Highest Quality ISC2 CISSP Exam Engine Online

NEW QUESTION 1

Which of the following minimizes damage to information technology (IT) equipment stored in a data center when a false fire alarm event occurs?

• A. A pre-action system is installed.
• B. An open system is installed.
• C. A dry system is installed.
• D. A wet system is installed.

Answer: C

NEW QUESTION 2

After a thorough analysis, it was discovered that a perpetrator compromised a network by gaining access to the network through a Secure Socket Layer (SSL) Virtual Private Network (VPN) gateway. The perpetrator guessed a username and brute forced the password to gain access. Which of the following BEST mitigates this issue?

• A. Implement strong passwords authentication for VPN
• B. Integrate the VPN with centralized credential stores
• C. Implement an Internet Protocol Security (IPSec) client
• D. Use two-factor authentication mechanisms

Answer: D

NEW QUESTION 3

Which of the following can be used to calculate the loss event probability?

• A. Total number of possible outcomes divided by frequency of outcomes
• B. Number of outcomes divided by total number of possible outcomes
• C. Number of outcomes multiplied by total number of possible outcomes
• D. Total number of possible outcomes multiplied by frequency of outcomes

Answer: B

NEW QUESTION 4

A disadvantage of an application filtering firewall is that it can lead to

• A. a crash of the network as a result of user activities.
• B. performance degradation due to the rules applied.
• C. loss of packets on the network due to insufficient bandwidth.
• D. Internet Protocol (IP) spoofing by hackers.

Answer: B

NEW QUESTION 5

Which of the following are the three MAIN categories of security controls?

• A. Administrative, technical, physical
• B. Corrective, detective, recovery
• C. Confidentiality, integrity, availability
• D. Preventative, corrective, detective

Answer: A

NEW QUESTION 6

What is the MOST critical factor to achieve the goals of a security program?

• A. Capabilities of security resources
• B. Executive management support
• C. Effectiveness of security management
• D. Budget approved for security resources

Answer: B

NEW QUESTION 7

Which of the following is an essential step before performing Structured Query Language (SQL) penetration tests on a production system?

• A. Verify countermeasures have been deactivated.
• B. Ensure firewall logging has been activated.
• C. Validate target systems have been backed up.
• D. Confirm warm site is ready to accept connections.

Answer: C

NEW QUESTION 8

In a quarterly system access review, an active privileged account was discovered that did not exist in the prior review on the production system. The account was created one hour after the previous access review. Which of the following is the BEST option to reduce overall risk in addition to quarterly access reviews?

• A. Increase logging levels.
• B. Implement bi-annual reviews.
• C. Create policies for system access.
• D. Implement and review risk-based alerts.

Answer: D

NEW QUESTION 9

Which application type is considered high risk and provides a common way for malware and viruses to enter a network?

• A. Instant messaging or chat applications
• B. E-mail applications
• C. Peer-to-Peer (P2P) file sharing applications
• D. End-to-end applications

Answer: A

NEW QUESTION 10

Which of the following is a MAJOR consideration in implementing a Voice over IP (VoIP) network?

• A. Use of a unified messaging.
• B. Use of separation for the voice network.
• C. Use of Network Access Control (NAC) on switches.
• D. Use of Request for Comments (RFC) 1918 addressing.

Answer: A

NEW QUESTION 11

A security manager has noticed an inconsistent application of server security controls resulting in vulnerabilities on critical systems. What is the MOST likely cause of this issue?

• A. A lack of baseline standards
• B. Improper documentation of security guidelines
• C. A poorly designed security policy communication program
• D. Host-based Intrusion Prevention System (HIPS) policies are ineffective

Answer: A

NEW QUESTION 12

Which of the following BEST describes the purpose of the security functional requirements of Common Criteria?

• A. Level of assurance of the Target of Evaluation (TOE) in intended operational environment
• B. Selection to meet the security objectives stated in test documents
• C. Security behavior expected of a TOE
• D. Definition of the roles and responsibilities

Answer: C

NEW QUESTION 13

Which of the following is the BEST network defense against unknown types of attacks or stealth attacks in progress?

• A. Intrusion Prevention Systems (IPS)
• B. Intrusion Detection Systems (IDS)
• C. Stateful firewalls
• D. Network Behavior Analysis (NBA) tools

Answer: D

NEW QUESTION 14

Which of the following is the name of an individual or group that is impacted by a change?

• A. Change agent
• B. Stakeholder
• C. Sponsor
• D. End User

Answer: B

NEW QUESTION 15

An information security professional is reviewing user access controls on a customer-facing application. The application must have multi-factor authentication (MFA) in place. The application currently requires a username and password to login. Which of the following options would BEST implement MFA?

• A. Geolocate the user and compare to previous logins
• B. Require a pre-selected number as part of the login
• C. Have the user answer a secret question that is known to them
• D. Enter an automatically generated number from a hardware token

Answer: C

NEW QUESTION 16
......