aiotestking uk

CISSP Exam Questions - Online Test


CISSP Premium VCE File

Learn More 100% Pass Guarantee - Dumps Verified - Instant Download
150 Lectures, 20 Hours

Q1. Refer.to the information below to answer the question. 

An organization experiencing a negative financial impact is forced to reduce budgets and the number of Information Technology (IT) operations staff performing basic logical access security administration functions. Security processes have been tightly integrated into normal IT operations and are not separate and distinct roles. 

Which of the following will be the PRIMARY security concern as staff is released from the organization? 

A. Inadequate IT support 

B. Loss of data and separation of duties 

C. Undocumented security controls 

D. Additional.responsibilities for remaining staff 

Answer:

Q2. At a MINIMUM, a formal review of any Disaster Recovery Plan (DRP) should be conducted 

A. monthly. 

B. quarterly. 

C. annually. 

D. bi-annually. 

Answer:

Q3. Which of the following is a process within a Systems Engineering Life Cycle (SELC) stage? 

A. Requirements Analysis 

B. Development and Deployment 

C. Production Operations 

D. Utilization Support 

Answer:

Q4. Refer.to the information below to answer the question. 

In a Multilevel Security (MLS) system, the following sensitivity labels are used in increasing levels of sensitivity: restricted, confidential, secret, top secret. Table A lists the clearance levels for four users, while Table B lists the security classes of four different files. 

In a Bell-LaPadula system, which user cannot write to File 3? 

A. User A 

B. User B 

C. User C 

D. User D 

Answer:

Q5. Disaster Recovery Plan (DRP) training material should be 

A. consistent so that all audiences receive the same training. 

B. stored in a fire proof safe to ensure availability when needed. 

C. only delivered in paper format. 

D. presented in a professional looking manner. 

Answer:

Q6. An external attacker has compromised an organization's network security perimeter and installed a sniffer onto an inside computer. Which of the following is the MOST effective layer of security the organization could have implemented to mitigate the attacker's ability to gain further information? 

A. Implement packet filtering on the network firewalls 

B. Require strong authentication for administrators 

C. Install Host Based Intrusion Detection Systems (HIDS) 

D. Implement logical network segmentation at the switches 

Answer:

Q7. The PRIMARY purpose of a security awareness program is to 

A. ensure that everyone understands the organization's policies and procedures. 

B. communicate that access to information will be granted on a need-to-know basis. 

C. warn all users that access to all systems will be monitored on a daily basis. 

D. comply with regulations related to data and information protection. 

Answer:

Q8. Refer.to the information below to answer the question. 

An organization has hired an information security officer to lead their security department. The officer has adequate people resources but is lacking the other necessary components to have an effective security program. There are numerous initiatives requiring security involvement. 

Which of the following is considered the MOST important priority for the information security officer? 

A. Formal acceptance of the security strategy 

B. Disciplinary actions taken against unethical behavior 

C. Development of an awareness program for new employees 

D. Audit of all organization system configurations for faults 

Answer:

Q9. Which of the following is the PRIMARY.security.concern associated with the implementation of smart cards? 

A. The cards have limited memory 

B. Vendor application compatibility 

C. The cards can be misplaced 

D. Mobile code can be embedded in the card 

Answer:

Q10. Which of the following is a BEST practice when traveling internationally with laptops containing Personally Identifiable Information (PII)? 

A. Use a thumb drive to transfer information from a foreign computer. 

B. Do not take.unnecessary.information, including sensitive information. 

C. Connect the laptop only to well-known networks like the hotel or public Internet cafes. 

D. Request international points of contact help scan the laptop on arrival to ensure it is protected..

Answer: