aiotestking uk

CISSP Exam Questions - Online Test


CISSP Premium VCE File

Learn More 100% Pass Guarantee - Dumps Verified - Instant Download
150 Lectures, 20 Hours

Q1. Why must all users be positively identified.prior.to using multi-user computers? 

A. To provide access to system privileges 

B. To provide access to the operating system 

C. To ensure that unauthorized persons cannot access the computers 

D. To ensure that management knows what users are currently logged on 

Answer:

Q2. Which of the following MUST be part of a contract to support electronic discovery of data stored in a cloud environment? 

A. Integration with organizational directory services for authentication 

B. Tokenization of data 

C. Accommodation of hybrid deployment models 

D. Identification of data location 

Answer:

Q3. Which of the following is the MAIN reason that system re-certification and re-accreditation are needed? 

A. To assist data owners in making future sensitivity and criticality determinations 

B. To assure the software development team that all security issues have been addressed 

C. To verify that security protection remains acceptable to the organizational security policy 

D. To help the security team accept or reject new systems for implementation and production 

Answer:

Q4. An advantage of link encryption in a communications network is that it 

A. makes key management and distribution easier. 

B. protects data from start to finish through the entire network. 

C. improves the efficiency of the transmission. 

D. encrypts all information, including headers and routing information. 

Answer:

Q5. For privacy protected data, which of the following roles has the highest authority for establishing dissemination rules for the data? 

A. Information Systems Security Officer 

B. Data Owner 

C. System Security Architect 

D. Security Requirements Analyst 

Answer:

Q6. Which of the following does Temporal Key Integrity Protocol (TKIP) support? 

A. Multicast and broadcast messages 

B. Coordination of IEEE 802.11 protocols 

C. Wired Equivalent Privacy (WEP) systems 

D. Synchronization of.multiple devices 

Answer:

Q7. What does an organization FIRST review to assure compliance with privacy requirements? 

A. Best practices 

B. Business objectives 

C. Legal and regulatory mandates 

D. Employee's compliance to policies and standards 

Answer:

Q8. Which of the following BEST describes the purpose of performing security certification? 

A. To identify system threats, vulnerabilities, and acceptable level of risk 

B. To formalize the confirmation of compliance to security policies and standards 

C. To formalize the confirmation of completed risk mitigation and risk analysis 

D. To verify that system architecture and interconnections with other systems are effectively implemented 

Answer:

Q9. Which of the following is the BEST reason to review audit logs periodically? 

A. Verify they are operating properly 

B. Monitor employee productivity 

C. Identify anomalies in use patterns 

D. Meet compliance regulations 

Answer:

Q10. Logical access control programs are MOST effective when they are 

A. approved by external auditors. 

B. combined with security token technology. 

C. maintained by computer security officers. 

D. made part of the operating system. 

Answer: