File Info
| Exam | Certified Information Systems Security Professional |
| Number | CISSP |
| File Name | Certified Information Systems Security Professional.CertDumps.CISSP.2020-05-06.1e.289q.vcex |
| Size | 873 Kb |
| Posted | May 06, 2020 |
| Downloads | 255 |
| Download | Certified Information Systems Security Professional.CertDumps.CISSP.2020-05-06.1e.289q.vcex |
How to open VCEX & EXAM Files?
Files with VCEX & EXAM extensions can be opened by ProfExam Simulator.
Coupon: MASTEREXAM
With discount: 20%
Demo Questions
All of the following items should be included in a Business Impact Analysis (BIA) questionnaire EXCEPT questions that
- A: determine the risk of a business interruption occurring
- B: determine the technological dependence of the business processes
- C: Identify the operational impacts of a business interruption
- D: Identify the financial impacts of a business interruption
Correct Answer: B
Which of the following actions will reduce risk to a laptop before traveling to a high risk area?
- A: Examine the device for physical tampering
- B: Implement more stringent baseline configurations
- C: Purge or re-image the hard disk drive
- D: Change access codes
Correct Answer: D
Which of the following represents the GREATEST risk to data confidentiality?
- A: Network redundancies are not implemented
- B: Security awareness training is not completed
- C: Backup tapes are generated unencrypted
- D: Users have administrative privileges
Correct Answer: C
What is the MOST important consideration from a data security perspective when an organization plans to relocate?
- A: Ensure the fire prevention and detection systems are sufficient to protect personnel
- B: Review the architectural plans to determine how many emergency exits are present
- C: Conduct a gap analysis of a new facilities against existing security requirements
- D: Revise the Disaster Recovery and Business Continuity (DR/BC) plan
Correct Answer: C
A company whose Information Technology (IT) services are being delivered from a Tier 4 data center, is preparing a companywide Business Continuity Planning (BCP). Which of the following failures should the IT manager be concerned with?
- A: Application
- B: Storage
- C: Power
- D: Network
Correct Answer: C
When assessing an organization’s security policy according to standards established by the International Organization for Standardization (ISO) 27001 and 27002, when can management responsibilities be defined?
- A: Only when assets are clearly defined
- B: Only when standards are defined
- C: Only when controls are put in place
- D: Only procedures are defined
Correct Answer: A
Which of the following types of technologies would be the MOST cost-effective method to provide a reactive control for protecting personnel in public areas?
- A: Install mantraps at the building entrances
- B: Enclose the personnel entry area with polycarbonate plastic
- C: Supply a duress alarm for personnel exposed to the public
- D: Hire a guard to protect the public area
Correct Answer: D
An important principle of defense in depth is that achieving information security requires a balanced focus on which PRIMARY elements?
- A: Development, testing, and deployment
- B: Prevention, detection, and remediation
- C: People, technology, and operations
- D: Certification, accreditation, and monitoring
Correct Answer: C
(14)
Intellectual property rights are PRIMARY concerned with which of the following?
- A: Owner’s ability to realize financial gain
- B: Owner’s ability to maintain copyright
- C: Right of the owner to enjoy their creation
- D: Right of the owner to control delivery method
Correct Answer: D
A control to protect from a Denial-of-Service (DoS) attach has been determined to stop 50% of attacks, and additionally reduces the impact of an attack by 50%. What is the residual risk?
- A: 25%
- B: 50%
- C: 75%
- D: 100%
Correct Answer: A
