★ Pass on Your First TRY ★ 100% Money Back Guarantee ★ Realistic Practice Exam Questions
Free Instant Download NEW CISSP Exam Dumps (PDF & VCE):
Available on:
https://www.certleader.com/CISSP-dumps.html
Our CISSP training materials for ISC2 certification are obtainable in diverse formats, such as Pdf, downloadable engine, to help you get via your exam. You can make complete preparation for the ISC2 CISSP certification evaluation. Whether youd like to examine from a good ebook or in your computer, you can review the ISC2 ISC2 certification test along with your own tempo. You have significantly freedom to select related ISC2 questions and answers in order to prepare the very best for your CISSP exam.
2021 Nov cissp exam questions:
Q141. In the area of disaster planning and recovery, what strategy entails the presentation of information about the plan?
A. Communication
B. Planning
C. Recovery
D. Escalation
Answer: A
Q142. In the Open System Interconnection (OSI) model, which layer is responsible for the transmission of binary data over a communications network?
A. Application Layer
B. Physical Layer
C. Data-Link Layer
D. Network Layer
Answer: B
Q143. A network scan found 50% of the systems with one or more critical vulnerabilities. Which of the following represents the BEST action?
A. Assess vulnerability risk and program effectiveness.
B. Assess vulnerability risk and business impact.
C. Disconnect all systems with critical vulnerabilities.
D. Disconnect systems with the most number of vulnerabilities.
Answer: B
Q144. An external attacker has compromised an organization's network security perimeter and installed a sniffer onto an inside computer. Which of the following is the MOST effective layer of security the organization could have implemented to mitigate the attacker's ability to gain further information?
A. Implement packet filtering on the network firewalls
B. Require strong authentication for administrators
C. Install Host Based Intrusion Detection Systems (HIDS)
D. Implement logical network segmentation at the switches
Answer: D
Q145. Which of the following PRIMARILY contributes to security incidents in web-based applications?
A. Systems administration and operating systems
B. System incompatibility and patch management
C. Third-party applications and change controls
D. Improper stress testing and application interfaces
Answer: C
Refresh sscp vs cissp:
Q146. Including a Trusted Platform Module (TPM) in the design of a computer system is an example of a technique to what?
A. Interface with the Public Key Infrastructure (PKI)
B. Improve the quality of security software
C. Prevent Denial of Service (DoS) attacks
D. Establish a secure initial state
Answer: D
Q147. Which of the following is an effective method for avoiding magnetic media data
remanence?
A. Degaussing
B. Encryption
C. Data Loss Prevention (DLP)
D. Authentication
Answer: A
Q148. Which one of the following describes granularity?
A. Maximum number of entries available in an Access Control List (ACL)
B. Fineness to which a trusted system can authenticate users
C. Number of violations divided by the number of total accesses
D. Fineness to which an access control system can be adjusted
Answer: D
Q149. What component of a web application that stores the session state in a cookie can be bypassed by an attacker?
A. An initialization check
B. An identification check
C. An authentication check
D. An authorization check
Answer: C
Q150. Which of the following actions MUST be taken if a vulnerability is discovered during the maintenance stage in a System Development Life Cycle (SDLC)?
A. Make changes following principle and design guidelines.
B. Stop the application until the vulnerability is fixed.
C. Report the vulnerability to product owner.
D. Monitor the application and review code.
Answer: C