Download Certified Information Systems Security Professional.CISSP.ActualTests.2018-10-12.97q.vcex

Vendor: ISC2
Exam Code: CISSP
Exam Name: Certified Information Systems Security Professional
Date: Oct 12, 2018
File Size: 66 KB
Download Exam

How to open VCEX files?

Files with VCEX extension can be opened by ProfExam Simulator.

Download
ProfExam Simulator

Purchase
Coupon: EXAM_HUB

Discount: 20%

ProfExam Simulator ProfExam Simulator ProfExam Simulator ProfExam Simulator ProfExam Simulator

Demo Questions

Question 1
When assessing an organization’s security policy according to standards established by the International Organization for Standardization (ISO) 27001 and 27002, when can management responsibilities be defined?
  1. Only when assets are clearly defined
  2. Only when standards are defined
  3. Only when controls are put in place
  4. Only procedures are defined
Correct answer: A
Question 2
Which of the following types of technologies would be the MOST cost-effective method to provide a reactive control for protecting personnel in public areas?
  1. Install mantraps at the building entrances
  2. Enclose the personnel entry area with polycarbonate plastic
  3. Supply a duress alarm for personnel exposed to the public
  4. Hire a guard to protect the public area
Correct answer: D
Question 3
An important principle of defense in depth is that achieving information security requires a balanced focus on which PRIMARY elements?
  1. Development, testing, and deployment
  2. Prevention, detection, and remediation
  3. People, technology, and operations
  4. Certification, accreditation, and monitoring
Correct answer: C
Explanation:
Reference: https://www.giac.org/paper/gsec/3873/information-warfare-cyber-warfare-future-warfare/106165 (14)
Reference: https://www.giac.org/paper/gsec/3873/information-warfare-cyber-warfare-future-warfare/106165 (14)
Question 4
Intellectual property rights are PRIMARY concerned with which of the following?
  1. Owner’s ability to realize financial gain
  2. Owner’s ability to maintain copyright
  3. Right of the owner to enjoy their creation
  4. Right of the owner to control delivery method
Correct answer: D
Question 5
Which of the following is MOST important when assigning ownership of an asset to a department?
  1. The department should report to the business owner
  2. Ownership of the asset should be periodically reviewed
  3. Individual accountability should be ensured
  4. All members should be trained on their responsibilities
Correct answer: B
Question 6
Which one of the following affects the classification of data?
  1. Assigned security label
  2. Multilevel Security (MLS) architecture
  3. Minimum query size
  4. Passage of time
Correct answer: D
Question 7
Which of the following BEST describes the responsibilities of a data owner?
  1. Ensuring quality and validation through periodic audits for ongoing data integrity
  2. Maintaining fundamental data availability, including data storage and archiving
  3. Ensuring accessibility to appropriate users, maintaining appropriate levels of data security
  4. Determining the impact the information has on the mission of the organization
Correct answer: C
Explanation:
Reference: http://resources.infosecinstitute.com/category/certifications-training/cissp/domains/asset-security/data-and-system-ownership/#gref
Reference: http://resources.infosecinstitute.com/category/certifications-training/cissp/domains/asset-security/data-and-system-ownership/#gref
Question 8
An organization has doubled in size due to a rapid market share increase. The size of the Information Technology (IT) staff has maintained pace with this growth. The organization hires several contractors whose onsite time is limited. The IT department has pushed its limits building servers and rolling out workstations and has a backlog of account management requests. 
Which contract is BEST in offloading the task from the IT staff?
  1. Platform as a Service (PaaS)
  2. Identity as a Service (IDaaS)
  3. Desktop as a Service (DaaS)
  4. Software as a Service (SaaS)
Correct answer: B
Question 9
When implementing a data classification program, why is it important to avoid too much granularity?
  1. The process will require too many resources
  2. It will be difficult to apply to both hardware and software
  3. It will be difficult to assign ownership to the data
  4. The process will be perceived as having value
Correct answer: A
Explanation:
Reference: http://www.ittoday.info/AIMS/DSM/82-02-55.pdf
Reference: http://www.ittoday.info/AIMS/DSM/82-02-55.pdf
Question 10
Which technique can be used to make an encryption scheme more resistant to a known plaintext attack?
  1. Hashing the data before encryption
  2. Hashing the data after encryption
  3. Compressing the data after encryption
  4. Compressing the data before encryption
Correct answer: A
CONNECT US
HOW TO OPEN VCE FILES

Use VCE Exam Simulator to open VCE files
Avanaset

HOW TO OPEN VCEX AND EXAM FILES

Use ProfExam Simulator to open VCEX and EXAM files
ProfExam Screen

ProfExam
ProfExam at a 20% markdown

You have the opportunity to purchase ProfExam at a 20% reduced price

Get Now!