aiotestking uk

CISSP Exam Questions - Online Test


CISSP Premium VCE File

Learn More 100% Pass Guarantee - Dumps Verified - Instant Download
150 Lectures, 20 Hours

Q1. Refer.to the information below to answer the question. 

In a Multilevel Security (MLS) system, the following sensitivity labels are used in increasing levels of sensitivity: restricted, confidential, secret, top secret. Table A lists the clearance levels for four users, while Table B lists the security classes of four different files. 

In a Bell-LaPadula system, which user has the MOST restrictions when writing data to any of the four files? 

A. User A 

B. User B 

C. User C 

D. User D 

Answer:

Q2. Which one of the following affects the classification of data? 

A. Passage of time 

B. Assigned security label 

C. Multilevel Security (MLS) architecture 

D. Minimum query size 

Answer:

Q3. Host-Based Intrusion Protection (HIPS) systems are often deployed in monitoring or learning mode during their initial implementation. What is the objective of starting in this mode? 

A. Automatically create exceptions for specific actions or files 

B. Determine which files are unsafe to access and blacklist them 

C. Automatically whitelist actions or files known to the system 

D. Build a baseline of normal or safe system events for review 

Answer:

Q4. DRAG DROP 

A software security engineer is developing a black box-based test plan that will measure the system's reaction to incorrect or illegal inputs or unexpected operational errors and situations. Match the functional testing techniques on the left with the correct input parameters on.the right. 

Answer:  

Q5. An organization is found lacking the ability to properly establish performance indicators for its Web hosting solution during an audit. What would be the MOST probable cause? 

A. Improper deployment of the Service-Oriented Architecture.(SOA) 

B. Absence of a Business Intelligence.(BI) solution 

C. Inadequate cost modeling 

D. Insufficient Service Level Agreement.(SLA).

Answer:

Q6. Which of the following provides effective management assurance for a Wireless Local Area Network (WLAN)? 

A. Maintaining an inventory of authorized Access Points (AP) and connecting devices B. Setting the radio frequency to the minimum range required 

C. Establishing a Virtual Private Network (VPN) tunnel between the WLAN client device and a VPN concentrator 

D. Verifying that all default passwords have been changed 

Answer:

Q7. The Structured Query Language (SQL) implements Discretionary Access Controls (DAC) using 

A. INSERT and DELETE. 

B. GRANT and REVOKE. 

C. PUBLIC.and PRIVATE. 

D. ROLLBACK.and TERMINATE. 

Answer:

Q8. HOTSPOT 

Identify the component that MOST likely lacks digital accountability related to.information access. 

Click on the correct device in the image below. 

Answer:  

Q9. What is the BEST method to detect the most common improper initialization problems in programming languages? 

A. Use and specify a strong character encoding. 

B. Use automated static analysis tools that target this type of weakness. 

C. Perform input validation on any numeric inputs by assuring that they are within the expected range. 

D. Use data flow analysis to minimize the number of false positives. 

Answer:

Q10. Which of the following can BEST prevent security flaws occurring in outsourced software development? 

A. Contractual requirements for code quality 

B. Licensing, code ownership and intellectual property rights 

C. Certification.of the quality and accuracy of the work done 

D. Delivery dates, change management control and budgetary control 

Answer: