• Home
• ISC2
• CISSP : Certified Information Systems Security Professional (CISSP)

100% Guarantee CISSP study guides Reviews & Tips

---

Q1. Which of the following statements is TRUE for point-to-point microwave transmissions? 

A. They are not subject to interception due to encryption. 

B. Interception only depends on signal strength. 

C. They are too highly multiplexed for meaningful interception. 

D. They are subject to interception by an antenna within proximity. 

Answer: D 

Q2. The BEST method to mitigate the risk of a dictionary attack on a system is to 

A. use a hardware token. 

B. use complex passphrases. 

C. implement password history. 

D. encrypt the access control list (ACL). 

Answer: A 

Q3. What do Capability Maturity Models (CMM) serve as a benchmark for in an organization? 

A. Experience in the industry 

B. Definition of security profiles 

C. Human resource planning efforts 

D. Procedures in systems development 

Answer: D 

Q4. During a fingerprint verification process, which of the following is used to verify identity and authentication? 

A. A pressure value is compared with a stored template 

B. Sets of digits are matched with stored values 

C. A hash table is matched to a database of stored value 

D. A template of minutiae is compared with a stored template 

Answer: D 

Q5. What is the MAIN feature that onion routing networks offer? 

A. Non-repudiation 

B. Traceability 

C. Anonymity 

D. Resilience 

Answer: C 

Q6. Disaster Recovery Plan (DRP) training material should be 

A. consistent so that all audiences receive the same training. 

B. stored in a fire proof safe to ensure availability when needed. 

C. only delivered in paper format. 

D. presented in a professional looking manner. 

Answer: A 

Q7. What security risk does the role-based access approach mitigate MOST effectively? 

A. Excessive access rights to systems and data 

B. Segregation of duties conflicts within business applications 

C. Lack of system administrator activity monitoring 

D. Inappropriate access requests 

Answer: A 

Q8. Which of the following entities is ultimately.accountable.for data remanence vulnerabilities with data replicated by a cloud service provider? 

A. Data owner 

B. Data steward 

C. Data custodian 

D. Data processor 

Answer: A 

Q9. For an organization considering two-factor authentication for secure network access, which of the following is MOST secure? 

A. Challenge response and private key 

B. Digital certificates and Single Sign-On (SSO) 

C. Tokens and passphrase 

D. Smart card and biometrics 

Answer: D 

Q10. Which of the following protocols would allow an organization to maintain a centralized list of users that can read a protected webpage? 

A. Lightweight Directory Access Control (LDAP) 

B. Security Assertion Markup Language (SAML) 

C. Hypertext Transfer Protocol (HTTP) 

D. Kerberos 

Answer: A