a game on their organization-provided smartphone. Upon installing the game, the software developer is prompted to allow the game access to call logs, Short Message Service (SMS) messaging, and Global Positioning System (GPS) location data. What has the game MOST likely introduced to the smartphone?

A. Alerting  
B. Vulnerability  
C. Geo-fencing  
D. Monitoring  


Question # 135

In Federated Identity Management (FIM), which of the following represents the concept of federation?

A. Collection of information logically grouped into a single entity  
B. Collection, maintenance, and deactivation of user objects and attributes in one or more systems, directories or applications
C. Collection of information for common identities in a system  
D. Collection of domains that have established trust among themselves  


Question # 136

What is the second phase of public key infrastructure (PKI) key/certificate life-cycle management? 

A. Implementation Phase  
B. Cancellation Phase  
C. Initialization Phase  
D. Issued Phase  


Question # 137

A security professional has been requested by the Board of Directors and Chief Information Security Officer (CISO) to perform an internal and external penetration test. What is the BEST course of action?

A. Review data localization requirements and regulations.  
B. Review corporate security policies and procedures,  
C. With notice to the Configuring a Wireless Access Point (WAP) with the same Service Set Identifier external test.  
D. With notice to the organization, perform an external penetration test first, then an internal test.  


Question # 138

Which of the following is an important design feature for the outer door o f a mantrap? 

A. Allow it to be opened by an alarmed emergency button.  
B. Do not allow anyone to enter it alone.  
C. Do not allow it to be observed by dosed-circuit television (CCTV) cameras.  
D. Allow it be opened when the inner door of the mantrap is also open  


Question # 139

The security architect has been mandated to assess the security of various brands of mobile devices. At what phase of the product lifecycle would this be MOST likely to occur?

A. Disposal  
B. Implementation  
C. Development  
D. Operations and maintenance  


Question # 140

How is Remote Authentication Dial-In User Service (RADIUS) authentication accomplished?

A. It uses clear text and firewall rules.
B. It relies on Virtual Private Networks (VPN).  
C. It uses clear text and shared secret keys.  
D. It relies on asymmetric encryption keys.


Question # 141

The security architect is designing and implementing an internal certification authority to generate digital certificates for all employees. Which of the following is the BEST solution to securely store the private keys?

A. Physically secured storage device  
B. Encrypted flash drive  
C. Public key infrastructure (PKI)  
D. Trusted Platform Module (TPM)


Question # 142

Which type of access control includes a system that allows only users that are type=managers and department=sales to access employee records? 

A. Discretionary access control (DAC)  
B. Mandatory access control (MAC)  
C. Role-based access control (RBAC)  
D. Attribute-based access control (ABAC)  


Question # 143

Which of the following is the PRIMARY goal of logical access controls? 

A. Restrict access to an information asset.  
B. Ensure integrity of an information asset.
C. Restrict physical access to an information asset.  
D. Ensure availability of an information asset.  


Question # 144

A security professional was tasked with rebuilding a company's wireless infrastructure.Which of the following are the MOST important factors to consider while making a decision on which wireless spectrum to deploy? 

A. Hybrid frequency band, service set identifier (SSID), and interpolation
B. Performance, geographic location, and radio signal interference
C. Facility size, intermodulation, and direct satellite service
D. Existing client devices, manufacturer reputation, and electrical interference


Question # 145

In an IDEAL encryption system, who has sole access to the decryption key? 

A. System owner
B. Data owner
C. Data custodian
D. System administrator


Question # 146

Which of the following criteria ensures information is protected relative to its importance to the organization?

A. The value of the data to the organization's senior management  
B. Legal requirements, value, criticality, and sensitivity to unauthorized disclosure or modification 
C. Legal requirements determined by the organization headquarters' location  
D. Organizational stakeholders, with classification approved by the management board  


Question # 147

Which of the following Disaster recovery (DR) testing processes is LEAST likely to disrupt normal business operations?

A. Parallel
B. Simulation
C. Table-top
D. Cut-over


Question # 148

Before allowing a web application into the production environment, the security practitioner performs multiple types of tests to confirm that the web application performs as expected. To test the username field, the security practitioner creates a test that enters more characters into the field than is allowed. Which of the following BEST describes the type of test performed? 

A. Misuse case testing  
B. Penetration testing  
C. Web session testing  
D. Interface testing  


Question # 149

The Chief Information Officer (CIO) has decided that as part of business modernizationefforts the organization will move towards a cloud architecture. All business-critical data willbe migrated to either internal or external cloud services within the next two years. The CIOhas a PRIMARY obligation to work with personnel in which role inorder to ensure proper protection of data during and after the cloud migration?

A. Information owner
B. General Counsel
C. Chief Information Security Officer (CISO)
D. Chief Security Officer (CSO)


Question # 150

If an employee transfers from one role to another, which of the following actions should this trigger within the identity and access management (IAM) lifecycle?

A. New account creation  
B. User access review and adjustment  
C. Deprovisioning  
D. System account access review and adjustment  


Question # 151

Which of the following outsourcing agreement provisions has the HIGHEST priority from a security operations perspective? 

A. Conditions to prevent the use of subcontractors
B. Terms for contract renegotiation in case of disaster
C. Escalation process for problem resolution during incidents
D. Root cause analysis for application performance issue


Question # 152

Which of the following measures serves as the BEST means for protecting data on computers, smartphones, and external storage devices when traveling to high-risk countries? 

A. Review applicable destination country laws, forensically clean devices prior to travel,and only download sensitive data over a virtual private network (VPN) upon arriving at thedestination.
B. Keep laptops, external storage devices, and smartphones in the hotel room when not inuse.
C. Leverage a Secure Socket Layer (SSL) connection over a virtual private network (VPN)to download sensitive data upon arriving at the destination.
D. Use multi-factor authentication (MFA) to gain access to data stored on laptops orexternal storage devices and biometric fingerprint access control isms to unlocksmartphones.


Question # 153

Which of the following is the GREATEST risk of relying only on Capability Maturity Models Which of the following is the GREATEST risk of relying only on Capability Maturity Models

A. Organizations can only reach a maturity level 3 when using CMMs  
B. CMMs do not explicitly address safety and security  
C. CMMs can only be used for software developed in-house  
D. CMMs are vendor-specific and may be biased  


Question # 154

How is it possible to extract private keys securely stored on a cryptographic smartcard? 

A. Bluebugging  
B. Focused ion-beam
C. Bluejacking
D. Power analysis


Question # 155

When network management is outsourced to third parties, which of the following is the MOST effective method of protecting critical data assets?

A. Provide links to security policies  
B. Log all activities associated with sensitive systems  
C. Employ strong access controls  
D. Confirm that confidentiality agreements are signed  


Question # 156

When determining data and information asset handling, regardless of the specific toolset being used, which of the following is one of the common components of big data?

A. Consolidated data collection  
B. Distributed storage locations  
C. Distributed data collection  
D. Centralized processing location


Question # 157

A Certified Information Systems Security Professional (CISSP) with identity and accessmanagement (IAM) responsibilities is asked by the Chief Information Security Officer(CISO) to4 perform a vulnerability assessment on a web application to pass a PaymentCard Industry (PCI) audit. The CISSP has never performed this before. According to the(ISC)? Code of Professional Ethics, which of the following should the CISSP do?

A. Review the CISSP guidelines for performing a vulnerability assessment beforeproceeding to complete it
B. Review the PCI requirements before performing the vulnerability assessment
C. Inform the CISO that they are unable to perform the task because they should renderonly those services for which they are fully competent and qualified
D. Since they are CISSP certified, they have enough knowledge to assist with the request,but will need assistance in order to complete it in a timely manner


Question # 158

Which part of an operating system (OS) is responsible for providing security interfaces among the hardware, OS, and other parts of the computing system?

A. Trusted Computing Base (TCB)  
B. Time separation  
C. Security kernel  
D. Reference monitor  


Question # 159

Which of the following encryption technologies has the ability to function as a stream cipher?

A. Cipher Feedback (CFB)
B. Feistel cipher
C. Cipher Block Chaining (CBC) with error propagation
D. Electronic Code Book (ECB)


Question # 160

An organization's retail website provides its only source of revenue, so the disaster recovery plan (DRP) must document an estimated time for each step in the plan. Which of the following steps in the DRP will list the GREATEST duration of time for the service to be fully operational?

A. Update the Network Address Translation (NAT) table.  
B. Update Domain Name System (DNS) server addresses with domain registrar.  
C. Update the Border Gateway Protocol (BGP) autonomous system number.  
D. Update the web server network adapter configuration.  


Question # 161

Which of the following is the FIRST step for defining Service Level Requirements (SLR)? 

A. Creating a prototype to confirm or refine the customer requirements
B. Drafting requirements for the service level agreement (SLA)
C. Discussing technology and solution requirements with the customer
D. Capturing and documenting the requirements of the customer


Question # 162

When assessing web vulnerabilities, how can navigating the dark web add value to a penetration test?

A. The actual origin and tools used for the test can be hidden.  
B. Information may be found on related breaches and hacking.  
C. Vulnerabilities can be tested without impact on the tested environment.  
D. Information may be found on hidden vendor patches.  


Question # 163

Which one of the following BEST protects vendor accounts that are used for emergency maintenance? 

A. Encryption of routing tables
B. Vendor access should be disabled until needed
C. Role-based access control (RBAC)
D. Frequent monitoring of vendor access


Question # 164

Which of the following techniques evaluates the secure Bet principles of network or software architectures?

A. Threat modeling  
B. Risk modeling  
C. Waterfall method  
D. Fuzzing  


Question # 165

At what stage of the Software Development Life Cycle (SDLC) does software vulnerability remediation MOST likely cost the least to implement? 

A. Development
B. Testing
C. Deployme
D. Design


Question # 166

Which of the following addresses requirements of security assessments during software acquisition?

A. Software configuration management (SCM)
B. Data loss prevention (DLP) policy  
C. Continuous monitoring  
D. Software assurance policy  


Question # 167

International bodies established a regulatory scheme that defines how weapons are exchanged between the signatories. It also addresses cyber weapons, including malicious software, Command and Control (C2) software, and internet surveillance software. This is a description of which of the following?

A. General Data Protection Regulation (GDPR)
B. Palermo convention
C. Wassenaar arrangement
D. International Traffic in Arms Regulations (ITAR)


Question # 168

An information security administrator wishes to block peer-to-peer (P2P) traffic over Hypertext Transfer Protocol (HTTP) tunnels. Which of the following layers of the Open Systems Interconnection (OSI) model requires inspection?

A. Presentation  
B. Transport  
C. Session  
D. Application  


Question # 169

Which of the following is the MOST effective measure for dealing with rootkit attacks? 

A. Turing off unauthorized services and rebooting the system
B. Finding and replacing the altered binaries with legitimate ones
C. Restoring the system from the last backup
D. Reinstalling the system from trusted sources


Question # 170

An authentication system that uses challenge and response was recently implemented onan organization's network, because the organization conducted an annual penetration testshowing that testers were able to move laterally using authenticated credentials. Whichattack method was MOST likely used to achieve this?

A. Cross-Site Scripting (XSS)
B. Pass the ticket
C. Brute force
D. Hash collision


Question # 171

The European Union (EU) General Data Protection Regulation (GDPR) requires organizations to implement appropriate technical and organizational measures to ensure a level of security appropriate to the risk. The Data Owner should therefore consider which of the following requirements?

A. Data masking and encryption of personal data  
B. Only to use encryption protocols approved by EU  
C. Anonymization of personal data when transmitted to sources outside the EU  
D. Never to store personal data of EU citizens outside the EU  


Question # 172

Why is it important that senior management clearly communicates the formal Maximum Tolerable Downtime (MTD) decision? 

A. To provide each manager with precise direction on selecting an appropriate recovery alternative 
B. To demonstrate to the regulatory bodies that the company takes business continuityseriously
C. To demonstrate to the board of directors that senior management is committed tocontinuity recovery efforts
D. To provide a formal declaration from senior management as required by internal audit todemonstrate sound business practices


Question # 173

Within a large organization, what business unit is BEST positioned to initiate provisioning and deprovisioning of user accounts?

A. Training department  
B. Internal audit  
C. Human resources  
D. Information technology (IT)


Question # 174

Which of the following is a key responsibility for a data steward assigned to manage an enterprise data lake?

A. Ensure proper business definition, value, and usage of data collected and stored withinthe enterprise data lake.
B. Ensure proper and identifiable data owners for each data element stored within anenterprise data lake.
C. Ensure adequate security controls applied to the enterprise data lake.
D. Ensure that any data passing within remit is being used in accordance with the rules andregulations of the business.


Question # 175

Which of the following is the BEST way to determine the success of a patch management process?

A. Analysis and impact assessment
B. Auditing and assessment
C. Configuration management (CM)
D. Change management


Question # 176

An organization contracts with a consultant to perform a System Organization Control (SOC) 2 audit on their internal security controls. An auditor documents a finding related to an Application Programming Interface (API) performing an action that is not aligned with the scope or objective of the system. Which trust service principle would be MOST applicable in this situation?

A. Processing Integrity  
B. Availability  
C. Confidentiality  
D. Security  


Question # 177

Which of the following goals represents a modern shift in risk management according to National Institute of Standards and Technology (NIST)?

A. Focus on operating environments that are changing, evolving, and full of emerging threats. 
B. Secure information technology (IT) systems that store, process, or transmit organizational information. 
C. Enable management to make well-informed risk-based decisions justifying security expenditure. 
D. Provide an improved mission accomplishment approach.  


Question # 178

A user is allowed to access the file labeled “Financial Forecast,” but only between 9:00 a.m. and 5:00 p.m., Monday through Friday. Which type of access mechanism should be used to accomplish this?

A. Minimum access control 
B. Rule-based access control 
C. Limited role-based access control (RBAC)
D. Access control list (ACL)


Testimonials

Best exam material available at Dumps4download. Tried and tested me. Achieved 85% marks in the CISSP exam. Good work team Dumps4download.

Robert

I highly recommend the Dumps4download pdf dumps with practicing exam more. I learned in no time (only 5 days). Scored 90% marks in the ISC2 CISSP exam.

ZUgEGkjPBj

I was clueless about the CISSP exam. The Dumps4download exam guide aided me in passing my exam. I scored 88% marks.

Sameh

Thank you team Dumps4download for the amazing exam preparatory pdf dumps. Prepared me so well and I was able to get 87% marks in the ISC2 CISSP exam.

Lehlohonolo

I got 91% marks in CISSP exam. I cannot express my feelings; it was a dream for me to get this certification. Thanks, Dumps4download.com for fulling it, you guys rock.

FRANC ROMARIC