CISSP7

0

CISSP7

1 / 40

Which of the following value comparisons MOST accurately reflects the agile development approach?

2 / 40

What is the HIGHEST priority in agile development?

3 / 40

Which of the following is the BEST technique to facilitate secure software development?

4 / 40

What is the BEST method if an investigator wishes to analyze a hard drive which may be used as evidence?

5 / 40

According to the Capability Maturity Model Integration (CMMI), which of the following levels is identified by a managed process that is tailored from the organization's set of standard processes according to the organization's tailoring guidelines?

6 / 40

Which of the following factors is a PRIMARY reason to drive changes in an Information Security Continuous Monitoring (ISCM) strategy?

7 / 40

What is the BEST way to correlate large volumes of disparate data sources in a Security Operations Center (SOC) environment?

8 / 40

A security professional has been requested by the Board of Directors and Chief Information Security Officer (CISO) to perform an internal and external penetration test. What is the BEST course of action?

9 / 40

Which of the following is a characteristic of covert security testing?

10 / 40

Which of the following is a characteristic of the independent testing of a program?

11 / 40

What is the PRIMARY objective for conducting an internal security audit?

12 / 40

What requirement MUST be met during internal security audits to ensure that all information provided is expressed as an objective assessment without risk of retaliation?

13 / 40

Which of the following activities is MOST likely to be performed during a vulnerability assessment?

14 / 40

Which of the following explains why classifying data is an important step in performing a risk assessment?

15 / 40

In Identity Management (IdM), when is the verification stage performed?

16 / 40

Which of the following BEST describes the standard used to exchange authorization information between different identity management systems?

17 / 40

Which of the following is the MOST effective countermeasure against Man-in-the-Middle (MITM) attacks while using online banking?

18 / 40

An Intrusion Detection System (IDS) is based on the general hypothesis that a security violation is associated with a pattern of system usage, which can be

19 / 40

Why are packet filtering routers used in low-risk environments?

20 / 40

Which of the following is a standard Access Control List (ACL) element that enables a router to filter Internet traffic?

21 / 40

A system with Internet Protocol (IP) address 10.102.10.2 has a physical address of 00:00:08:00:12:13:14:2f. The following static entry is added to its Address Resolution Protocol (ARP) table: 10.102.10.6: 00:00:08:00:12:13:14:2f.
What form of attack could this represent?

22 / 40

Which of the following BEST describes the objectives of the Business Impact Analysis (BIA)?

23 / 40

Which of the following is the PRIMARY issue when analyzing detailed log information?

24 / 40

Which of the following is a Key Performance Indicator (KPI) for a security training and awareness program?

25 / 40

Which of the following provides the GREATEST level of data security for a Virtual Private Network (VPN) connection?

26 / 40

Which of the following models uses unique groups contained in unique conflict classes?

27 / 40

Which of the following is a security weakness in the evaluation of Common Criteria (CC) products?

28 / 40

Which of the following access control models is MOST restrictive?

29 / 40

In a large company, a system administrator needs to assign users access to files using Role Based Access Control (RBAC). Which option is an example of RBAC?

30 / 40

What does the result of Cost-Benefit Analysis (CBA) on new security initiatives provide?

31 / 40

Which of the following is the BEST way to mitigate circumvention of access controls?

32 / 40

How is it possible to extract private keys securely stored on a cryptographic smartcard?

33 / 40

Which of the following is the MOST secure password technique?

34 / 40

Which of the following is the BEST defense against password guessing?

35 / 40

An organization has a short-term agreement with a public Cloud Service Provider (CSP). Which of the following BEST protects sensitive data once the agreement expires and the assets are reused?

36 / 40

A security professional is assessing the risk in an application and does not take into account any mitigating or compensating controls. This type of risk rating is an example of which of the following?

37 / 40

What is the MAIN objective of risk analysis in Disaster Recovery (DR) planning?

38 / 40

What is the MAIN reason to ensure the appropriate retention periods are enforced for data stored on electronic media?

39 / 40

When defining a set of security controls to mitigate a risk, which of the following actions MUST occur?

40 / 40

What is the PRIMARY purpose for an organization to conduct a security audit?

We will be happy to hear your thoughts

Leave a reply

tunceli.org
Logo
Enable registration in settings - general
Compare items
  • Total (0)
Compare
0
Shopping cart