[PDF and VCE] Free cissp PDF Real Exam Questions and Answers Free Download

Tens of thousands of competitors, pages of hard questions and unsatisfied exam preparation situations… Do not worried about all those annoying things! We, help you with your ISC Certification cissp Certified Information Systems Security Professional exam. We will assist you clear the cissp exam with ISC Certification cissp actual tests. We cissp braindumps are the most comprehensive ones.

Visit our site to get more cissp Q and As:https://www.pass4king.com/CISSP.html (1594 QAs Dumps)
Question 1:

What capability would typically be included in a commercially available software package designed for access control?

A. Password encryption

B. File encryption

C. Source library control

D. File authentication

Correct Answer: A

Question 2:

Which one of the following data integrity models assumes a lattice of integrity levels?

A. Take-Grant

B. Biba

C. Harrison-Ruzzo

D. Bell-LaPadula

Correct Answer: B

Question 3:

Which type of test would an organization perform in order to locate and target exploitable defects?

A. Penetration

B. System

C. Performance

D. Vulnerability

Correct Answer: A

Question 4:

What is the process of removing sensitive data from a system or storage device with the intent that the data cannot be reconstructed by any known technique?

A. Purging

B. Encryption

C. Destruction

D. Clearing

Correct Answer: A

Question 5:

Which of the following is MOST effective in detecting information hiding in Transmission Control Protocol/internet Protocol (TCP/IP) traffic?

A. Stateful inspection firewall

B. Application-level firewall

C. Content-filtering proxy

D. Packet-filter firewall

Correct Answer: A

Question 6:

An organization has discovered that users are visiting unauthorized websites using anonymous proxies.

Which of the following is the BEST way to prevent future occurrences?

A. Remove the anonymity from the proxy

B. Analyze Internet Protocol (IP) traffic for proxy requests

C. Disable the proxy server on the firewall

D. Block the Internet Protocol (IP) address of known anonymous proxies

Correct Answer: C

Question 7:

Which of the following is the MOST efficient mechanism to account for all staff during a speedy nonemergency evacuation from a large security facility?

A. Large mantrap where groups of individuals leaving are identified using facial recognition technology

B. Radio Frequency Identification (RFID) sensors worn by each employee scanned by sensors at each exitdoor

C. Emergency exits with push bars with coordinates at each exit checking off the individual against a predefined list

D. Card-activated turnstile where individuals are validated upon exit

Correct Answer: B

Question 8:

The organization would like to deploy an authorization mechanism for an Information Technology (IT) infrastructure project with high employee turnover.

Which access control mechanism would be preferred?

A. Attribute Based Access Control (ABAC)

B. Discretionary Access Control (DAC)

C. Mandatory Access Control (MAC)

D. Role-Based Access Control (RBAC)

Correct Answer: D

Question 9:

Which of the following is the MOST common method of memory protection?

A. Compartmentalization

B. Segmentation

C. Error correction

D. Virtual Local Area Network (VLAN) tagging

Correct Answer: B

Question 10:

An organization has outsourced its financial transaction processing to a Cloud Service Provider (CSP) who will provide them with Software as a Service (SaaS). If there was a data breach who is responsible for monetary losses?

A. The Data Protection Authority (DPA)

B. The Cloud Service Provider (CSP)

C. The application developers

D. The data owner

Correct Answer: B

Question 11:

In Disaster Recovery (DR) and Business Continuity (DC) training, which BEST describes a functional drill?

A. a functional evacuation of personnel

B. a specific test by response teams of individual emergency response functions

C. an activation of the backup site

D. a full-scale simulation of an emergency and the subsequent response functions.

Correct Answer: D

Question 12:

Which of the following steps should be performed FIRST when purchasing Commercial Off-The-Shelf (COTS) software?

A. undergo a security assessment as part of authorization process

B. establish a risk management strategy

C. harden the hosting server, and perform hosting and application vulnerability scans

D. establish policies and procedures on system and services acquisition

Correct Answer: D

Question 13:

Which of the following is the BEST way to reduce the impact of an externally sourced flood attack?

A. Have the service provider block the soiree address.

B. Have the soiree service provider block the address.

C. Block the soiree address at the firewall.

D. Block all inbound traffic until the flood ends.

Correct Answer: C

Question 14:

Which of the following is a common characteristic of privacy?

A. Provision for maintaining an audit trail of access to the private data

B. Notice to the subject of the existence of a database containing relevant credit card data

C. Process for the subject to inspect and correct personal data on-site

D. Database requirements for integration of privacy data

Correct Answer: A

Question 15:

What is the most effective form of media sanitization to ensure residual data cannot be retrieved?

A. Clearing

B. Destroying

C. Purging

D. Disposal

Correct Answer: B

Visit our site to get more cissp Q and As:https://www.pass4king.com/CISSP.html (1594 QAs Dumps)