Download Certified Information Systems Security Professional.PremDumps.CISSP.2019-03-29.1e.101q.vcex

Download Exam

File Info

Exam Certified Information Systems Security Professional
Number CISSP
File Name Certified Information Systems Security Professional.PremDumps.CISSP.2019-03-29.1e.101q.vcex
Size 115 Kb
Posted March 29, 2019
Downloads 155

How to open VCEX & EXAM Files?

Files with VCEX & EXAM extensions can be opened by ProfExam Simulator.

Coupon: EXAM_HUB

Discount: 20%


Demo Questions

Question 1
When assessing an organization’s security policy according to standards established by the International Organization for Standardization (ISO) 27001 and 27002, when can management responsibilities be defined?

  • A: Only when assets are clearly defined
  • B: Only when standards are defined
  • C: Only when controls are put in place
  • D: Only procedures are defined

Question 2
Which of the following types of technologies would be the MOST cost-effective method to provide a reactive control for protecting personnel in public areas?

  • A: Install mantraps at the building entrances
  • B: Enclose the personnel entry area with polycarbonate plastic
  • C: Supply a duress alarm for personnel exposed to the public
  • D: Hire a guard to protect the public area

Question 3
Intellectual property rights are PRIMARY concerned with which of the following?

  • A: Owner’s ability to realize financial gain
  • B: Owner’s ability to maintain copyright
  • C: Right of the owner to enjoy their creation
  • D: Right of the owner to control delivery method

Question 4
Which of the following mobile code security models relies only on trust?

  • A: Code signing
  • B: Class authentication
  • C: Sandboxing
  • D: Type safety

Question 5
Which technique can be used to make an encryption scheme more resistant to a known plaintext attack?

  • A: Hashing the data before encryption
  • B: Hashing the data after encryption
  • C: Compressing the data after encryption
  • D: Compressing the data before encryption

Question 6
What is the second phase of Public Key Infrastructure (PKI) key/certificate life-cycle management?

  • A: Implementation Phase
  • B: Initialization Phase
  • C: Cancellation Phase
  • D: Issued Phase

Question 7
Which component of the Security Content Automation Protocol (SCAP) specification contains the data required to estimate the severity of vulnerabilities identified automated vulnerability assessments?

  • A: Common Vulnerabilities and Exposures (CVE)
  • B: Common Vulnerability Scoring System (CVSS)
  • C: Asset Reporting Format (ARF)
  • D: Open Vulnerability and Assessment Language (OVAL)

Question 8
What is the purpose of an Internet Protocol (IP) spoofing attack?

  • A: To send excessive amounts of data to a process, making it unpredictable
  • B: To intercept network traffic without authorization
  • C: To disguise the destination address from a target’s IP filtering devices
  • D: To convince a system that it is communicating with a known entity

Question 9
At what level of the Open System Interconnection (OSI) model is data at rest on a Storage Area Network (SAN) located?

  • A: Link layer
  • B: Physical layer
  • C: Session layer
  • D: Application layer

Question 10
In a Transmission Control Protocol/Internet Protocol (TCP/IP) stack, which layer is responsible for negotiating and establishing a connection with another node?

  • A: Transport layer
  • B: Application layer
  • C: Network layer
  • D: Session layer



You can buy ProfExam with a 20% discount..

Get Now!


Use ProfExam Simulator to open VCEX and EXAM files
ProfExam Screen


Use VCE Exam Simulator to open VCE files