CISSP Certified Information Systems Security Professionals Questions + Answers Part 3

Business, Finance, Economics, Accounting, Operations Management, Computer Science, Electrical Engineering, Mechanical Engineering, Civil Engineering, Chemical Engineering, Algebra, Precalculus, Statistics and Probabilty, Advanced Math, Physics, Chemistry, Biology, Nursing, Psychology, Certifications, Tests, Prep, and more.
Post Reply
answerhappygod
Site Admin
Posts: 899603
Joined: Mon Aug 02, 2021 8:13 am

CISSP Certified Information Systems Security Professionals Questions + Answers Part 3

Post by answerhappygod »

QUESTION 58
The MAIN use of Layer 2 Tunneling Protocol (L2TP) is to tunnel data
A. through a firewall at the Session layer
B. through a firewall at the Transport layer
C. in the Point-to-Point Protocol (PPP)
D. in the Payload Compression Protocol (PCP)
Correct Answer: C
Section: Communication and Network Security Explanation

QUESTION 59
What protocol is often used between gateway hosts on the Internet?
A. Exterior Gateway Protocol (EGP)
B. Border Gateway Protocol (BGP)
C. Open Shortest Path First (OSPF)
D. Internet Control Message Protocol (ICMP)
Correct Answer: B
Section: Communication and Network Security



Explanation
QUESTION 60
From a security perspective, which of the following is a best practice to configure a Domain Name Service (DNS) system?
A. Disable all recursive queries on the name servers
B. Limit zone transfers to authorized devices
C. Configure secondary servers to use the primary server as a zone forwarder D. Block all Transmission Control Protocol (TCP) connections
Correct Answer: B
Section: Communication and Network Security Explanation

QUESTION 61
“Stateful” differs from “Static” packet filtering firewalls by being aware of which of the following?
A. Difference between a new and an established connection
B. Originating network location
C. Difference between a malicious and a benign packet payload D. Originating application session
Correct Answer: A
Section: Communication and Network Security Explanation

QUESTION 62
Access to which of the following is required to validate web session management? A. Log timestamp



B. Live session traffic
C. Session state variables D. Test scripts
Correct Answer: C
Section: Communication and Network Security Explanation

QUESTION 63
Which of the following would an attacker BEST be able to accomplish through the use of Remote Access Tools (RAT)?
A. Reduce the probability of identification B. Detect further compromise of the target C. Destabilize the operation of the host
D. Maintain and expand control
Correct Answer: D
Section: Communication and Network Security Explanation

QUESTION 64
Digital certificates used in Transport Layer Security (TLS) support which of the following?
A. Information input validation
B. Non-repudiation controls and data encryption C. Multi-Factor Authentication (MFA)
D. Server identity and data confidentially
Correct Answer: D
Section: Communication and Network Security Explanation




QUESTION 65
A manufacturing organization wants to establish a Federated Identity Management (FIM) system with its 20 different supplier companies. Which of the following is the BEST solution for the manufacturing organization?
A. Trusted third-party certification
B. Lightweight Directory Access Protocol (LDAP) C. Security Assertion Markup language (SAML) D. Cross-certification
Correct Answer: C
Section: Identity and Access Management (IAM) Explanation

Reference: https://www.netiq.com/documentation/acc ... a6lkd.html
QUESTION 66
Users require access rights that allow them to view the average salary of groups of employees. Which control would prevent the users from obtaining an individual employee’s salary?
A. Limit access to predefined queries
B. Segregate the database into a small number of partitions each with a separate security level C. Implement Role Based Access Control (RBAC)
D. Reduce the number of people who have access to the system for statistical purposes
Correct Answer: C
Section: Identity and Access Management (IAM) Explanation

QUESTION 67
What is the second step in the identity and access provisioning lifecycle?
A. Provisioning B. Review



C. Approval D. Revocation
Correct Answer: B
Section: Identity and Access Management (IAM) Explanation

QUESTION 68
Which of the following MUST be scalable to address security concerns raised by the integration of third-party identity services?
A. Mandatory Access Controls (MAC) B. Enterprise security architecture
C. Enterprise security procedures
D. Role Based Access Controls (RBAC)
Correct Answer: D
Section: Identity and Access Management (IAM) Explanation

QUESTION 69
Which of the following is of GREATEST assistance to auditors when reviewing system configurations?
A. Change management processes B. User administration procedures C. Operating System (OS) baselines D. System backup documentation
Correct Answer: A
Section: Security Assessment and Testing Explanation




QUESTION 70
In which of the following programs is it MOST important to include the collection of security process data?
A. Quarterly access reviews
B. Security continuous monitoring C. Business continuity testing
D. Annual security training
Correct Answer: B
Section: Security Assessment and Testing Explanation

QUESTION 71
A Virtual Machine (VM) environment has five guest Operating Systems (OS) and provides strong isolation. What MUST an administrator review to audit a user’s access to data files?
A. Host VM monitor audit logs B. Guest OS access controls C. Host VM access controls D. Guest OS audit logs
Correct Answer: B
Section: Security Assessment and Testing Explanation

QUESTION 72
Which of the following is a PRIMARY benefit of using a formalized security testing report format and structure?
A. Executive audiences will understand the outcomes of testing and most appropriate next steps for corrective actions to be taken
B. Technical teams will understand the testing objectives, testing strategies applied, and business risk associated with each vulnerability C. Management teams will understand the testing objectives and reputational risk to the organization
D. Technical and management teams will better understand the testing objectives, results of each test phase, and potential impact levels



Correct Answer: D
Section: Security Assessment and Testing Explanation

QUESTION 73
Which of the following could cause a Denial of Service (DoS) against an authentication system?
A. Encryption of audit logs B. No archiving of audit logs C. Hashing of audit logs
D. Remote access audit logs
Correct Answer: B
Section: Security Assessment and Testing Explanation

QUESTION 74
When designing a vulnerability test, which one of the following is likely to give the BEST indication of what components currently operate on the network?
A. Ping testing
B. Mapping tools
C. Asset register
D. Topology diagrams
Correct Answer: B
Section: Security Assessment and Testing Explanation

QUESTION 75
Which of the following would BEST support effective testing of patch compatibility when patches are applied to an organization’s systems?



A. Standardized configurations for devices B. Standardized patch testing equipment C. Automated system patching
D. Management support for patching
Correct Answer: A
Section: Security Assessment and Testing Explanation

QUESTION 76
An international medical organization with headquarters in the United States (US) and branches in France wants to test a drug in both countries. What is the organization allowed to do with the test subject’s data?
A. Aggregate it into one database in the US
B. Process it in the US, but store the information in France C. Share it with a third party
D. Anonymize it and process it in the US
Correct Answer: D
Section: Security Assessment and Testing Explanation

QUESTION 77
As part of an application penetration testing process, session hijacking can BEST be achieved by which of the following?
A. Known-plaintext attack
B. Denial of Service (DoS)
C. Cookie manipulation
D. Structured Query Language (SQL) injection
Correct Answer: C
Section: Security Assessment and Testing



Explanation
QUESTION 78
Assessing a third party’s risk by counting bugs in the code may not be the best measure of an attack surface within the supply chain. Which of the following is LEAST associated with the attack surface?
A. Input protocols B. Target processes C. Error messages D. Access rights
Correct Answer: C
Section: Security Assessment and Testing Explanation

QUESTION 79
What are the steps of a risk assessment?
A. identification, analysis, evaluation
B. analysis, evaluation, mitigation
C. classification, identification, risk management D. identification, evaluation, mitigation
Correct Answer: A
Section: Security Assessment and Testing Explanation

QUESTION 80
After following the processes defined within the change management plan, a super user has upgraded a device within an Information system. What step would be taken to ensure that the upgrade did NOT affect the network security posture?



A. Conduct an Assessment and Authorization (A&A)
B. Conduct a security impact analysis
C. Review the results of the most recent vulnerability scan D. Conduct a gap analysis with the baseline configuration
Correct Answer: B
Section: Security Assessment and Testing Explanation

QUESTION 81
A vulnerability assessment report has been submitted to a client. The client indicates that one third of the hosts that were in scope are missing from the report. In which phase of the assessment was this error MOST likely made?
A. Enumeration B. Reporting
C. Detection
D. Discovery
Correct Answer: C
Section: Security Assessment and Testing Explanation

QUESTION 82
Which of the following is a responsibility of the information owner?
A. Ensure that users and personnel complete the required security training to access the Information System (IS) B. Defining proper access to the Information System (IS), including privileges or access rights
C. Managing identification, implementation, and assessment of common security controls
D. Ensuring the Information System (IS) is operated according to agreed upon security requirements
Correct Answer: C
Section: Security Assessment and Testing Explanation




QUESTION 83
An organization is found lacking the ability to properly establish performance indicators for its Web hosting solution during an audit. What would be the MOST probable cause?
A. Absence of a Business Intelligence (BI) solution
B. Inadequate cost modeling
C. Improper deployment of the Service-Oriented Architecture (SOA) D. Insufficient Service Level Agreement (SLA)
Correct Answer: D
Section: Security Operations Explanation

QUESTION 84
Which of the following types of business continuity tests includes assessment of resilience to internal and external risks without endangering live operations?
A. Walkthrough B. Simulation C. Parallel
D. White box
Correct Answer: C
Section: Security Operations Explanation

QUESTION 85
What is the PRIMARY reason for implementing change management?
A. Certify and approve releases to the environment B. Provide version rollbacks for system changes



C. Ensure that all applications are approved
D. Ensure accountability for changes to the environment
Correct Answer: D
Section: Security Operations Explanation

QUESTION 86
Which of the following is a PRIMARY advantage of using a third-party identity service?
A. Consolidation of multiple providers B. Directory synchronization
C. Web based logon
D. Automated account management
Correct Answer: D
Section: Security Operations Explanation

QUESTION 87
With what frequency should monitoring of a control occur when implementing Information Security Continuous Monitoring (ISCM) solutions?
A. Continuously without exception for all security controls
B. Before and after each change of the control
C. At a rate concurrent with the volatility of the security control D. Only during system implementation and decommissioning
Correct Answer: B
Section: Security Operations Explanation




QUESTION 88
A Business Continuity Plan/Disaster Recovery Plan (BCP/DRP) will provide which of the following?
A. Guaranteed recovery of all business functions
B. Minimization of the need decision making during a crisis C. Insurance against litigation following a disaster
D. Protection from loss of organization resources
Correct Answer: D
Section: Security Operations Explanation

QUESTION 89
When is a Business Continuity Plan (BCP) considered to be valid?
A. When it has been validated by the Business Continuity (BC) manager B. When it has been validated by the board of directors
C. When it has been validated by all threat scenarios
D. When it has been validated by realistic exercises
Correct Answer: D
Section: Security Operations Explanation

Reference: http://www.manchester.gov.uk/info/20003 ... planning/5 QUESTION 90
Recovery strategies of a Disaster Recovery planning (DRIP) MUST be aligned with which of the following?
A. Hardware and software compatibility issues B. Applications’ critically and downtime tolerance C. Budget constraints and requirements
D. Cost/benefit analysis and business objectives



Correct Answer: D
Section: Security Operations Explanation

Reference: http://www.pearsonitcertification.com/a ... 0&seqNum=3
QUESTION 91
What would be the MOST cost effective solution for a Disaster Recovery (DR) site given that the organization’s systems cannot be unavailable for more than 24 hours?
A. Warm site B. Hot site C. Mirror site D. Cold site
Correct Answer: A
Section: Security Operations Explanation

QUESTION 92
Who is accountable for the information within an Information System (IS)?
A. Security manager B. System owner
C. Data owner
D. Data processor
Correct Answer: B
Section: Security Operations Explanation
Join a community of subject matter experts. Register for FREE to view solutions, replies, and use search function. Request answer by replying!
Top
Post Reply

Return to “Archived Questions & Answers”