ISC New 2021 CISSP Sample Questions Reliable CISSP Test Engine

Feel ISC CISSP Dumps PDF Will likely be The best Option

Career Benefits

When you're CISSP certified, there are a lot of benefits you will receive. By creating new opportunities to excel in your security profession, your career will improve visibility, credibility, and job security. With your deep base of experience in cybersecurity and cloud computing, you can be a high-demand employee. Furthermore, you’ll become an (ISC)2 member and part of the worldwide technical community with many membership benefits once you obtain your CISSP. Besides, you can connect with the global community of cybersecurity leaders. Moreover, the average licensed CISSP salary in the USA is USD 135,510 as rendered by the vendor.

 

NEW QUESTION 459
Which SSL version offers client-side authentication

• A. SSL v1
• B. SSL v4
• C. SSL v3
• D. SSL v2

Answer: D

Explanation:
"Client Authentication using Digital IDs Enable access by certificates http://www.verisign.com/repository/clientauth/ent_ig.htm#clientauth

 

NEW QUESTION 460
Group Health Plans sponsored or maintained by employers, however,

• A. ARE covered entities
• B. ARE called uncovered entities
• C. ARE NOT covered entities.
• D. ARE SOMETIMES covered entities.

Answer: A

 

NEW QUESTION 461
Which of the following category of UTP cables is specified to be able to handle gigabit Ethernet (1 Gbps) according to the EIA/TIA-568-B standards?

• A. Category 2 UTP
• B. Category 5e UTP
• C. Category 3 UTP
• D. Category 1e UTP

Answer: B

Explanation:
Explanation/Reference:
Explanation:
Category 5 UTP cable provides performance of up to 100 MHz and is suitable for 10BASE-T, 100BASE-TX (Fast Ethernet), and 1000BASE-T (Gigabit Ethernet). Category 5 was superseded by the category 5e (enhanced) specification.
Incorrect Answers:
B: The maximum frequency suitable for transmission over Category 2 UTP cable is 4 MHz, and the maximum bandwidth is 4Mbit/s.
C: Category 3 UTP was widely used in computer networking in the early 1990s for 10BASE-T Ethernet (and to a lesser extent for 100BaseVG Ethernet, token ring and 100BASE-T4), but from the early 2000s new structured cable installations were almost invariably built with the higher performing Cat 5e or Cat 6 cable required by 100BASE-TX.
D: The maximum frequency suitable for transmission over Category 1 UTP cable is 1 MHz, but Category 1 is not considered adequate for data transmission.
References:
https://en.wikipedia.org/wiki/Category_5_cable

 

NEW QUESTION 462
What is the difference between the OCSP (Online Certificate Status Protocol) and a Certificate Revocation List (CRL)?

• A. The OCSP (Online Certificate Status Protocol) provides real-time certificate checks and a Certificate Revocation List (CRL) has a delay in the updates.
• B. The OCSP (Online Certificate Status Protocol) is a way to check the attributes of a certificate and a Certificate Revocation List (CRL) is used by Certificate Authorites.
• C. The OCSP (Online Certificate Status Protocol) is a propietary certifcate mechanism developed by Microsoft and a Certificate Revocation List (CRL) is an open standard.
• D. The OCSP (Online Certificate Status Protocol) is used only by Active Directory and a Certificate Revocation List (CRL) is used by Certificate Authorites

Answer: A

Explanation:
A Certificate Revocation List (CRL) is periodically update by a Certificate Authortity (CA), where there may be a delay from the time a certificate has been revoked versus the time it
propgates into the Certificate Revocation List (CRL).
The CA can revoke certificates and provide an update service to the other members of the PKI via
a certificate revocation list (CRL), which is a list of non-valid certificates that should not be
accepted by any member of the PKI. The use of public key (asymmetric) cryptography has
enabled more effective use of symmetric cryptography as well as several other important features,
such as greater access control, nonrepudiation, and digital signatures.
In transactions where there is a need for real-time checks, the Online Certificate Status Protocol
can be used which can obtain the revocation status in a more timely fashion.
From RFC 2560
In lieu of or as a supplement to checking against a periodic CRL, it may be necessary to obtain
timely information regarding the revocation status of a certificate (cf. [RFC2459], Section 3.3).
Examples include high-value funds transfer or large stock trades.
The Online Certificate Status Protocol (OCSP) enables applications to determine the (revocation)
state of an identified certificate. OCSP may be used to satisfy some of the operational
requirements of providing more timely revocation information than is possible with CRLs and may
also be used to obtain additional status information. An OCSP client issues a status request to an
OCSP responder and suspends acceptance of the certificate in question until the responder
provides a response.
This protocol specifies the data that needs to be exchanged between an application checking the
status of a certificate and the server providing that status.
The following answers are incorrect:
-
The OCSP (Online Certificate Status Protocol) is a propietary certifcate mechanism developed by Microsoft and a Certificate Revocation List (CRL) is an open standard.
-
The OCSP (Online Certificate Status Protocol) is used only by Active Directory and a Certificate Revocation List (CRL) is used by Certificate Authorites.
-
The OCSP (Online Certificate Status Protocol) is a way to check the attributes of a certificate and a Certificate Revocation List (CRL) is used by Certificate Authorites.
The following reference(s) were/was used to create this question:
Schneiter, Andrew (2013-04-15). Official (ISC)2 Guide to the CISSP CBK, Third Edition :
Cryptography (Kindle Locations 2256-2259). . Kindle Edition.
http://www.ietf.org/rfc/rfc2560.txt
http://technet.microsoft.com/en-us/library/cc731027(v=ws.10)
http://www.networkworld.com/reviews/2004/0809revside.html

 

NEW QUESTION 463
A system has been scanned for vulnerabilities and has been found to contain a number of communication ports that have been opened without authority. To which of the following might this system have been subjected?

• A. Man-in-the-Middle (MITM)
• B. Trojan horse
• C. Denial of Service (DoS)
• D. Spoofing

Answer: B

 

NEW QUESTION 464
Match the types of e-authentication tokens to their description.
Drag each e-authentication token on the left to its corresponding description on the right.

Answer:

Explanation:

Explanation
Look-up secret token - A physical or electronic token that stores a set of secrets between the claimant and the credential service provider Out-of-Band Token - A physical token that is uniquely addressable and can receive a verifier-selected secret for one-time use Pre-registered Knowledge Token - A series of responses to a set of prompts or challenges established by the subscriber and credential service provider during the registration process Memorized Secret Token - A secret shared between the subscriber and credential service provider that is typically character strings

 

NEW QUESTION 465
Unshielded Twisted Pair cabling is a:

• A. four-pair wire medium that is used in a variety of networks.
• B. one-pair wire medium that is used in a variety of networks.
• C. two-pair wire medium that is used in a variety of networks.
• D. three-pair wire medium that is used in a variety of networks.

Answer: A

Explanation:
Unshielded Twisted Pair cabling is a four-pair wire medium that is used in a variety of networks Source: KRUTZ, Ronald L. & VINES, Russel D., The CISSP Prep Guide: Mastering the Ten Domains of Computer Security, 2001, John Wiley & Sons, Page 101.

 

NEW QUESTION 466
Business Impact Analysis (BIA) is about

• A. Due Care
• B. Risk Assessment
• C. Supporting the mission of the organization
• D. Technology

Answer: C

Explanation:
Business impact analysis is not about technology ; it is about supporting the mission of the organization.
The following answers are incorrect: Technololgy
Due Care
Risk Assessment
The following reference(s) were/was used to create this question:
Information Security Management Handbook , Sixth Edition by Tipton & Al page 321

 

NEW QUESTION 467
A security architect plans to reference a Mandatory Access Control (MAC) model for implementation. This indicates that which of the following properties are being prioritized?

• A. Accessibility
• B. Confidentiality
• C. Availability
• D. Integrity

Answer: B

 

NEW QUESTION 468
The National Institute of Standards and Technology (NIST) standard pertaining to perimeter protection states that critical areas should be illuminated up to?

• A. Illiminated at eight feet high with at least three foot-candles
• B. Illiminated at nine feet high with at least three foot-candles
• C. Illiminated at eight feet high with at least two foot-candles
• D. Illuminated at nine feet high with at least two foot-candles

Answer: C

Explanation:
The National Institute of Standards and Technology (NIST) standard pertaining to perimeter protection states that critical areas should be illuminated eight feet high with at least two foot-candles.
It can also be referred to as illuminating to a height of eight feet, with a BRIGHTNESS of two foot-candles.
One footcandle 10.764 lux. The footcandle (or lumen per square foot) is a non-SI unit of illuminance. Like the BTU, it is obsolete but it is still in fairly common use in the United
States, particularly in construction-related engineering and in building codes. Because lux and footcandles are different units of the same quantity, it is perfectly valid to convert footcandles to lux and vice versa.
The name "footcandle" conveys "the illuminance cast on a surface by a one-candela source one foot away." As natural as this sounds, this style of name is now frowned upon, because the dimensional formula for the unit is not foot * candela, but lumens per square foot.
Some sources do however note that the "lux" can be thought of as a "metre-candle" (i.e.
the illuminance cast on a surface by a one-candela source one meter away). A source that is farther away casts less illumination than one that is close, so one lux is less illuminance than one footcandle. Since illuminance follows the inverse-square law, and since one foot =
0.3048 m, one lux = 0.30482 footcandle 1/10.764 footcandle.
TIPS FROM CLEMENT:
Illuminance (light level) - The amount of light, measured in foot-candles (US unit), that falls n a surface, either horizontal or vertical.
Parking lots lighting needs to be an average of 2 foot candles; uniformity of not more than
3:1, no area less than 1 fc.
All illuminance measurements are to be made on the horizontal plane with a certified light meter calibrated to NIST standards using traceable light sources.
The CISSP Exam Cram 2 from Michael Gregg says:
Lighting is a commonly used form of perimeter protection.
Some studies have found that up to 80% of criminal acts at businesses and shopping centers happen in adjacent parking lots. Therefore, it's easy to see why lighting can be such an important concern.
Outside lighting discourages prowlers and thieves.
The National Institute of Standards and Technologies (NIST) states that, for effective perimeter control, buildings should be illuminated 8 feet high, with 2-foot candle power.
Reference used for this question:
HARRIS, Shon, All-In-One CISSP Certification Exam Guide, McGraw-Hill/Osborne, 2001,
Page 325.
and
Shon's AIO v5 pg 459
and
http://en.wikipedia.org/wiki/Foot-candle

 

NEW QUESTION 469
Which of the following secure startup mechanisms are PRIMARILY designed to thwart attacks?

• A. Acoustic cryptanalysis
• B. Cold boot
• C. Side channel
• D. Timing

Answer: B

 

NEW QUESTION 470
Which of the following Operation Security controls is intended to prevent unauthorized intruders from internally or externally accessing the system, and to lower the amount and impact of unintentional errors that are entering the system?

• A. Directive Controls
• B. Corrective Controls
• C. Detective Controls
• D. Preventative Controls

Answer: D

Explanation:
In the Operations Security domain, Preventative Controls are designed to prevent unauthorized intruders from internally or externally accessing the system, and to lower the amount and impact of unintentional errors that are entering the system.
Source: KRUTZ, Ronald L. & VINES, Russel D., The CISSP Prep Guide: Mastering the
Ten Domains of Computer Security, 2001, John Wiley & Sons, Page 217.

 

NEW QUESTION 471
Which of the following provides the MOST protection against data theft of sensitive information when a laptop is stolen?

• A. Set up a BIOS and operating system password
• B. Implement a mandatory policy in which sensitive data cannot be stored on laptops, but only on the corporate network
• C. Encrypt the virtual drive where confidential files can be stored
• D. Encrypt the entire disk and delete contents after a set number of failed access attempts

Answer: D

 

NEW QUESTION 472
Which of the following statements regarding an off-site information processing facility is TRUE?

• A. It should be easily identified from the outside so in the event of an emergency it can be easily found.
• B. It should have the same amount of physical access restrictions as the primary processing site.
• C. It should be located in proximity to the originating site so that it can quickly be made operational.
• D. Need not have the same level of environmental monitoring as the originating site since this would be cost prohibitive.

Answer: B

Explanation:
It is very important that the offsite has the same restrictions in order to avoide misuse.
The following answers are incorrect because :
It should be located in proximity to the originating site so that it can quickly be made operational is
incorrect as the offsite is also subject to the same disaster as of the primary site.
It should be easily identified from the outside so in the event of an emergency it can be easily
found is also incorrect as it should not be easily identified to prevent intentional sabotage.
Need not have the same level of environmental monitoring as the originating site since this would
be cost prohibitive is also incorrect as it should be like its primary site.
Reference : Information Systems Audit and Control Association, Certified Information Systems
Auditor 2002 review manual, chapter 5: Disaster Recovery and Business Continuity (page 265).

 

NEW QUESTION 473
In what way could Java applets pose a security threat?

• A. Executables from the Internet may attempt an intentional attack when they are downloaded on a client system.
• B. Java interpreters do not provide the ability to limit system access that an applet could have on a client system.
• C. Java does not check the bytecode at runtime or provide other safety mechanisms for program isolation from the client system.
• D. Their transport can interrupt the secure distribution of World Wide Web pages over the Internet by removing SSL and S-HTTP

Answer: A

Explanation:
Source: TIPTON, Hal, (ISC)2, Introduction to the CISSP Exam presentation.

 

NEW QUESTION 474
Valuable paper insurance coverage does not cover damage to which of the following?

• A. Records
• B. Inscribed, printed and Written documents
• C. Manuscripts
• D. Money and Securities

Answer: D

Explanation:
All businesses are driven by records. Even in today's electronic society businesses
generate mountains of critical documents everyday. Invoices, client lists, calendars, contracts,
files, medical records, and innumerable other records are generated every day.
Stop and ask yourself what happens if your business lost those documents today.
Valuable papers business insurance coverage provides coverage to your business in case of a
loss of vital records. Over the years policy language has evolved to include a number of different
types of records. Generally, the policy will cover "written, printed, or otherwise inscribed
documents and records, including books, maps, films, drawings, abstracts, deeds, mortgages, and
manuscripts." But, read the policy coverage carefully. The policy language typically "does not
mean "money" or "securities," converted data,programs or instructions used in your data
processing operations, including the materials on which the data is recorded."
The coverage is often included as a part of property insurance or as part of a small business
owner policy. For example, a small business owner policy includes in many cases valuable papers
coverage up to $25,000.
It is important to realize what the coverage actually entails and, even more critical, to analyze your
business to determine what it would cost to replace records.
The coverage pays for the loss of vital papers and the cost to replace the records up to the limit of
the insurance and after application of any deductible. For example, the insurer will pay to have
waterlogged papers dried and reproduced (remember, fires are put out by water and the fire
department does not stop to remove your book keeping records). The insurer may cover
temporary storage or the cost of moving records to avoid a loss.
For some businesses, losing customer lists, some business records, and contracts, can mean the expense and trouble of having to recreate those documents, but is relatively easy and a low level risk and loss. Larger businesses and especially professionals (lawyers, accountants, doctors) are in an entirely separate category and the cost of replacement of documents is much higher. Consider, in analyzing your business and potential risk, what it would actually cost to reproduce your critical business records. Would you need to hire temporary personnel? How many hours of productivity would go into replacing the records? Would you need to obtain originals? Would original work need to be recreated (for example, home inspectors, surveyors, cartographers)?
Often when a business owner considers the actual cost related to the reproduction of records, the owner quickly realizes that their business insurance policy limits for valuable papers coverage is woefully inadequate.
Insurers (and your insurance professional)will often suggest higher coverages for valuable papers. The extra premium is often worth the cost and should be considered.
Finally, most policies will require records to be protected. You need to review your declarations pages and speak with your insurer to determine what is required. Some insurers may offer discounted coverage if there is a document retention and back up plan in place and followed. There are professional organizations that can assist your business in designing a records management policy to lower the risk (and your premiums). For example, ARMA International has been around since 1955 and its members consist of some of the top document retention and storage companies.
Reference(s) used for this question: http://businessinsure.about.com/od/propertyinsurance/f/vpcov.htm

 

NEW QUESTION 475
Given the various means to protect physical and logical assets, match the access management area to the technology.

Answer:

Explanation:

Explanation

 

NEW QUESTION 476
Which type of fire extinguishing method contains standing water in the
pipe, and therefore generally does not enable a manual shutdown of
systems before discharge?

• A. Dry Pipe
• B. Deluge
• C. Wet pipe
• D. Preaction

Answer: C

Explanation:
The other three are variations on a dry
pipe discharge method with the water not standing in the pipe until a
fire is detected.

 

NEW QUESTION 477
......

The Certified Information Systems Security Professional (CISSP) certification exam is intended for IT specialists who seek to build skills in identifying the IT infrastructure and planning, developing, and managing a secure business climate using internationally approved information security principles. The related certificate was introduced in 1994 and is named as the most required security designation on LinkedIn. The CISSP is the first security certification to meet the strict terms and conditions of ISO/IEC Standard 17024. Besides, the CISSP endorsement includes cloud computing security best practices. It indicates that you have the specialized experience and technological expertise to plan, improve, and maintain the overall security role of the company. Moreover, the CISSP qualification is most suited for security managers, security analysts, chief information security officers, directors of security, and other IT security roles.

 

Use Valid New CISSP Test Notes & CISSP Valid Exam Guide: https://www.testsimulate.com/CISSP-study-materials.html