Proper study guides for Most up-to-date ISC2 Certified Information Systems Security Professional (CISSP) certified begins with ISC2 CISSP preparation products which designed to deliver the Printable CISSP questions by making you pass the CISSP test at your first time. Try the free CISSP demo right now.
♥♥ 2021 NEW RECOMMEND ♥♥
Free VCE & PDF File for ISC2 CISSP Real Exam (Full Version!)
★ Pass on Your First TRY ★ 100% Money Back Guarantee ★ Realistic Practice Exam Questions
Free Instant Download NEW CISSP Exam Dumps (PDF & VCE):
Available on:
http://www.surepassexam.com/CISSP-exam-dumps.html
2021 Apr CISSP free practice exam
Q101. Disaster Recovery Plan (DRP) training material should be
A. consistent so that all audiences receive the same training.
B. stored in a fire proof safe to ensure availability when needed.
C. only delivered in paper format.
D. presented in a professional looking manner.
Answer: A
Q102. Refer.to the information below to answer the question.
A new employee is given a laptop computer with full administrator access. This employee does not have a personal computer at home and has a child that uses the computer to send and receive e-mail, search the web, and use instant messaging. The organization’s Information Technology (IT) department discovers that a peer-to-peer program has been installed on the computer using the employee's access.
Which of the following solutions would have MOST likely detected the use of peer-to-peer programs when the computer was connected to the office network?
A. Anti-virus software
B. Intrusion Prevention System (IPS)
C. Anti-spyware software
D. Integrity checking software
Answer: B
Q103. Which of the following statements is TRUE regarding state-based analysis as a functional software testing technique?
A. It is useful for testing communications protocols and graphical user interfaces.
B. It is characterized by the stateless behavior of a process implemented in a function.
C. Test inputs are obtained from the derived boundaries of the given functional specifications.
D. An entire partition can be covered by considering only one representative value from that partition.
Answer: A
Q104. Which of the following is a network intrusion detection technique?
A. Statistical anomaly
B. Perimeter intrusion
C. Port scanning
D. Network spoofing
Answer: A
Q105. When constructing.an.Information Protection.Policy.(IPP), it is important that the stated rules are necessary, adequate, and
A. flexible.
B. confidential.
C. focused.
D. achievable.
Answer: D
Improve CISSP actual exam:
Q106. When transmitting information over public networks, the decision to encrypt it should be based on
A. the estimated monetary value of the information.
B. whether there are transient nodes relaying the transmission.
C. the level of confidentiality of the information.
D. the volume of the information.
Answer: C
Q107. Who is ultimately responsible to ensure that information assets are categorized and adequate measures are taken to protect them?
A. Data Custodian
B. Executive Management
C. Chief Information Security Officer
D. Data/Information/Business Owners
Answer: B
Q108. Logical access control programs are MOST effective when they are
A. approved by external auditors.
B. combined with security token technology.
C. maintained by computer security officers.
D. made part of the operating system.
Answer: D
Q109. Which item below is a federated identity standard?
A. 802.11i
B. Kerberos
C. Lightweight Directory Access Protocol (LDAP)
D. Security Assertion Markup Language (SAML)
Answer: D
Q110. Why MUST a Kerberos server be well protected from unauthorized access?
A. It contains the keys of all clients.
B. It always operates at root privilege.
C. It contains all the tickets for services.
D. It contains the Internet Protocol (IP) address of all network entities.
Answer: A
