Proper study guides for Improved ISC2 Certified Information Systems Security Professional (CISSP) certified begins with ISC2 CISSP preparation products which designed to deliver the Accurate CISSP questions by making you pass the CISSP test at your first time. Try the free CISSP demo right now.
2016 Jun CISSP Study Guide Questions:
Q151. What is the.BEST.first step.for determining if the appropriate security controls are in place for protecting data at rest?
A. Identify regulatory requirements
B. Conduct a risk assessment
C. Determine.business drivers
D. Review the.security baseline configuration
Q152. Which of the following is a function of Security Assertion Markup Language (SAML)?
A. File allocation
B. Redundancy check
C. Extended validation
D. Policy enforcement
Q153. Which of the following is the BEST solution to provide redundancy for telecommunications links?
A. Provide multiple links from the same telecommunications vendor.
B. Ensure that the telecommunications links connect to the network in one location.
C. Ensure.that the telecommunications links connect to the network in multiple locations.
D. Provide multiple links from multiple telecommunications vendors.
Improved cissp vs cism:
Q154. An online retail company has formulated a record retention schedule for customer transactions. Which of the following is a valid.reason a customer transaction is kept beyond the retention schedule?
A. Pending legal hold
B. Long term data mining needs
C. Customer makes request to retain
D. Useful for future business initiatives
Q155. What maintenance activity is responsible for defining, implementing, and testing updates to application systems?
A. Program change control
B. Regression testing
C. Export exception control
D. User acceptance testing
Q156. A security consultant has been asked to research an organization's legal obligations to protect privacy-related information. What kind of reading material is MOST relevant to this project?
A. The organization's current security policies concerning privacy issues
B. Privacy-related regulations enforced by governing bodies applicable to the organization
C. Privacy best practices published by recognized security standards organizations
D. Organizational procedures designed to protect privacy information
Validated cissp certification:
Q157. Which of the following is the MAIN goal of a data retention policy?
A. Ensure.that data is destroyed properly.
B. Ensure that data recovery can be done on the data.
C. Ensure the integrity and availability of data for a predetermined amount of time.
D. Ensure.the integrity and confidentiality of data for a predetermined amount of time.
Q158. Regarding asset security and appropriate retention,.which of the following INITIAL.top three areas are.important.to focus on?
A. Security control baselines, access controls, employee awareness and training
B. Human resources, asset management, production management
C. Supply chain lead time, inventory control, encryption
D. Polygraphs, crime statistics, forensics
Q159. DRAG DROP
Place in order, from BEST (1) to WORST (4), the following methods to reduce the risk of data remanence on magnetic media.
Q160. Which of the following describes the BEST configuration management practice?
A. After installing a new system, the configuration files are copied to a separate back-up system and hashed to detect tampering.
B. After installing a new system, the configuration files are copied to an air-gapped system and hashed to detect tampering.
C. The firewall rules are backed up to an air-gapped system.
D. A baseline configuration is created and maintained for all relevant systems.