Download ISC.CISSP.PremDumps.2019-03-29.101q.vcex

Download Exam

File Info

Exam Certified Information Systems Security Professional
Number CISSP
File Name ISC.CISSP.PremDumps.2019-03-29.101q.vcex
Size 115 KB
Posted Mar 29, 2019
Downloads: 6
Download ISC.CISSP.PremDumps.2019-03-29.101q.vcex


How to open VCEX & EXAM Files?

Files with VCEX & EXAM extensions can be opened by ProfExam Simulator.

Purchase

Coupon: MASTEREXAM
With discount: 20%






Demo Questions

Question 1

When assessing an organization’s security policy according to standards established by the International Organization for Standardization (ISO) 27001 and 27002, when can management responsibilities be defined?


  1. Only when assets are clearly defined
  2. Only when standards are defined
  3. Only when controls are put in place
  4. Only procedures are defined
Correct answer: A



Question 2

Which of the following types of technologies would be the MOST cost-effective method to provide a reactive control for protecting personnel in public areas?


  1. Install mantraps at the building entrances
  2. Enclose the personnel entry area with polycarbonate plastic
  3. Supply a duress alarm for personnel exposed to the public
  4. Hire a guard to protect the public area
Correct answer: D



Question 3

Intellectual property rights are PRIMARY concerned with which of the following?


  1. Owner’s ability to realize financial gain
  2. Owner’s ability to maintain copyright
  3. Right of the owner to enjoy their creation
  4. Right of the owner to control delivery method
Correct answer: D



Question 4

Which of the following mobile code security models relies only on trust?


  1. Code signing
  2. Class authentication
  3. Sandboxing
  4. Type safety
Correct answer: A
Explanation:
Reference: https://csrc.nist.gov/csrc/media/publications/conference-paper/1999/10/21/proceedings-of-the-22nd-nissc-1999/documents/papers/t09.pdf (11)
Reference: https://csrc.nist.gov/csrc/media/publications/conference-paper/1999/10/21/proceedings-of-the-22nd-nissc-1999/documents/papers/t09.pdf (11)



Question 5

Which technique can be used to make an encryption scheme more resistant to a known plaintext attack?


  1. Hashing the data before encryption
  2. Hashing the data after encryption
  3. Compressing the data after encryption
  4. Compressing the data before encryption
Correct answer: A



Question 6

What is the second phase of Public Key Infrastructure (PKI) key/certificate life-cycle management?


  1. Implementation Phase
  2. Initialization Phase
  3. Cancellation Phase
  4. Issued Phase
Correct answer: D



Question 7

Which component of the Security Content Automation Protocol (SCAP) specification contains the data required to estimate the severity of vulnerabilities identified automated vulnerability assessments?


  1. Common Vulnerabilities and Exposures (CVE)
  2. Common Vulnerability Scoring System (CVSS)
  3. Asset Reporting Format (ARF)
  4. Open Vulnerability and Assessment Language (OVAL)
Correct answer: B



Question 8

What is the purpose of an Internet Protocol (IP) spoofing attack?


  1. To send excessive amounts of data to a process, making it unpredictable
  2. To intercept network traffic without authorization
  3. To disguise the destination address from a target’s IP filtering devices
  4. To convince a system that it is communicating with a known entity
Correct answer: D



Question 9

At what level of the Open System Interconnection (OSI) model is data at rest on a Storage Area Network (SAN) located?


  1. Link layer
  2. Physical layer
  3. Session layer
  4. Application layer
Correct answer: D



Question 10

In a Transmission Control Protocol/Internet Protocol (TCP/IP) stack, which layer is responsible for negotiating and establishing a connection with another node?


  1. Transport layer
  2. Application layer
  3. Network layer
  4. Session layer
Correct answer: A









PROFEXAM WITH A 20% DISCOUNT

You can buy ProfExam with a 20% discount!



HOW TO OPEN VCEX FILES

Use ProfExam Simulator to open VCEX files