• Home
• ISC2
• CISSP : Certified Information Systems Security Professional (CISSP)

Facts about cissp training

---

Exambible cissp vs cisa Questions are updated and all cissp exam cost answers are verified by experts. Once you have completely prepared with our cissp passing score exam prep kits you will be ready for the real cissp all in one exam without a problem. We have Replace ISC2 cissp braindump dumps study guide. PASSED cissp training First attempt! Here What I Did.

Q171. An internal Service Level Agreement (SLA) covering security is signed by senior managers and is in place. When should compliance to the SLA be reviewed to ensure that a good security posture is being delivered? 

A. As part of the SLA renewal process 

B. Prior to a planned security audit 

C. Immediately after a security breach 

D. At regularly scheduled meetings 

Answer: D 

Q172. Refer.to the information below to answer the question. 

A new employee is given a laptop computer with full administrator access. This employee does not have a personal computer at home and has a child that uses the computer to send and receive e-mail, search the web, and use instant messaging. The organization’s Information Technology (IT) department discovers that a peer-to-peer program has been installed on the computer using the employee's access. 

Which.of.the.following.could.have.MOST.likely.prevented.the.Peer-to-Peer.(P2P).program.from.being.installed.on.the.computer? 

A. Removing employee's full access to the computer 

B. Supervising their child's use of the computer 

C. Limiting computer's access to only the employee 

D. Ensuring employee understands their business conduct guidelines 

Answer: A 

Q173. DRAG DROP 

Order the below steps to create an effective vulnerability management process. 

Answer: 

Q174. The PRIMARY outcome of a certification process is that it provides documented 

A. system weaknesses for remediation. 

B. standards for security assessment, testing, and process evaluation. 

C. interconnected systems and their implemented security controls. 

D. security analyses needed to make a risk-based decision. 

Answer: D 

Q175. Which of the following would be the FIRST step to take when implementing a patch management program? 

A. Perform automatic deployment of patches. 

B. Monitor for vulnerabilities and threats. 

C. Prioritize vulnerability remediation. 

D. Create a system inventory. 

Answer: D 

Q176. Refer.to the information below to answer the question. 

An organization experiencing a negative financial impact is forced to reduce budgets and the number of Information Technology (IT) operations staff performing basic logical access security administration functions. Security processes have been tightly integrated into normal IT operations and are not separate and distinct roles. 

When determining appropriate resource allocation, which of the following is MOST important to monitor? 

A. Number of system compromises 

B. Number of audit findings 

C. Number of staff reductions 

D. Number of additional assets 

Answer: B 

Q177. What is the.BEST.first step.for determining if the appropriate security controls are in place for protecting data at rest? 

A. Identify regulatory requirements 

B. Conduct a risk assessment 

C. Determine.business drivers 

D. Review the.security baseline configuration 

Answer: B 

Q178. Which of the following statements is TRUE for point-to-point microwave transmissions? 

A. They are not subject to interception due to encryption. 

B. Interception only depends on signal strength. 

C. They are too highly multiplexed for meaningful interception. 

D. They are subject to interception by an antenna within proximity. 

Answer: D 

Q179. An organization is designing a large enterprise-wide document repository system. They plan to have several different classification level areas with increasing levels of controls. The BEST way to ensure document confidentiality in the repository is to 

A. encrypt the contents of the repository and document any exceptions to that requirement. 

B. utilize Intrusion Detection System (IDS) set drop connections if too many requests for documents are detected. 

C. keep individuals with access to high security areas from saving those documents into lower security areas. 

D. require individuals with access to the system to sign Non-Disclosure Agreements (NDA). 

Answer: C 

Q180. During a fingerprint verification process, which of the following is used to verify identity and authentication? 

A. A pressure value is compared with a stored template 

B. Sets of digits are matched with stored values 

C. A hash table is matched to a database of stored value 

D. A template of minutiae is compared with a stored template 

Answer: D