Login / Register   My Cart (0)

DumpsFree provides high-quality dumps PDF & dumps VCE for candidates who are willing to pass exams and get certifications soon. We provide dumps free download before purchasing dumps VCE. 100% pass exam!

All Products Contact now
  • Home
  • Articles
  • Practice CISSP Questions With Certification guide Q&A from Training Expert [Q978-Q1002]

Practice CISSP Questions With Certification guide Q&A from Training Expert [Q978-Q1002]

Share

Practice CISSP Questions With Certification guide Q&A from Training Expert DumpsFree

Free ISC CISSP Test Practice Test Questions Exam Dumps


Obtaining the ISC CISSP certification can provide professionals with numerous benefits, including increased job opportunities, higher salary potential, and enhanced credibility in the industry. It is also a requirement for some government and military positions. However, passing the exam requires a significant amount of preparation and study, as well as practical experience in the field of information security.

 

NEW QUESTION # 978
A hospital's building controls system monitors and operates the environmental equipment to maintain a safe and comfortable environment. Which of the following could be used to minimize the risk of utility supply interruption?

  • A. Digital protection and control devices capable of minimizing the adverse impact to critical utility
  • B. Lock out maintenance personnel from the building controls system access that can impact critical utility supplies
  • C. Digital devices that can turn equipment off and continuously cycle rapidly in order to increase supplies and conceal activity on the hospital network
  • D. Standardized building controls system software with high connectivity to hospital networks

Answer: A

Explanation:
The best option to minimize the risk of utility supply interruption for a hospital's building controls system is to use digital protection and control devices capable of minimizing the adverse impact to critical utility. Digital protection and control devices are devices that monitor and regulate the utility supply, such as electricity, water, or gas, and detect and respond to any faults, anomalies, or disruptions in the utility supply. Digital protection and control devices can minimize the adverse impact to critical utility by isolating the affected components, switching to alternative sources, adjusting the load or demand, or activating backup or emergency systems. Digital protection and control devices can help to ensure the continuity and reliability of the utility supply, and to prevent or mitigate any potential damage or harm to the hospital's building controls system, or to the patients and staff12. References: CISSP CBK, Fifth Edition, Chapter 4, page 383; CISSP Practice Exam
- FREE 20 Questions and Answers, Question 17.


NEW QUESTION # 979
When considering all the reasons that buffer overflow vulnerabilities exist what is the real reason?

  • A. Insecure programming languages
  • B. Human error
  • C. The Windows Operating system
  • D. Insecure Transport Protocols

Answer: B

Explanation:
Explanation/Reference:
Explanation:
The human error in this answer is poor programming by the software developer.
A buffer overflow takes place when too much data are accepted as input to a specific process. A buffer is an allocated segment of memory. A buffer can be overflowed arbitrarily with too much data, but for it to be of any use to an attacker, the code inserted into the buffer must be of a specific length, followed up by commands the attacker wants executed.
When a programmer writes a piece of software that will accept data, this data and its associated instructions will be stored in the buffers that make up a stack. The buffers need to be the right size to accept the inputted data. So if the input is supposed to be one character, the buffer should be one byte in size. If a programmer does not ensure that only one byte of data is being inserted into the software, then someone can input several characters at once and thus overflow that specific buffer.
Incorrect Answers:
B: The Windows Operating system does not cause buffer overflow vulnerabilities.
C: Insecure programming languages do not cause buffer overflow vulnerabilities.
D: Insecure Transport Protocols do not cause buffer overflow vulnerabilities.
References:
Harris, Shon, All In One CISSP Exam Guide, 6th Edition, McGraw-Hill, 2013, p. 332


NEW QUESTION # 980
The disaster recovery (DR) process should always include

  • A. plan maintenance.
  • B. financial data analysis.
  • C. periodic vendor review.
  • D. periodic inventory review.

Answer: A


NEW QUESTION # 981
In which process MUST security be considered during the acquisition of new software?

  • A. Contract negotiation
  • B. Vendor selection
  • C. Request for proposal (RFP)
  • D. Implementation

Answer: C


NEW QUESTION # 982
Which of the following is the MOST beneficial to review when performing an IT audit?

  • A. Configuration settings
  • B. Security log
  • C. Audit policy
  • D. Security policies

Answer: B

Explanation:
The most beneficial item to review when performing an IT audit is the security log. The security log is a record of the events and activities that occur on a system or network, such as logins, logouts, file accesses, policy changes, or security incidents. The security log can provide valuable information for the auditor to assess the security posture, performance, and compliance of the system or network, and to identify any anomalies, vulnerabilities, or breaches that need to be addressed. The other options are not as beneficial as the security log, as they either do not provide enough information for the audit (A and C), or do not reflect the actual state of the system or network (D). References: CISSP All-in-One Exam Guide, Eighth Edition, Chapter
7, page 405; Official (ISC)2 CISSP CBK Reference, Fifth Edition, Chapter 7, page 465.


NEW QUESTION # 983
Which of the following technologies has been developed to support TCP/IP networking over low-speed serial interfaces?

  • A. xDSL
  • B. ISDN
  • C. T1
  • D. SLIP

Answer: D

Explanation:
Serial Line IP (SLIP) was developed in 1984 to support TCP/IP networking over low-speed serial interfaces. Source: KRUTZ, Ronald L. & VINES, Russel D., The CISSP Prep Guide: Mastering the Ten Domains of Computer Security, John Wiley & Sons, 2001, Chapter 3: Telecommunications and Network Security (page 114).


NEW QUESTION # 984
Tim's day to day responsibilities include monitoring health of devices on the network. He uses a Network Monitoring System supporting SNMP to monitor the devices for any anomalies or high traffic passing through the interfaces. Which of the protocols would be BEST to use if some of the requirements are to prevent easy disclosure of the SNMP strings and authentication of the source of the packets?

  • A. SNMP V3
  • B. UDP
  • C. SNMP V1
  • D. SNMP V2

Answer: A

Explanation:
Simple Network Management Protocol (SNMP) is an Internet-standard protocol for managing devices on IP networks. Devices that typically support SNMP include routers, switches, servers, workstations, printers, modem racks, and more. It is used mostly in network management systems to monitor network-attached devices for conditions that warrant administrative attention. SNMP is a component of the Internet Protocol Suite as defined by the Internet Engineering Task Force (IETF).
SNMP V3 Although SNMPv3 makes no changes to the protocol aside from the addition of cryptographic security, it looks much different due to new textual conventions, concepts, and terminology. SNMPv3 primarily added security and remote configuration enhancements to SNMP. Security has been the biggest weakness of SNMP since the beginning. Authentication in SNMP Versions 1 and 2 amounts to nothing more than a password (community string) sent in clear text between a manager and agent. Each SNMPv3 message contains security parameters which are
encoded as an octet string. The meaning of these security parameters depends on the security
model being used.
SNMPv3 provides important security features:
Confidentiality - Encryption of packets to prevent snooping by an unauthorized source.
Integrity - Message integrity to ensure that a packet has not been tampered with in transit
including an optional packet replay protection mechanism.
Authentication - to verify that the message is from a valid source.
The following answers are incorrect:
UDP
SNMP can make use of the User Datagram Protocol (UDP) protocol but the UDP protocol by itself
is not use for network monitoring.
SNMP V1
SNMP version 1 (SNMPv1) is the initial implementation of the SNMP protocol. SNMPv1 operates
over protocols such as User Datagram Protocol (UDP), Internet Protocol (IP), OSI Connectionless
Network Service (CLNS), AppleTalk Datagram-Delivery Protocol (DDP), and Novell Internet
Packet Exchange (IPX). SNMPv1 is widely used and is the de facto network-management protocol
in the Internet community.
SNMP V2
SNMPv2 (RFC 1441-RFC 1452), revises version 1 and includes improvements in the areas of
performance, security, confidentiality, and manager-to-manager communications. It introduced
GetBulkRequest, an alternative to iterative GetNextRequests for retrieving large amounts of
management data in a single request. However, the new party-based security system in SNMPv2,
viewed by many as overly complex, was not widely accepted.
The following reference(s) were/was used to create this question:
http://en.wikipedia.org/wiki/Simple_Network_Management_Protocol
Harris, Shon (2012-10-18). CISSP All-in-One Exam Guide, 6th Edition (p. 587). McGraw-Hill.
Kindle Edition.
Hernandez CISSP, Steven (2012-12-21). Official (ISC)2 Guide to the CISSP CBK, Third Edition
((ISC)2 Press) (Kindle Locations 7434-7436). Auerbach Publications. Kindle Edition.


NEW QUESTION # 985
What is one issue NOT addressed by the Bell-LaPadula model?

  • A. Covert channels
  • B. Information flow control
  • C. Access modes
  • D. Security levels

Answer: A

Explanation:
As with any model, the Bell-LaPadula model has some weaknesses. These are the major ones. The model considers normal channels of the information exchange and does not address covert channels. -Ronald Krutz The CISSP PREP Guide (gold edition) pg 275-276


NEW QUESTION # 986
The repeated use of the algorithm to encipher a message consisting of many blocks is called

  • A. Cipher feedback
  • B. Cipher block chaining
  • C. Triple DES
  • D. Elliptical curve

Answer: B

Explanation:
"There are two main types of symmetric algorithms: stream and block ciphers. Like their names sound, block ciphers work on blocks of plaintext and ciphertext, whereas stream ciphers work on streams of plaintext and ciphertext, on bit or byte at a time. Pg 521. Shon Harris CISSP All-In-One Certification Exam Guide Cipher Block Chaining (CBC) operates with plaintext blocks of 64 bits. ....Note that in this mode, errors propogate." Pg 149 Krutz: The CISSP Prep Guide


NEW QUESTION # 987
Suppose you are a domain administrator and are choosing an employee to carry out backups. Which access control method do you think would be best for this scenario?

  • A. MAC - Mandatory Access Control
  • B. DAC - Discretionary Access Control
  • C. RBAC - Rule-Based Access Control
  • D. RBAC - Role-Based Access Control

Answer: D

Explanation:
RBAC - Role-Based Access Control permissions would fit best for a backup job for the employee because the permissions correlate tightly with permissions granted to a backup operator. A role-based access control (RBAC) model, bases the access control authorizations on the roles (or functions) that the user is assigned within an organization. The determination of what roles have access to a resource can be governed by the owner of the data, as with DACs, or applied based on policy, as with MACs. Access control decisions are based on job function, previously defined and governed by policy, and each role (job function) will have its own access capabilities. Objects associated with a role will inherit privileges assigned to that role. This is also true for groups of users, allowing administrators to simplify access control strategies by assigning users to groups and groups to roles. Specifically, in the Microsoft Windows world there is a security group called "Backup Operators" in which you can place the users to carry out the duties. This way you could assign the backup privilege without the need to grant the Restore privilege. This would prevent errors or a malicious person from overwriting the current data with an old copy for example.
The following answers are incorrect:
-MAC - Mandatory Access Control: This isn't the right answer. The role of Backup administrator fits perfectly with the access control Role-Based access control.
-DAC - Discretionary Access Control: This isn't the correct answer because DAC relies on data owner/creators to determine who has access to information.
-RBAC - Rule-Based Access Control: If you got this wrong it may be because you didn't read past the RBAC part. Be very careful to read the entire question and answers before proceeding.
The following reference(s) was used to create this question:
2013 Official Security+ Curriculum.
and
Hernandez CISSP, Steven (2012-12-21). Official (ISC)2 Guide to the CISSP CBK, Third Edition
((ISC)2 Press) (Kindle Locations 1936-1943). Auerbach Publications. Kindle Edition.


NEW QUESTION # 988
Which one of the following data integrity models assumes a lattice of integrity levels?

  • A. Biba
  • B. Bell-LaPadula
  • C. Harrison-Ruzzo
  • D. Take-Grant

Answer: A

Explanation:
Section: Security Architecture and Engineering
Explanation


NEW QUESTION # 989
Ensuring that printed reports reach proper users and that receipts are signed before releasing sensitive documents are examples of:

  • A. Output controls
  • B. Deterrent controls
  • C. Information flow controls
  • D. Asset controls

Answer: A

Explanation:
Output controls are used for two things: for verifying the integrity and protecting the confidentiality of an output. These are examples of proper output controls.
Source: KRUTZ, Ronald L. & VINES, Russel D., The CISSP Prep Guide: Mastering the
Ten Domains of Computer Security, John Wiley & Sons, 2001, Chapter 6: Operations
Security (page 218).


NEW QUESTION # 990
Which of the following are additional terms used to describe knowledge-based IDS and behavior-based IDS?

  • A. anomaly-based IDS and statistical-based IDS, respectively.
  • B. signature-based IDS and motion anomaly-based IDS, respectively.
  • C. signature-based IDS and statistical anomaly-based IDS, respectively.
  • D. signature-based IDS and dynamic anomaly-based IDS, respectively.

Answer: C

Explanation:
The two current conceptual approaches to Intrusion Detection methodology are knowledge-based ID systems and behavior-based ID systems, sometimes referred to as signature-based ID and statistical anomaly-based ID, respectively.
Source: KRUTZ, Ronald L. & VINES, Russel D., The CISSP Prep Guide: Mastering the
Ten Domains of Computer Security, 2001, John Wiley & Sons, Page 63.


NEW QUESTION # 991
Which of the following is most affected by denial-of-service (DOS) attacks?

  • A. Integrity
  • B. Availability
  • C. Confidentiality
  • D. Accountability

Answer: B

Explanation:
Denial of service attacks obviously affect availability of targeted systems. Source: KRUTZ, Ronald L. & VINES, Russel D., The CISSP Prep Guide: Mastering the Ten Domains of Computer Security, John Wiley & Sons, 2001, Chapter 3: Telecommunications and Network Security (page 61).


NEW QUESTION # 992
Which of the following answers best describes the type of penetration testing where the analyst has full knowledge of the network on which he is going to perform his test?

  • A. White-Box Penetration Testing
  • B. Black-Box Pen Testing
  • C. Penetration Testing
  • D. Gray-Box Pen Testing

Answer: A

Explanation:
In general there are three ways a pen tester can test a target system.
- White-Box: The tester has full access and is testing from inside the system.
- Gray-Box: The tester has some knowledge of the system he's testing.
- Black-Box: The tester has no knowledge of the system.
Each of these forms of testing has different benefits and can test different aspects of the system from different approaches.
The following answers are incorrect:
- Black-Box Pen Testing: This is where no prior knowledge is given about the target network. Only a domain name or business name may be given to the analyst.
- Penetration Testing: This is half correct but more specifically it is white-box testing because the tester has full access.
- Gray-Box Pen Testing: This answer is not right because Gray-Box testing you are given a little information about the target network.
The following reference(s) was used to create this question:
2013. Official Security+ Curriculum.
and tester is provided no information about the target's network or environment. The tester is simply left to his abilities
Hernandez CISSP, Steven (2012-12-21). Official (ISC)2 Guide to the CISSP CBK, Third
Edition ((ISC)2 Press) (Kindle Locations 4742-4743). Auerbach Publications. Kindle Edition.


NEW QUESTION # 993
The main approach to obtaining the true biometric information from a
collected sample of an individual's physiological or behavioral
characteristics is:

  • A. Feature extraction
  • B. False rejection
  • C. Digraphs
  • D. Enrollment

Answer: A

Explanation:
Feature extraction algorithms are a subset of signal/image processing
and are used to extract the key biometric information from a
sample that has been taken from an individual. Usually, the sample is
taken in an environment that may have noise and other conditions
that may affect the raw sample image. Neural networks are an example
of a feature extraction approach.
Answer "enrollment" refers to the process of collecting samples that are averaged and then stored to use as a reference base against which future samples are compared.
Answer "False rejection" refers to the false rejection in biometrics.
False rejection is the rejection of an authorized user because of a mismatch between the sample and the reference template. Conversely, false acceptance is the acceptance of an unauthorized user because of an incorrect match to the template of an authorized user. The corresponding measures in percentage are the False Rejection Rate (FRR) and False Acceptance Rate (FAR).
For answer diagraphs refer to sets of average values compiled in the biometrics area of keystroke dynamics. Keystroke dynamics involves analyzing the characteristics of a user typing on a keyboard. Keystroke duration samples as well
as measures of the latency between keystrokes are taken and averaged.
These averages for all pairs of keys are called diagraphs. Tri-
graphs, sample sets for all key triples, can also be used as biometric
samples.


NEW QUESTION # 994
Which of the following stripes the data and the parity information at the block level across all the drives in the set?

  • A. RAID Level 5
  • B. RAID Level 1
  • C. RAID Level 0
  • D. RAID Level 2

Answer: A

Explanation:
RAID Level 5 stripes the data and the parity information at the block level across all the drives in the set.
Source: KRUTZ, Ronald L. & VINES, Russel D., The CISSP Prep Guide: Mastering the
Ten Domains of Computer Security, 2001, John Wiley & Sons, Page 66.


NEW QUESTION # 995
Encryption is applicable to all of the following OSI/ISO layers except:

  • A. Physical layer
  • B. Session layer
  • C. Network layer
  • D. Data link layer

Answer: A

Explanation:
The Physical Layer describes the physical properties of the various communications media, as well as the electrical properties and interpretation of the exchanged signals. Ex: this layer defines the size of Ethernet coaxial cable, the type of BNC connector used, and the termination method. You cannot encrypt nothing at this layer because its physical, it is not protocol / software based. Network, Data link and transport layer supports encryption.


NEW QUESTION # 996
An organization allows ping traffic into and out of their network. An attacker has installed a program on the network that uses the payload portion of the ping packet to move data into and out of the network. What type of attack has the organization experienced?

  • A. Unfiltered channel
  • B. Covert channel
  • C. Data leakage
  • D. Data emanation

Answer: B

Explanation:
The organization has experienced a covert channel attack, which is a technique of hiding or transferring data within a communication channel that is not intended for that purpose. In this case, the attacker has used the payload portion of the ping packet, which is normally used to carry diagnostic data, to move data into and out of the network. This way, the attacker can bypass the network security controls and avoid detection. Data leakage (A) is a general term for the unauthorized disclosure of sensitive or confidential data, which may or may not involve a covert channel. Unfiltered channel (B) is a term for a communication channel that does not have any security mechanisms or filters applied to it, which may allow unauthorized or malicious traffic to pass through. Data emanation is a term for the unintentional radiation or emission of electromagnetic signals from electronic devices, which may reveal sensitive or confidential information to eavesdroppers. References: CISSP All-in-One Exam Guide, Eighth Edition, Chapter 4, page 179; Official (ISC)2 CISSP CBK Reference, Fifth Edition, Chapter 4, page 189.


NEW QUESTION # 997
Which of the following was developed as a simple mechanism for allowing simple network terminals to load their operating system from a server over the LAN?

  • A. DHCP
  • B. ARP
  • C. DNS
  • D. BootP

Answer: D

Explanation:
BootP was developed as a simple mechanism for allowing simple network terminals to load their operating system from a server over the LAN. Over time, it has expanded to allow centralized configuration of many aspects of a host's identity and behavior on the network. Note that DHCP, more complex, has replaced BootP over time.
Source: STREBE, Matthew and PERKINS, Charles, Firewalls 24seven, Sybex 2000,
Chapter 4: Sockets and Services from a Security Viewpoint.


NEW QUESTION # 998
In the Transmission Control Protocol/Internet (TCP/IP) and Open System Interconnection (OSI) models. Which of the following is the principle that allows each layer to operate independently

  • A. Cyclic Redundancy Check (CRC)
  • B. Encryption
  • C. Layer interconnection
  • D. Encapsulation

Answer: C


NEW QUESTION # 999
In which layer of the OSI Model are connection-oriented protocols located in the TCP/IP suite of protocols?

  • A. Application layer
  • B. Physical layer
  • C. Network layer
  • D. Transport layer

Answer: D

Explanation:
Explanation/Reference:
Explanation:
When two computers are going to communicate through a connection-oriented Protocol, such as TCP/IP, they will first agree on how much information each computer will send at a time, how to verify the integrity of the data once received, and how to determine whether a packet was lost along the way. The two computers agree on these parameters through a handshaking process at the transport layer, layer 4.
Incorrect Answers:
B: Connection-oriented protocols are located at transport layer, not at the Application layer.
C: Connection-oriented protocols are located at transport layer, not at the Physical layer.
D: Connection-oriented protocols are located at transport layer, not at the Network layer.
References:
Harris, Shon, All In One CISSP Exam Guide, 6th Edition, McGraw-Hill, New York, 2013, p. 525


NEW QUESTION # 1000
Who should measure the effectiveness of Information System security related controls in an organization?

  • A. The business manager
  • B. The central security manager
  • C. The local security specialist
  • D. The systems auditor

Answer: D

Explanation:
Explanation/Reference:
Explanation:
The function of the auditor is to come around periodically and make sure you are doing what you are supposed to be doing. They ensure the correct controls are in place and are being maintained securely.
The goal of the auditor is to make sure the organization complies with its own policies and the applicable laws and regulations. Organizations can have internal auditors and/or external auditors. The external auditors commonly work on behalf of a regulatory body to make sure compliance is being met.
CobiT is a model that most information security auditors follow when evaluating a security program. The Control Objectives for Information and related Technology (CobiT) is a framework and set of control objectives developed by the Information Systems Audit and Control Association (ISACA) and the IT Governance Institute (ITGI). It defines goals for the controls that should be used to properly manage IT and to ensure that IT maps to business needs.
Incorrect Answers:
A: A local security specialist could be hired to measure the effectiveness of Information System security related controls in an organization. However, in doing so, the local security specialist would be performing the role of systems auditor.
B: The business manager does not measure the effectiveness of Information System security related controls in an organization.
D: The central security manager could measure the effectiveness of Information System security related controls in an organization. However, in doing so, central security manager would be performing the role of systems auditor.
References:
Harris, Shon, All In One CISSP Exam Guide, 6th Edition, McGraw-Hill, New York, 2013, pp. 55, 125


NEW QUESTION # 1001
In a financial institution, who has the responsibility for assigning the classification to a piece of information?

  • A. Originator or nominated owner of the information
  • B. Chief Financial Officer (CFO)
  • C. Department head responsible for ensuring the protection of the information
  • D. Chief Information Security Officer (CISO)

Answer: A

Explanation:
In a financial institution, the responsibility for assigning the classification to a piece of information belongs to the originator or nominated owner of the information. The originator is the person who creates or generates the information, and the nominated owner is the person who is assigned the accountability and authority for the information by the management. The originator or nominated owner is the best person to determine the value and sensitivity of the information, and to assign the appropriate classification level based on the criteria and guidelines established by the organization. The originator or nominated owner is also responsible for reviewing and updating the classification as needed, and for ensuring that the information is handled and protected according to its classification56. References: 5: Information Classification Policy76: Information Classification and Handling Policy


NEW QUESTION # 1002
......

Prepare Top ISC CISSP Exam Audio Study Guide Practice Questions Edition: https://www.dumpsfree.com/CISSP-valid-exam.html

Dumps Practice Exam Questions Study Guide for the CISSP Exam: https://drive.google.com/open?id=1-ldlBzNzEoSDlrj5ESmNf0gJP5CJ1zDV

Related Articles

more
ISC CISSP Certification Practice Exam

DumpsFree provides high-quality dumps PDF & dumps VCE for candidates who are willing to pass exams and get certifications soon. We provide dumps free download before purchasing dumps VCE. 100% pass exam!

Latest Dumps Free

Useful Links

Contact Us

Our Working Time: ( GMT 0:00-15:00 )
From Monday to Saturday

Support: Contact now 

If you have any question please leave me your email address, we will reply and send email to you in 12 hours.

Copyright © 2026 DumpsFree NETWORK CO.,LIMITED. All Rights Reserved. All trademarks used are properties of their respective owners. Privacy Policy