CISSP Exam
Key benefits of cissp book
It is impossible to pass ISC2 cissp vs cisa exam without any help in the short term. Come to Testking soon and find the most advanced, correct and guaranteed ISC2 cissp salary practice questions. You will get a surprising result by our Regenerate Certified Information Systems Security Professional (CISSP) practice guides.
Q121. What is the ultimate objective of information classification?
A. To assign responsibility for mitigating the risk to vulnerable systems
B. To ensure that information assets receive an appropriate level of protection
C. To recognize that the value of any item of information may change over time
D. To recognize the optimal number of classification categories and the benefits to be gained from their use
Answer: B
Q122. Why MUST a Kerberos server be well protected from unauthorized access?
A. It contains the keys of all clients.
B. It always operates at root privilege.
C. It contains all the tickets for services.
D. It contains the Internet Protocol (IP) address of all network entities.
Answer: A
Q123. Data remanence refers to which of the following?
A. The remaining photons left in a fiber optic cable after a secure transmission.
B. The retention period required by law or regulation.
C. The magnetic flux created when removing the network connection from a server or personal computer.
D. The residual information left on magnetic storage media after a deletion or erasure.
Answer: D
Q124. A security professional is asked to provide a solution that restricts a.bank.teller to only perform a savings deposit transaction but allows a supervisor to perform corrections after the transaction. Which of the following is the MOST effective solution?
A. Access is based on rules.
B. Access is determined by the system.
C. Access is based on user's role.
D. Access is based on data sensitivity.
Answer: C
Q125. What is a common challenge when implementing Security Assertion Markup Language
(SAML) for identity integration between on-premise environment and an external identity provider service?
A. Some users are not provisioned into the service.
B. SAML tokens are provided by the on-premise identity provider.
C. Single users cannot be revoked from the service.
D. SAML tokens contain user information.
Answer: A
Q126. Which of the following is a function of Security Assertion Markup Language (SAML)?
A. File allocation
B. Redundancy check
C. Extended validation
D. Policy enforcement
Answer: D
Q127. A disadvantage of an application filtering firewall is that it can lead to
A. a crash of the network as a result of user activities.
B. performance degradation due to the rules applied.
C. loss of packets on the network due to insufficient bandwidth.
D. Internet Protocol (IP) spoofing by hackers.
Answer: B
Q128. Which of the following methods provides the MOST protection for user credentials?
A. Forms-based authentication
B. Digest authentication
C. Basic authentication
D. Self-registration
Answer: B
Q129. Refer.to the information below to answer the question.
During the investigation of a security incident, it is determined that an unauthorized individual accessed a system which hosts a database containing financial information.
Aside from the potential records which may have been viewed, which of the following should be the PRIMARY concern regarding the database information?
A. Unauthorized database changes
B. Integrity of security logs
C. Availability of the database
D. Confidentiality of the incident
Answer: A
Q130. Changes to a Trusted Computing Base (TCB) system that could impact the security posture of that system and trigger a recertification activity are documented in the
A. security impact analysis.
B. structured code review.
C. routine self assessment.
D. cost benefit analysis.
Answer: A