Actualtests offers free demo for cissp exam cram exam. “Certified Information Systems Security Professional (CISSP)”, also known as cissp vs cisa exam, is a ISC2 Certification. This set of posts, Passing the ISC2 free cissp training exam, will help you answer those questions. The cissp exam cram Questions & Answers covers all the knowledge points of the real exam. 100% real ISC2 cissp exam exams and revised by experts!
2017 NEW RECOMMEND
Free VCE & PDF File for ISC2 CISSP Real Exam
Pass on Your First TRY 100% Money Back Guarantee Realistic Practice Exam Questions
Q181. A practice that permits the owner of a data object to grant other users access to that object would usually provide
A. Mandatory Access Control (MAC).
B. owner-administered control.
C. owner-dependent access control.
D. Discretionary Access Control (DAC).
Q182. Application of which of the following Institute of Electrical and Electronics Engineers (IEEE) standards will prevent an unauthorized wireless device from being attached to a network?
A. IEEE 802.1F
B. IEEE 802.1H
C. IEEE 802.1Q
D. IEEE 802.1X
Q183. An external attacker has compromised an organization's network security perimeter and installed a sniffer onto an inside computer. Which of the following is the MOST effective layer of security the organization could have implemented to mitigate the attacker's ability to gain further information?
A. Implement packet filtering on the network firewalls
B. Require strong authentication for administrators
C. Install Host Based Intrusion Detection Systems (HIDS)
D. Implement logical network segmentation at the switches
Q184. Which of the following is the PRIMARY concern when using an Internet browser to access a cloud-based service?
A. Insecure implementation of Application Programming Interfaces (API)
B. Improper use and storage of management keys
C. Misconfiguration of infrastructure allowing for unauthorized access
D. Vulnerabilities within protocols that can expose confidential data
Q185. Refer.to the information below to answer the question.
During the investigation of a security incident, it is determined that an unauthorized individual accessed a system which hosts a database containing financial information.
Aside from the potential records which may have been viewed, which of the following should be the PRIMARY concern regarding the database information?
A. Unauthorized database changes
B. Integrity of security logs
C. Availability of the database
D. Confidentiality of the incident
Q186. An organization is selecting a service provider to assist in the consolidation of multiple computing sites including development, implementation and ongoing support of various computer systems. Which of the following MUST be verified by the Information Security Department?
A. The service provider's policies are consistent with ISO/IEC27001 and there is evidence that the service provider is following those policies.
B. The service provider will segregate the data within its systems and ensure that each region's policies are met.
C. The service provider will impose controls and protections that meet or exceed the current systems controls and produce audit logs as verification.
D. The service provider's policies can meet the requirements imposed by the new environment even if they differ from the organization's current policies.
Q187. Which of the following BEST mitigates a replay attack against a system using identity federation and Security Assertion Markup Language (SAML) implementation?
A. Two-factor authentication
B. Digital certificates and hardware tokens
C. Timed sessions and Secure Socket Layer (SSL)
D. Passwords with alpha-numeric and special characters
Q188. What is a common challenge when implementing Security Assertion Markup Language
(SAML) for identity integration between on-premise environment and an external identity provider service?
A. Some users are not provisioned into the service.
B. SAML tokens are provided by the on-premise identity provider.
C. Single users cannot be revoked from the service.
D. SAML tokens contain user information.
Q189. The use of strong authentication, the encryption of Personally Identifiable Information (PII) on database servers, application security reviews, and the encryption of data transmitted across networks provide
A. data integrity.
B. defense in depth.
C. data availability.
Q190. Which of the following is a reason to use manual patch installation instead of automated patch management?
A. The cost required to install patches will be reduced.
B. The time during which systems will remain vulnerable to an exploit will be decreased.
C. The likelihood of system or application incompatibilities will be decreased.
D. The ability to cover large geographic areas is increased.