Home » CISSP Exam » Free Cissp Practice Exam Questions2022 Updated with Valid CISSP PDF Dumps Download

Free Cissp Practice Exam Questions 2022 Updated with Valid CISSP PDF Dumps Download

Pass your CISSP Exam with Certspilot Updated PDF Braindumps, We provide Updated and Valid Cissp Real Exam questions in PDF Dumps, Practice on Our free CISSP Practice Exam, or download Complete 630 Cissp Exam questions and Pass your exam on the first attempt If you have less time or want to pass your Cissp Exam just prepare questions from our Cissp Dumps and Ace your exam on the first go. Let's practice on our free CISSP Exam questions 2022 Updated.

Practice on Below free Practice CISSP Dumps, Our Dumps are Updated according to 2022 CISSP Exam Material/

1. For privacy protected data, which of the following roles has the highest authority for establishing dissemination rules for the data?

Information Systems Security Officer

Data Owner

System Security Architect

Security Requirements Analyst

2. Which of the following controls is the FIRST step in protecting privacy in an information system?

Data Redaction

Data Minimization

Data Encryption

Data Storage

3. Which of the following BEST avoids data remanence disclosure for cloud hosted resources?

Strong encryption and deletion of the keys after data is deleted.

Strong encryption and deletion of the virtual host after data is deleted.

Software based encryption with two factor authentication.

Hardware based encryption on dedicated physical servers.

4. What is the MOST efficient way to secure a production program and its data?

Disable default accounts and implement access control lists (ACL)

Harden the application and encrypt the data

Disable unused services and implement tunneling

Harden the servers and backup the data

5. What is the MOST efficient way to secure a production program and its data?

Disable default accounts and implement access control lists (ACL)

Harden the application and encrypt the data

Disable unused services and implement tunneling

Harden the servers and backup the data

6. If compromised, which of the following would lead to the exploitation of multiple virtual machines?

Virtual device drivers

Virtual machine monitor

Virtual machine instance

Virtual machine file system

7. Which of the following is the MOST important output from a mobile application threat modeling exercise according to Open Web Application Security Project (OWASP)?

Application interface entry and endpoints

The likelihood and impact of a vulnerability

Countermeasures and mitigations for vulnerabilities

A data flow diagram for the application and attack surface analysis

8. Which one of the following operates at the session, transport, or network layer of the Open System Interconnection (OSI) model?

Data at rest encryption

Configuration Management

Integrity checking software

Cyclic redundancy check (CRC)

9. Which of the following secures web transactions at the Transport Layer?

Secure HyperText Transfer Protocol (S-HTTP)

Secure Sockets Layer (SSL)

Socket Security (SOCKS)

Secure Shell (SSH)

10. Which of the following is the MOST effective method of mitigating data theft from an active user workstation?

Implement full-disk encryption

Enable multifactor authentication

Deploy file integrity checkers

Disable use of portable devices

11. Which of the following protocols would allow an organization to maintain a centralized list of users that can read a protected webpage?

Lightweight Directory Access Control (LDAP)

Security Assertion Markup Language (SAML)

Hypertext Transfer Protocol (HTTP)

Kerberos

12. The BEST method to mitigate the risk of a dictionary attack on a system is to

use a hardware token.

use complex passphrases.

implement password history.

encrypt the access control list (ACL).

13. Which of the following is an advantage of on-premise Credential Management Systems?

Improved credential interoperability

Control over system configuration

Lower infrastructure capital costs

Reduced administrative overhead

14. Which of the following prevents improper aggregation of privileges in Role Based Access Control (RBAC)?

Hierarchical inheritance

Dynamic separation of duties

The Clark-Wilson security model

The Bell-LaPadula security model

15. The implementation of which features of an identity management system reduces costs and administration overhead while improving audit and accountability?

Two-factor authentication

Single Sign-On (SSO)

User self-service

A metadirectory

16. Which of the following is the BEST method to assess the effectiveness of an organization's vulnerability management program?

Review automated patch deployment reports

Periodic third party vulnerability assessment

Automated vulnerability scanning

Perform vulnerability scan by security team

17. Which methodology is recommended for penetration testing to be effective in the development phase of the life-cycle process?

White-box testing

Software fuzz testing

Black-box testing

Visual testing

18. Which of the following is most helpful in applying the principle of LEAST privilege?

Establishing a sandboxing environment

Setting up a Virtual Private Network (VPN) tunnel

Monitoring and reviewing privileged sessions

Introducing a job rotation program

19. Which of the following explains why record destruction requirements are included in a data retention policy?

To comply with legal and business requirements

To save cost for storage and backup

To meet destruction guidelines

To validate data ownership

20. What should happen when an emergency change to a system must be performed?

The change must be given priority at the next meeting of the change control board.

Testing and approvals must be performed quickly.

The change must be performed immediately and then submitted to the change board.

The change is performed and a notation is made in the system log.

21. Which of the following is the BEST approach to take in order to effectively incorporate the concepts of business continuity into the organization?

Ensure end users are aware of the planning activities

Validate all regulatory requirements are known and fully documented

Develop training and awareness programs that involve all stakeholders

Ensure plans do not violate the organization's cultural objectives and goals

22. Which of the following has the GREATEST impact on an organization's security posture?

International and country-specific compliance requirements

Security violations by employees and contractors

Resource constraints due to increasing costs of supporting security

Audit findings related to employee access and permissions process

23. The application of which of the following standards would BEST reduce the potential for data breaches?

ISO 9000

ISO 20121

ISO 26000

ISO 27001

24. In order for a security policy to be effective within an organization, it MUST include

strong statements that clearly define the problem.

a list of all standards that apply to the policy.

owner information and date of last revision.

disciplinary measures for non compliance.

25. Which of the following roles has the obligation to ensure that a third party provider is capable of processing and handling data in a secure manner and meeting the standards set by the organization?

Data Custodian

Data Owner

Data Creator

Data User

26. To protect auditable information, which of the following MUST be configured to only allow read access?

Logging configurations

Transaction log files

User account configurations

Access control lists (ACL)

27. What type of encryption is used to protect sensitive data in transit over a network?

Payload encryption and transport encryption

Authentication Headers (AH)

Keyed-Hashing for Message Authentication

Point-to-Point Encryption (P2PE)

28. Which of the following entities is ultimately accountable for data remanence vulnerabilities with data replicated by a cloud service provider?

Data owner

Data steward

Data custodian

Data processor

29. Which of the following is a recommended alternative to an integrated email encryption system?

Sign emails containing sensitive data

Send sensitive data in separate emails

Encrypt sensitive data separately in attachments

Store sensitive information to be sent in encrypted drives

30. In the Open System Interconnection (OSI) model, which layer is responsible for the transmission of binary data over a communications network?

Application Layer

Physical Layer

Data-Link Layer

Network Layer

31. What is the PRIMARY goal for using Domain Name System Security Extensions (DNSSEC) to sign

records?

Integrity

Confidentiality

Accountability

Availability

32. While inventorying storage equipment, it is found that there are unlabeled, disconnected, and powered off devices. Which of the following is the correct procedure for handling such equipment?

They should be recycled to save energy.

They should be recycled according to NIST SP 800-88.

They should be inspected and sanitized following the organizational policy.

They should be inspected and categorized properly to sell them for reuse.

33. The PRIMARY characteristic of a Distributed Denial of Service (DDoS) attack is that it

exploits weak authentication to penetrate networks.

can be detected with signature analysis.

looks like normal network activity.

is commonly confused with viruses or worms.

34. Which of the following is generally indicative of a replay attack when dealing with biometric authentication?

False Acceptance Rate (FAR) is greater than 1 in 100,000

False Rejection Rate (FRR) is greater than 5 in 100

Inadequately specified templates

Exact match

35. During a fingerprint verification process, which of the following is used to verify identity and authentication?

A pressure value is compared with a stored template

Sets of digits are matched with stored values

A hash table is matched to a database of stored valueA hash table is matched to a database of stored value

A template of minutiae is compared with a stored template

36. The BEST example of the concept of "something that a user has" when providing an authorized user access to a computing system is

the user's hand geometry.

a credential stored in a token.

a passphrase.

the user's face.

37. A security professional is asked to provide a solution that restricts a bank teller to only perform a savings deposit transaction but allows a supervisor to perform corrections after the transaction. Which of the following is the MOST effective solution?

Access is based on rules.

Access is determined by the system.

Access is based on user's role.

Access is based on data sensitivity.

38. Sensitive customer data is going to be added to a database. What is the MOST effective implementation for ensuring data privacy?

Discretionary Access Control (DAC) procedures

Mandatory Access Control (MAC) procedures

Data link encryption

Segregation of duties

39. Which of the following types of security testing is the MOST effective in providing a better indication

of the everyday security challenges of an organization when performing a security risk assessment?

External

Overt

Internal

Covert

40. What is the MOST effective method of testing custom application code?

Negative testing

White box testing

Penetration testing

Black box testing

41. Which one of the following is a common risk with network configuration management?

Patches on the network are difficult to keep current.

It is the responsibility of the systems administrator.

User ID and passwords are never set to expire.

Network diagrams are not up to date.

42. What type of test assesses a Disaster Recovery (DR) plan using realistic disaster scenarios while maintaining minimal impact to business operations?

Parallel

Walkthrough

Simulation

Tabletop

43. How can lessons learned from business continuity training and actual recovery incidents BEST be used?

As a means for improvement

As alternative options for awareness and training

As indicators of a need for policy

As business function gap indicators

44. Which of the following is the PRIMARY issue when collecting detailed log information?

Logs may be unavailable when required

Timely review of the data is potentially difficult

Most systems and applications do not support logging

Logs do not provide sufficient details of system and individual activities

45. An Intrusion Detection System (IDS) has recently been deployed in a Demilitarized Zone (DMZ). The IDS detects a flood of malformed packets. Which of the following BEST describes what has occurred?

Denial of Service (DoS) attack

Address Resolution Protocol (ARP) spoof

Buffer overflow

Ping flood attack

46. Which of the following command line tools can be used in the reconnaissance phase of a network vulnerability assessment?

dig

ipconfig

ifconfig

nbstat

47. In configuration management, what baseline configuration information MUST be maintained for each computer system?

Operating system and version, patch level, applications running, and versions.

List of system changes, test reports, and change approvals

Last vulnerability assessment report and initial risk assessment report

Date of last update, test report, and accreditation certificate

48. Which Radio Frequency Interference (RFI) phenomenon associated with bundled cable runs can create information leakage?

Transference

Covert channel

Bleeding

Cross-talk

49. An organization’s information security strategic plan MUST be reviewed

whenever there are significant changes to a major application.

quarterly, when the organization’s strategic plan is updated.

whenever there are major changes to the business.

every three years, when the organization’s strategic plan is updated.

50. When building a data classification scheme, which of the following is the PRIMARY concern?

A. Purpose

Cost effectiveness

Availability

Authenticity

51. Which technology is a prerequisite for populating the cloud-based directory in a federated identity solution?

Notification tool

Message queuing tool

Security token tool

Synchronization tool

52. What is an advantage of Elliptic Curve Cryptography (ECC)?

Cryptographic approach that does not require a fixed-length key

Military-strength security that does not depend upon secrecy of the algorithm

Opportunity to use shorter keys for the same level of security

Ability to use much longer keys for greater security

53. Backup information that is critical to the organization is identified through a

Vulnerability Assessment (VA).

Business Continuity Plan (BCP).

Business Impact Analysis (BIA).

data recovery analysis.

54. When using Generic Routing Encapsulation (GRE) tunneling over Internet Protocol version 4 (IPv4), where is the GRE header inserted?

Into the options field

Between the delivery header and payload

Between the source and destination addresses

Into the destination address

55. An application developer is deciding on the amount of idle session time that the application allows before a timeout. The BEST reason for determining the session timeout requirement is

organization policy.

industry best practices.

industry laws and regulations.

management feedback.

56. Knowing the language in which an encrypted message was originally produced might help a cryptanalyst to perform a

clear-text attack.

known cipher attack.

frequency analysis.

stochastic assessment.

57. During the Security Assessment and Authorization process, what is the PRIMARY purpose for conducting a hardware and software inventory?

Calculate the value of assets being accredited.

Create a list to include in the Security Assessment and Authorization package.

Identify obsolete hardware and software.

Define the boundaries of the information system.

58. When evaluating third-party applications, which of the following is the GREATEST responsibility of Information Security?

Accept the risk on behalf of the organization.

Report findings to the business to determine security gaps.

Quantify the risk to the business for product selection.

Approve the application that best meets security requirements.

59. An employee of a retail company has been granted an extended leave of absence by Human Resources (HR). This information has been formally communicated to the access provisioning team. Which of the following is the BEST action to take?

Revoke access temporarily.

Block user access and delete user account after six months.

Block access to the offices immediately.

Monitor account usage temporarily.

60. The goal of a Business Impact Analysis (BIA) is to determine which of the following?

Cost effectiveness of business recovery

Cost effectiveness of installing software security patches

Resource priorities for recovery and Maximum Tolerable Downtime (MTD)

Which security measures should be implemented

61. An organization publishes and periodically updates its employee policies in a file on their intranet. Which of the following is a PRIMARY security concern?

Ownership

Confidentiality

Availability

Integrity

62. What does the Maximum Tolerable Downtime (MTD) determine?

The estimated period of time a business critical database can remain down before customers are affected.

The fixed length of time a company can endure a disaster without any Disaster Recovery (DR) planning

The estimated period of time a business can remain interrupted beyond which it risks never recovering

The fixed length of time in a DR process before redundant systems are engaged

63. What is a characteristic of Secure Socket Layer (SSL) and Transport Layer Security (TLS)?

SSL and TLS provide a generic channel security mechanism on top of Transmission Control Protocol (TCP).

SSL and TLS provide nonrepudiation by default.

SSL and TLS do not provide security for most routed protocols.

SSL and TLS provide header encapsulation over HyperText Transfer Protocol (HTTP).

64. How does a Host Based Intrusion Detection System (HIDS) identify a potential attack?

Examines log messages or other indications on the system.

Monitors alarms sent to the system administrator

Matches traffic patterns to virus signature files

Examines the Access Control List (ACL)

65. From a cryptographic perspective, the service of non-repudiation includes which of the following features?

Validity of digital certificates

Validity of the authorization rules

Proof of authenticity of the message

Proof of integrity of the message

66. Which of the following BEST represents the concept of least privilege?

Access to an object is denied unless access is specifically allowed.

Access to an object is only available to the owner.

Access to an object is allowed unless it is protected by the information security policy.

Access to an object is only allowed to authenticated users via an Access Control List (ACL).

67. Which of the following is an advantage of on-premise Credential Management Systems?

Lower infrastructure capital costs

Control over system configuration

Reduced administrative overhead

Improved credential interoperability

68.

Lower infrastructure capital costs

Control over system configuration

Reduced administrative overhead

Improved credential interoperability

69. When designing a vulnerability test, which one of the following is likely to give the BEST indication of what components currently operate on the network?

Topology diagrams

Mapping tools

Asset register

Ping testing

70. Which of the following approaches is the MOST effective way to dispose of data on multiple hard drives?

Delete every file on each drive.

Destroy the partition table for each drive using the command line.

Degauss each drive individually.

Perform multiple passes on each drive using approved formatting methods.

71. Which of the following BEST describes Recovery Time Objective (RTO)?

Time of application resumption after disaster

Time of application verification after disaster.

Time of data validation after disaster.

Time of data restoration from backup after disaster.

72. Which of the following is the PRIMARY benefit of a formalized information classification program?

It minimized system logging requirements.

It supports risk assessment.

It reduces asset vulnerabilities.

It drives audit processes.

73. Which of the following is the BEST method to reduce the effectiveness of phishing attacks?

User awareness

Two-factor authentication

Anti-phishing software

Periodic vulnerability scan

74. The PRIMARY purpose of accreditation is to:

comply with applicable laws and regulations.

allow senior management to make an informed decision regarding whether to accept the risk of operating the system.

protect an organization’s sensitive data.

verify that all security controls have been implemented properly and are operating in the correct manner.

75. Which of the following is a weakness of Wired Equivalent Privacy (WEP)?

Length of Initialization Vector (IV)

Protection against message replay

Detection of message tampering

Built-in provision to rotate keys

76. When writing security assessment procedures, what is the MAIN purpose of the test outputs and reports?

To force the software to fail and document the process

To find areas of compromise in confidentiality and integrity

To allow for objective pass or fail decisions

To identify malware or hidden code within the test results

77. Which of the following is the MAIN reason for using configuration management?

To provide centralized administration

To reduce the number of changes

To reduce errors during upgrades

To provide consistency in security controls

78. Which of the following is BEST suited for exchanging authentication and authorization messages in a multi-party decentralized environment?

Lightweight Directory Access Protocol (LDAP)

Security Assertion Markup Language (SAML)

Internet Mail Access Protocol

Transport Layer Security (TLS)

79. Which of the following is BEST suited for exchanging authentication and authorization messages in a multi-party decentralized environment?

Lightweight Directory Access Protocol (LDAP)

Security Assertion Markup Language (SAML)

Internet Mail Access Protocol

Transport Layer Security (TLS)

80. Which of the following is MOST important when deploying digital certificates?

Validate compliance with X.509 digital certificate standards

Establish a certificate life cycle management framework

Use a third-party Certificate Authority (CA)

Use no less than 256-bit strength encryption when creating a certificate

81. A user sends an e-mail request asking for read-only access to files that are not considered sensitive. A Discretionary Access Control (DAC) methodology is in place. Which is the MOST suitable approach that the administrator should take?

Administrator should request data owner approval to the user access

Administrator should request manager approval for the user access

Administrator should directly grant the access to the non-sensitive files

Administrator should assess the user access need and either grant or deny the access

82. How should an organization determine the priority of its remediation efforts after a vulnerability assessment has been conducted?

Use an impact-based approach.

Use a risk-based approach.

Use a criticality-based approach.

Use a threat-based approach.

83. Which of the following is the MOST important consideration when developing a Disaster Recovery Plan (DRP)?

The dynamic reconfiguration of systems

The cost of downtime

A recovery strategy for all business processes

A containment strategy

84. A proxy firewall operates at what layer of the Open System Interconnection (OSI) model?

Transport

Data link

Network

Application

85. Which of the following restricts the ability of an individual to carry out all the steps of a particular process?

Job rotation

Separation of duties

Least privilege

Mandatory vacations

86. Although code using a specific program language may not be susceptible to a buffer overflow attack,

most calls to plug-in programs are susceptible.

most supporting application code is susceptible.

the graphical images used by the application could be susceptible.

the supporting virtual machine could be susceptible.

87. What is the BEST way to encrypt web application communications?

Secure Hash Algorithm 1 (SHA-1)

Secure Sockets Layer (SSL)

Cipher Block Chaining Message Authentication Code (CBC-MAC)

Transport Layer Security (TLS)

88. Which of the following are effective countermeasures against passive network-layer attacks?

Federated security and authenticated access controls

Trusted software development and run time integrity controls

Encryption and security enabled applications

Enclave boundary protection and computing environment defense

89. What is the MOST important element when considering the effectiveness of a training program for Business Continuity (BC) and Disaster Recovery (DR)?

Management support

Consideration of organizational need

Technology used for delivery

Target audience

90. A database administrator is asked by a high-ranking member of management to perform specific changes to the accounting system database. The administrator is specifically instructed to not track or evidence the change in a ticket. Which of the following is the BEST course of action?

Ignore the request and do not perform the change.

Perform the change as requested, and rely on the next audit to detect and report the situation.

Perform the change, but create a change ticket regardless to ensure there is complete traceability.

Inform the audit committee or internal audit directly using the corporate whistleblower process.

91. Which of the following is the MOST important goal of information asset valuation?

Developing a consistent and uniform method of controlling access on information assets

Developing appropriate access control policies and guidelines

Assigning a financial value to an organization’s information assets

Determining the appropriate level of protection

92. Which of the following is a strategy of grouping requirements in developing a Security Test and Evaluation (ST&E)?

Tactical, strategic, and financial

Management, operational, and technical

Documentation, observation, and manual

Standards, policies, and procedures

93. Which one of the following activities would present a significant security risk to organizations when employing a Virtual Private Network (VPN) solution?

VPN bandwidth

Simultaneous connection to other networks

Users with Internet Protocol (IP) addressing conflicts

Remote users with administrative rights

94. Which of the following BEST describes a chosen plaintext attack?

The cryptanalyst can generate ciphertext from arbitrary text.

The cryptanalyst examines the communication being sent back and forth.

The cryptanalyst can choose the key and algorithm to mount the attack.

The cryptanalyst is presented with the ciphertext from which the original message is determined.

95. For network based evidence, which of the following contains traffic details of all network sessions in order to detect anomalies?

Alert data

User data

Content data

Statistical data

96. Which of the following is the PRIMARY reason to perform regular vulnerability scanning of an organization network?

Provide vulnerability reports to management.

Validate vulnerability remediation activities.

Prevent attackers from discovering vulnerabilities.

Remediate known vulnerabilities.

97. Which of the following would BEST describe the role directly responsible for data within an organization?

Data custodian

Information owner

Database administrator

Quality control

98. The restoration priorities of a Disaster Recovery Plan (DRP) are based on which of the following documents?

Service Level Agreement (SLA)

Business Continuity Plan (BCP)

Business Impact Analysis (BIA)

Crisis management plan

99. The PRIMARY outcome of a certification process is that it provides documented

interconnected systems and their implemented security controls.

standards for security assessment, testing, and process evaluation.

system weakness for remediation.

security analyses needed to make a risk-based decision.

100. A security architect plans to reference a Mandatory Access Control (MAC) model for implementation. This indicates that which of the following properties are being prioritized?

Confidentiality

Integrity

Availability

Accessibility

101. A vulnerability in which of the following components would be MOST difficult to detect?

Kernel

Shared libraries

Hardware

System application

102. During which of the following processes is least privilege implemented for a user account?

Provision

Approve

Request

Review

103. Which of the following is a document that identifies each item seized in an investigation, including date and time seized, full name and signature or initials of the person who seized the item, and a detailed description of the item?

Property book

Chain of custody form

Search warrant return

Evidence tag

104. Which of the following is needed to securely distribute symmetric cryptographic keys?

Officially approved Public-Key Infrastructure (PKI) Class 3 or Class 4 certificates

Officially approved and compliant key management technology and processes

An organizationally approved communication protection policy and key management plan

Hardware tokens that protect the user’s private key.

105. Reciprocal backup site agreements are considered to be

a better alternative than the use of warm sites.

difficult to test for complex systems.

easy to implement for similar types of organizations.

easy to test and implement for complex systems.

106. In which identity management process is the subject’s identity established?

Trust

Provisioning

Authorization

Enrollment

107. In order to assure authenticity, which of the following are required?

Confidentiality and authentication

Confidentiality and integrity

Authentication and non-repudiation

Integrity and non-repudiation

108. At which layer of the Open Systems Interconnect (OSI) model are the source and destination address for a datagram handled?

Transport Layer

Data-Link Layer

Network Layer

Application Layer

109. An organization regularly conducts its own penetration tests. Which of the following scenarios MUST be covered for the test to be effective?

Third-party vendor with access to the system

System administrator access compromised

Internal attacker with access to the system

Internal user accidentally accessing data

110. A company was ranked as high in the following National Institute of Standards and Technology (NIST) functions: Protect, Detect, Respond and Recover. However, a low maturity grade was attributed to the Identify function. In which of the following the controls categories does this company need to improve when analyzing its processes individually?

Asset Management, Business Environment, Governance and Risk Assessment

Access Control, Awareness and Training, Data Security and Maintenance

Anomalies and Events, Security Continuous Monitoring and Detection Processes

Recovery Planning, Improvements and Communications

111. What is the difference between media marking and media labeling?

Media marking refers to the use of human-readable security attributes, while media labeling refers to the use of security attributes in internal data structures.

Media labeling refers to the use of human-readable security attributes, while media marking refers to the use of security attributes in internal data structures.

Media labeling refers to security attributes required by public policy/law, while media marking refers to security required by internal organizational policy.

Media marking refers to security attributes required by public policy/law, while media labeling refers to security attributes required by internal organizational policy.

112. What balance MUST be considered when web application developers determine how informative application error messages should be constructed?

Risk versus benefit

Availability versus auditability

Confidentiality versus integrity

Performance versus user satisfaction

113. What operations role is responsible for protecting the enterprise from corrupt or contaminated

media?

Information security practitioner

Information librarian

Computer operator

Network administrator

114. Which of the following is a characteristic of the initialization vector when using Data Encryption Standard (DES)?

It must be known to both sender and receiver.

It can be transmitted in the clear as a random number.

It must be retained until the last block is transmitted.

It can be used to encrypt and decrypt information.

115. In general, servers that are facing the Internet should be placed in a demilitarized zone (DMZ). What is MAIN purpose of the DMZ?

Reduced risk to internal systems.

Prepare the server for potential attacks.

Mitigate the risk associated with the exposed server.

Bypass the need for a firewall.

116. Network-based logging has which advantage over host-based logging when reviewing malicious activity about a victim machine?

Addresses and protocols of network-based logs are analyzed.

Host-based system logging has files stored in multiple locations.

Properly handled network-based logs may be more reliable and valid.

Network-based systems cannot capture users logging into the console.

117. Which of the following is the PRIMARY reason for employing physical security personnel at entry points in facilities where card access is in operation?

To verify that only employees have access to the facility.

To identify present hazards requiring remediation.

To monitor staff movement throughout the facility.

To provide a safe environment for employees.

118. Between which pair of Open System Interconnection (OSI) Reference Model layers are routers used

as a communications device?

Transport and Session

Data-Link and Transport

Network and Session

Physical and Data-Link

119. Which type of security testing is being performed when an ethical hacker has no knowledge about the target system but the testing target is notified before the test?

Reversal

Gray box

Blind

White box

120. Which of the following countermeasures is the MOST effective in defending against a social engineering attack?

Mandating security policy acceptance

Changing individual behavior

Evaluating security awareness training

Filtering malicious e-mail content

121. Which of the following information MUST be provided for user account provisioning?

Full name

Unique identifier

Security question

Date of birth

122. Which of the following adds end-to-end security inside a Layer 2 Tunneling Protocol (L2TP) Internet Protocol Security (IPSec) connection?

Temporal Key Integrity Protocol (TKIP)

Secure Hash Algorithm (SHA)

Secure Shell (SSH)

Transport Layer Security (TLS)

123. A company has decided that they need to begin maintaining assets deployed in the enterprise. What approach should be followed to determine and maintain ownership information to bring the company into compliance?

Enterprise asset management framework

Asset baseline using commercial off the shelf software

Asset ownership database using domain login records

A script to report active user logins on assets

124. In the Software Development Life Cycle (SDLC), maintaining accurate hardware and software inventories is a critical part of

systems integration.

risk management.

quality assurance.

change management.

125. As a best practice, the Security Assessment Report (SAR) should include which of the following sections?

Data classification policy

Software and hardware inventory

Remediation recommendations

Names of participants

126. The application of a security patch to a product previously validate at Common Criteria (CC) Evaluation Assurance Level (EAL) 4 would

require an update of the Protection Profile (PP).

require recertification.

retain its current EAL rating.

reduce the product to EAL 3.

127. Which of the following media sanitization techniques is MOST likely to be effective for an organization using public cloud services?

Low-level formatting

Secure-grade overwrite erasure

Cryptographic erasure

Drive degaussing

128. What type of wireless network attack BEST describes an Electromagnetic Pulse (EMP) attack?

Radio Frequency (RF) attack

Denial of Service (DoS) attack

Data modification attack

Application-layer attack

129. Which of the following is a remote access protocol that uses a static authentication?

Point-to-Point Tunneling Protocol (PPTP)

Routing Information Protocol (RIP)

Password Authentication Protocol (PAP)

Challenge Handshake Authentication Protocol (CHAP)

130. Which of the following sets of controls should allow an investigation if an attack is not blocked by

preventive controls or detected by monitoring?

Logging and audit trail controls to enable forensic analysis

Security incident response lessons learned procedures

Security event alert triage done by analysts using a Security Information and Event Management (SIEM) system

Transactional controls focused on fraud prevention

131. Determining outage costs caused by a disaster can BEST be measured by the

cost of redundant systems and backups.

cost to recover from an outage.

overall long-term impact of the outage.

revenue lost during the outage.

132. Which of the following is considered a secure coding practice?

Use concurrent access for shared variables and resources

Use checksums to verify the integrity of libraries

Use new code for common tasks

Use dynamic execution functions to pass user supplied data

133. As part of the security assessment plan, the security professional has been asked to use a negative testing strategy on a new website. Which of the following actions would be performed?

Use a web scanner to scan for vulnerabilities within the website.

Perform a code review to ensure that the database references are properly addressed.

Establish a secure connection to the web server to validate that only the approved ports are open.

Enter only numbers in the web form and verify that the website prompts the user to enter a valid input.

134. Who has the PRIMARY responsibility to ensure that security objectives are aligned with organization goals?

Senior management

Information security department

Audit committee

All users

135. Which of the following alarm systems is recommended to detect intrusions through windows in a high-noise, occupied environment?

Acoustic sensor

Motion sensor

Shock sensor

Photoelectric sensor

136. Which of the following is the MOST effective practice in managing user accounts when an employee is terminated?

Implement processes for automated removal of access for terminated employees.

Delete employee network and system IDs upon termination.

Manually remove terminated employee user-access to all systems and applications.

Disable terminated employee network ID to remove all access.

137. Which of the following is the MOST important part of an awareness and training plan to prepare employees for emergency situations?

Having emergency contacts established for the general employee population to get information

Conducting business continuity and disaster recovery training for those who have a direct role in the recovery

Designing business continuity and disaster recovery training programs for different audiences

Publishing a corporate business continuity and disaster recovery plan on the corporate website

138. What is the process of removing sensitive data from a system or storage device with the intent that the data cannot be reconstructed by any known technique?

Purging

Encryption

Destruction

Clearing

139. Which one of the following considerations has the LEAST impact when considering transmission security?

Network availability

Node locations

Network bandwidth

Data integrity

140. The security accreditation task of the System Development Life Cycle (SDLC) process is completed at the end of which phase?

System acquisition and development

System operations and maintenance

System initiation

System implementation

141. Which of the following is the BEST reason for the use of security metrics?

They ensure that the organization meets its security objectives.

They provide an appropriate framework for Information Technology (IT) governance.

They speed up the process of quantitative risk assessment.

They quantify the effectiveness of security processes.

142. Which of the following is a benefit in implementing an enterprise Identity and Access Management (IAM) solution?

Password requirements are simplified.

Risk associated with orphan accounts is reduced.

Segregation of duties is automatically enforced.

Data confidentiality is increased.

143. A control to protect from a Denial-of-Service (DoS) attach has been determined to stop 50% of attacks, and additionally reduces the impact of an attack by 50%. What is the residual risk?

25%

100

144. Which of the following entails identification of data and links to business processes, applications, and data stores as well as assignment of ownership responsibilities?

Security governance

Risk management

Security portfolio management

Risk assessment

145. Which of the following mandates the amount and complexity of security controls applied to a security risk?

Security vulnerabilities

Risk tolerance

Risk mitigation

Security staff

146. When determining who can accept the risk associated with a vulnerability, which of the following is MOST important?

Countermeasure effectiveness

Type of potential loss

Incident likelihood

Information ownership

147. A security professional determines that a number of outsourcing contracts inherited from a previous merger do not adhere to the current security requirements. Which of the following BEST minimizes

the risk of this happening again?

Define additional security controls directly after the merger

Include a procurement officer in the merger team

Verify all contracts before a merger occurs

Assign a compliancy officer to review the merger conditions

148. Which of the following is a direct monetary cost of a security incident?

Morale

Reputation

Equipment

Information

149. Which of the following would MINIMIZE the ability of an attacker to exploit a buffer overflow?

Memory review

Code review

Message division

Buffer division

150. Which of the following mechanisms will BEST prevent a Cross-Site Request Forgery (CSRF) attack?

parameterized database queries

whitelist input values

synchronized session tokens

use strong ciphers

151. Which factors MUST be considered when classifying information and supporting assets for risk management, legal discovery, and compliance?

A. System owner roles and responsibilities, data handling standards, storage and secure development lifecycle requirements

Data stewardship roles, data handling and storage standards, data lifecycle requirements

Compliance office roles and responsibilities, classified material handling standards, storage system lifecycle requirements

System authorization roles and responsibilities, cloud computing standards, lifecycle requirements

152. When network management is outsourced to third parties, which of the following is the MOST effective method of protecting critical data assets?

Log all activities associated with sensitive systems

Provide links to security policies

Confirm that confidentially agreements are signed

Employ strong access controls

153. Which of the following is the MOST appropriate action when reusing media that contains sensitive data?

Erase

Sanitize

Encrypt

Degauss

154. An organization recently conducted a review of the security of its network applications. One of the

vulnerabilities found was that the session key used in encrypting sensitive information to a third party server had been hard-coded in the client and server applications. Which of the following would be MOST effective in mitigating this vulnerability?

Diffle-Hellman (DH) algorithm

Elliptic Curve Cryptography (ECC) algorithm

Digital Signature algorithm (DSA)

Rivest-Shamir-Adleman (RSA) algorithm

155. Which of the following methods of suppressing a fire is environmentally friendly and the MOST appropriate for a data center?

Inert gas fire suppression system

Halon gas fire suppression system

Dry-pipe sprinklers

Wet-pipe sprinklers

156. Unused space in a disk cluster is important in media analysis because it may contain which of the following?

Residual data that has not been overwritten

Hidden viruses and Trojan horses

Information about the File Allocation table (FAT)

Information about patches and upgrades to the system

157. A company seizes a mobile device suspected of being used in committing fraud. What would be the BEST method used by a forensic examiner to isolate the powered-on device from the network and preserve the evidence?

Put the device in airplane mode

Suspend the account with the telecommunication provider

Remove the SIM card

Turn the device off

158. Which of the following is MOST appropriate for protecting confidentially of data stored on a hard drive?

Triple Data Encryption Standard (3DES)

Advanced Encryption Standard (AES)

Message Digest 5 (MD5)

Secure Hash Algorithm 2(SHA-2)

159. Which of the following is the MOST effective method to mitigate Cross-Site Scripting (XSS) attacks?

Use Software as a Service (SaaS)

Whitelist input validation

Require client certificates

Validate data output

160. What is the MOST significant benefit of an application upgrade that replaces randomly generated session keys with certificate based encryption for communications with backend servers?

Non-repudiation

Efficiency

Confidentially

Privacy

161. A user has infected a computer with malware by connecting a Universal Serial Bus (USB) storage device.

Which of the following is MOST effective to mitigate future infections?

Develop a written organizational policy prohibiting unauthorized USB devices

Train users on the dangers of transferring data in USB devices

Implement centralized technical control of USB port connections

Encrypt removable USB devices containing data at rest

162. Which of the following MUST be in place to recognize a system attack?

Stateful firewall

Distributed antivirus

Log analysis

Passive honeypot

163. Which of the following is the GREATEST benefit of implementing a Role Based Access Control (RBAC) system?

Integration using Lightweight Directory Access Protocol (LDAP)

Form-based user registration process

Integration with the organizations Human Resources (HR) system

A considerably simpler provisioning process

164. Which Identity and Access Management (IAM) process can be used to maintain the principle of least privilege?

identity provisioning

access recovery

multi-factor authentication (MFA)

user access review

Download full version

CISPP Exam Dumps, CISSP Braindumps, CISSP Dumps 2022, CISSP Exam Questions, CISSP Free Practice Exam, CISSP PDF Dumps, CISSP Practice Exam Questions, Free CISSP Dumps

Related Exams

Are Splunk certifications worth it?

Splunk is a popular software platform used for searching, analyzing, and visualizing machine-generated data. It’s commonly used in fields such as IT, security, and finance to help organizations make data-driven decisions. One way to increase

Latest Microsoft MS-700 Exam Dumps with Free Managing Microsoft Teams Exam preparation questions

Modern Desktop Certification Exam Dumps

About The Author

Certspilot

Certspilot is a platform where you can get to access to free Practice test questions for all IT certification like Microsoft, AWS, CompTIA, Salesforce, Cisco, CISSP and others certifications exam, you can download Updated and Valid Exam Dumps in PDF format and prepare yourself for certification exam in very short time. If you have any other question or need assistance regarding to your certification exam, click on Live Chat Icon and get in touch with our customer support agent, we are available 24/7 for customer support or send email at
[email protected].

Free Cissp Practice Exam Questions 2022 Updated with Valid CISSP PDF Dumps Download

Practice on Below free Practice CISSP Dumps, Our Dumps are Updated according to 2022 CISSP Exam Material/

Download full version

Related Exams

Are Splunk certifications worth it?

Latest Microsoft MS-700 Exam Dumps with Free Managing Microsoft Teams Exam preparation questions

Modern Desktop Certification Exam Dumps

About The Author

Certspilot

Leave a Comment Cancel reply