
ISC Certification CISSP Real Exam Questions and Answers FREE Updated on Oct 11, 2021
CISSP Ultimate Study Guide - Dumps4PDF
NEW QUESTION 492
Which of the following reviews system and event logs to detect attacks on the host and determine if the attack was successful?
- A. host-based IDS
- B. firewall-based IDS
- C. server-based IDS
- D. bastion-based IDS
Answer: A
Explanation:
A host-based IDS can review the system and event logs in order to detect an attack on the host and to determine if the attack was successful.
Source: KRUTZ, Ronald L. & VINES, Russel D., The CISSP Prep Guide: Mastering the
Ten Domains of Computer Security, 2001, John Wiley & Sons, Page 48
NEW QUESTION 493
Which of the following is part of a Trusted Platform Module (TPM)?
- A. A platform-independent software interface for accessing computer functions
- B. A non-volatile tamper-resistant storage for storing both data and signing keys in a secure fashion
- C. A protected Pre-Basic Input/Output System (BIOS) which specifies a method or a metric for "measuring" the state of a computing platform
- D. A secure processor targeted at managing digital keys and accelerating digital signing
Answer: B
NEW QUESTION 494
How should a doorway of a manned facility with automatic locks be configured?
- A. It should have a door delay cipher lock.
- B. It should be configured to be fail-safe.
- C. It should be configured to be fail-secure.
- D. It should not allow piggybacking.
Answer: B
Explanation:
Access controls are meant to protect facilities and computers as well as people.
In some situations, the objectives of physical access controls and the protection of people's lives may come into conflict. In theses situations, a person's life always takes precedence.
Many physical security controls make entry into and out of a facility hard, if not impossible.
However, special consideration needs to be taken when this could affect lives. In an information processing facility, different types of locks can be used and piggybacking should be prevented, but the issue here with automatic locks is that they can either be configured as fail-safe or fail-secure.
Since there should only be one access door to an information processing facility, the automatic lock to the only door to a man-operated room must be configured to allow people out in case of emergency, hence to be fail-safe (sometimes called fail-open), meaning that upon fire alarm activation or electric power failure, the locking device unlocks. This is because the solenoid that maintains power to the lock to keep it in a locked state fails and thus opens or unlocks the electronic lock.
Fail Secure works just the other way. The lock device is in a locked or secure state with no power applied. Upon authorized entry, a solinoid unlocks the lock temporarily. Thus in a
Fail Secure lock, loss of power of fire alarm activation causes the lock to remain in a secure mode.
Reference(s) used for this question:
Harris, Shon (2012-10-18). CISSP All-in-One Exam Guide, 6th Edition (p. 451). McGraw-
Hill. Kindle Edition.
and
Hernandez CISSP, Steven (2012-12-21). Official (ISC)2 Guide to the CISSP CBK, Third
Edition ((ISC)2 Press) (Kindle Locations 20249-20251). Auerbach Publications. Kindle
Edition.
NEW QUESTION 495
Which of the following will a Business Impact Analysis (BIA) NOT identify?
- A. The outage time that can be tolerated by the enterprise as a result of a disaster
- B. Areas that would suffer the greatest financial or operation loss in the event of a disaster
- C. Systems critical to the survival of the enterprise
- D. The names of individuals to be contacted during a disaster
Answer: D
NEW QUESTION 496
Which of the following provides enterprise management with a prioritized list of time-critical business processes, and estimates a recovery time objective for each of the time critical processes and the components of the enterprise that support those processes?
- A. Current State Assessment
- B. Business Risk Assessment.
- C. Risk Mitigation Assessment.
- D. Business Impact Assessment
Answer: D
Explanation:
Explanation/Reference:
Explanation:
A Business Impact Assessment (BIA) is an analysis that identifies the resources that are critical to an organization's ongoing viability and the threats posed to those resources. It also assesses the likelihood that each threat will actually occur and the impact those occurrences will have on the business.
Identification of priorities is the first step of the business impact assessment process.
Incorrect Answers:
B: Current State Assessment is related to future business planning needs. It is concerned with recovery time of critical business processes.
C: Risk Mitigation Assessment is concerned with recovery time objectives. The Business Impact Assessment addresses the recovery time.
D: Business Risk Assessment is concerned with recovery time objectives. The Business Impact Assessment addresses the recovery time.
References:
Stewart, James M., Ed Tittel, and Mike Chapple, CISSP: Certified Information Systems Security Professional Study Guide, 5th Edition, Sybex, Indianapolis, 2011, p. 825
NEW QUESTION 497
Which of the following steps should be performed when purchasing Commercial Off-The-Shelf (COTS) software?
- A. establish policies and procedures on system and services acquisition
- B. establish a risk management strategy
- C. undergo a security assessment as part of authorization process
- D. harden the hosting server, and perform hosting and application vulnerability scans
Answer: A
NEW QUESTION 498
Which of the following would be the FIRST step to take when implementing a patch management program?
- A. Prioritize vulnerability remediation.
- B. Perform automatic deployment of patches.
- C. Monitor for vulnerabilities and threats.
- D. Create a system inventory.
Answer: D
NEW QUESTION 499
A user downloads a file from the Internet, then applies the Secure Hash Algorithm 3 (SHA-3) to it.
Which of the following is the MOST likely reason for doing so?
- A. It checks the file for malware.
- B. It ensures the entire file downloaded.
- C. It verifies the integrity of the file.
- D. It encrypts the entire file.
Answer: C
Explanation:
Reference: https://blog.logsign.com/how-to-check-the-integrity-of-a-file/
NEW QUESTION 500
What is a characteristic of using the Electronic Code Book mode of DES encryption?
- A. The previous DES output is used as input.
- B. A given block of plaintext and a given key will always produce the same ciphertext.
- C. Repetitive encryption obscures any repeated patterns that may have been present in the plaintext.
- D. Individual characters are encoded by combining output from earlier encryption routines with plaintext.
Answer: B
Explanation:
A given message and key always produce the same ciphertext.
The following answers are incorrect:
Repetitive encryption obscures any repeated patterns that may have been present in the plaintext. Is incorrect because with Electronic Code Book a given 64 bit block of plaintext always produces the same ciphertext
Individual characters are encoded by combining output from earlier encryption routines with plaintext. This is incorrect because with Electronic Code Book processing 64 bits at a time until the end of the file was reached. This is a characteristic of Cipher Feedback. Cipher
Feedback the ciphertext is run through a key-generating device to create the key for the next block of plaintext.
The previous DES output is used as input. Is incorrect because This is incorrect because with Electronic Code Book processing 64 bits at a time until the end of the file was reached
. This is a characteristic of Cipher Block Chaining. Cipher Block Chaining uses the output from the previous block to encrypt the next block.
NEW QUESTION 501
In public key cryptography,
- A. If the public key encrypts, then only the private key can decrypt.
- B. Only the public key can encrypt and only the private key can decrypt.
- C. The public key is used to encrypt and decrypt.
- D. Only the private key can encrypt and only the public key can decrypt.
Answer: A
Explanation:
The correct answer is "If the public key encrypts, then only the private key can decrypt".
Answers "Only the private key can encrypt and only the public key can decrypt" and "Only the public key can encrypt and only the private key can decrypt" are incorrect because if one key encrypts, the other can decrypt.
Answer "The public key is used to encrypt and decrypt"is incorrect
because if the public key encrypts, it cannot decrypt.
NEW QUESTION 502
Whose role is it to assign classification level to information?
- A. Owner
- B. Security Administrator
- C. User
- D. Auditor
Answer: A
Explanation:
The Data/Information Owner is ultimately responsible for the protection of the data. It is the
Data/Information Owner that decides upon the classifications of that data they are responsible for.
The data owner decides upon the classification of the data he is responsible for and alters that classification if the business need arises.
The following answers are incorrect:
Security Administrator. Is incorrect because this individual is responsible for ensuring that the access right granted are correct and support the polices and directives that the
Data/Information Owner defines.
User. Is Incorrect because the user uses/access the data according to how the
Data/Information Owner defined their access.
Auditor. Is incorrect because the Auditor is responsible for ensuring that the access levels are appropriate. The Auditor would verify that the Owner classified the data properly.
References:
CISSP All In One Third Edition, Shon Harris, Page 121
NEW QUESTION 503
The technique of skimming small amounts of money from multiple transactions is called the
- A. Leakage technique
- B. Scavenger technique
- C. Synchronous attack technique
- D. Salami technique
Answer: D
NEW QUESTION 504
Between which pair of Open System Interconnection (OSI) Reference Model layers are routers used as a communications device?
- A. Transport and Session
- B. Data-Link and Transport
- C. Physical and Data-Link
- D. Network and Session
Answer: B
NEW QUESTION 505
Which of the following is an advantage in using a bottom-up versus a top-down approach to software testing?
- A. Confidence in the system is achieved earlier.
- B. Errors in critical modules are detected earlier.
- C. Major functions and processing are tested earlier.
- D. Interface errors are detected earlier.
Answer: B
Explanation:
The bottom-up approach to software testing begins with the testing of atomic units, such as programs and modules, and work upwards until a complete system testing has taken place. The advantages of using a bottom-up approach to software testing are the fact that there is no need for stubs or drivers and errors in critical modules are found earlier. The other choices refer to advantages of a top down approach which follows the opposite path.
Source: Information Systems Audit and Control Association, Certified Information Systems
Auditor 2002 review manual, chapter 6: Business Application System Development,
Acquisition, Implementation and Maintenance (page 299).
NEW QUESTION 506
Smart cards are an example of which type of control?
- A. Physical control
- B. Administrative control
- C. Detective control
- D. Technical control
Answer: D
Explanation:
Logical or technical controls involve the restriction of access to systems and the protection of information. Smart cards and encryption are examples of these types of control.
Controls are put into place to reduce the risk an organization faces, and they come in three main flavors: administrative, technical, and physical. Administrative controls are commonly referred to as "soft controls" because they are more management-oriented. Examples of administrative controls are security documentation, risk management, personnel security, and training. Technical
controls (also called logical controls) are software or hardware components, as in firewalls, IDS,
encryption, identification and authentication mechanisms. And physical controls are items put into
place to protect facility, personnel, and resources. Examples of physical controls are security
guards, locks, fencing, and lighting.
Many types of technical controls enable a user to access a system and the resources within that
system. A technical control may be a username and password combination, a Kerberos
implementation, biometrics, public key infrastructure (PKI), RADIUS, TACACS +, or authentication
using a smart card through a reader connected to a system. These technologies verify the user is
who he says he is by using different types of authentication methods. Once a user is properly
authenticated, he can be authorized and allowed access to network resources.
Reference(s) used for this question:
Harris, Shon (2012-10-25). CISSP All-in-One Exam Guide, 6th Edition (p. 245). McGraw-Hill.
Kindle Edition.
and
KRUTZ, Ronald L. & VINES, Russel D., The CISSP Prep Guide: Mastering the Ten Domains of
Computer Security, John Wiley & Sons, 2001, Chapter 2: Access control systems (page 32).
NEW QUESTION 507
Which of the following is a PRIMARY challenge when running a penetration test?
- A. Establishing a business case
- B. Determining the depth of coverage
- C. Remediating found vulnerabilities
- D. Determining the cost
Answer: B
NEW QUESTION 508
......
Ultimate Guide to Prepare CISSP Certification Exam for ISC Certification: https://www.dumps4pdf.com/CISSP-valid-braindumps.html
Use Real CISSP Dumps - ISC Correct Answers: https://drive.google.com/open?id=16AQp0NzZ5hqZUlotK99n_gV0jhr-9dW_