CISSP Exam
Foolproof cissp exam cost tips
We provide real best cissp book exam questions and answers braindumps in two formats. Download PDF & Practice Tests. Pass ISC2 free cissp training Exam quickly & easily. The cissp verification PDF type is available for reading and printing. You can print more and practice many times. With the help of our ISC2 cissp exam cram dumps pdf and vce product and material, you can easily pass the cissp certification exam.
Q11. During an audit, the auditor finds evidence of potentially illegal activity. Which of the following is the MOST appropriate action to take?
A. Immediately call the police
B. Work with the client to resolve the issue internally
C. Advise.the.person performing the illegal activity to cease and desist
D. Work with the client to report the activity to the appropriate authority
Answer: D
Q12. Discretionary Access Control (DAC) is based on which of the following?
A. Information source and destination
B. Identification of subjects and objects
C. Security labels and privileges
D. Standards and guidelines
Answer: B
Q13. Multi-Factor Authentication (MFA) is necessary in many systems given common types of password attacks. Which of the following is a correct list of password attacks?
A. Masquerading, salami, malware, polymorphism
B. Brute force, dictionary, phishing, keylogger
C. Zeus, netbus, rabbit, turtle
D. Token, biometrics, IDS, DLP
Answer: B
Q14. An organization lacks a data retention policy. Of the following, who is the BEST person to consult for such requirement?
A. Application Manager
B. Database Administrator
C. Privacy Officer
D. Finance Manager
Answer: C
Q15. An organization is selecting a service provider to assist in the consolidation of multiple computing sites including development, implementation and ongoing support of various computer systems. Which of the following MUST be verified by the Information Security Department?
A. The service provider's policies are consistent with ISO/IEC27001 and there is evidence that the service provider is following those policies.
B. The service provider will segregate the data within its systems and ensure that each region's policies are met.
C. The service provider will impose controls and protections that meet or exceed the current systems controls and produce audit logs as verification.
D. The service provider's policies can meet the requirements imposed by the new environment even if they differ from the organization's current policies.
Answer: D
Q16. To protect auditable information, which of the following MUST be configured to only allow
read access?
A. Logging configurations
B. Transaction log files
C. User account configurations
D. Access control lists (ACL)
Answer: B
Q17. Data leakage of sensitive information is MOST often.concealed.by which of the following?
A. Secure Sockets Layer (SSL).
B. Secure Hash Algorithm (SHA)
C. Wired Equivalent Privacy (WEP)
D. Secure Post Office Protocol (POP)
Answer: A
Q18. DRAG DROP
Drag the following Security Engineering terms on the left to the BEST definition on the right.
Answer:
Q19. During an investigation of database theft from an organization's web site, it was determined that the Structured Query Language (SQL) injection technique was used despite input validation with client-side scripting. Which of the following provides the GREATEST protection against the same attack occurring again?
A. Encrypt communications between the servers
B. Encrypt the web server traffic
C. Implement server-side filtering
D. Filter outgoing traffic at the perimeter firewall
Answer: C
Q20. The BEST method to mitigate the risk of a dictionary attack on a system is to
A. use a hardware token.
B. use complex passphrases.
C. implement password history.
D. encrypt the access control list (ACL).
Answer: A