Secure Checkout


Buy your braindumps confidently with our secure SSL certification and safe payment methods.

Read More
Download Demo


Download the demo of your desired dumps free on just one click before purchase. 100% singup free demo.

Read More


Get your certification in 1st attempt or get your 100% payment back according to our refund policy.

Read More
Customer Support


Resolve your issues and queries quickly with our dedicated 24/7 live customer support team.

Read More


We at Dumpssure certify you that our platform is one of the most authentic website for ISC2 CISSP exam questions and their correct answers. Pass your ISC2 CISSP exam with flying marks, and that too with little effort. With the purchase of this pack, you wil also get free demo questions dumps. We ensure your 100% success in CISSP Exam with the help of our provided material.

DumpsSure offers a unique Online Test Engine where you can fully practice your CISSP exam questions. This is one-of-a-kind feature which our competitors won't provide you. Candidates can practice the way they would want to attempt question at the real examination time.

Dumpssure also offers an exclusive 'Exam Mode' where you can attempt 50 random questions related to your CISSP exam. This mode is exactly the same as of real CISSP certification exam. Attempt all the questions within a limited time and test your knowledge on the spot. This mode will definitely give you an edge in real exam.

Our success rate from past 6 years is above 96% which is quite impressive and we're proud of it. Our customers are able to build their career in any field the wish. Let's dive right in and make the best decision of your life right now. Choose the plan you want, download the CISSP exam dumps and start your preparation for a successful professional.

Why Dumpssure is ever best for the preparation for ISC2 CISSP exam?

Dumpssure is providing free ISC2 CISSP question answers for your practice, to avail this facility you just need to sign up for a free account on Dumpssure. Thousands of customers from entire world are using our CISSP dumps. You can get high grades by using these dumps with money back guarantee on CISSP dumps PDF.

A vital device for your assistance to pass your ISC2 CISSP Exam

Our production experts have been preparing such material which can succeed you in ISC2 CISSP exam in a one day. They are so logical and notorious about the questions and their answers that you can get good marks in ISC2 CISSP exam. So DUMPSSURE is offering you to get excellent marks.

Easy access on your mobile for the users

The basic mean of Dumpssure is to provide the most important and most accurate material for our users. You just need to remain connected to internet for getting updates even on your mobile. After purchasing, you can download the ISC2 CISSP study material in PDF format and can read it easily, where you have desire to study.

ISC2 CISSP Questions and Answers can get instantly

Our provided material is regularly updated step by step for new questions and answers for ISC2 Exam Dumps, so that you can easily check the behaviour of the question and their answers and you can succeed in your first attempt.

ISC2 CISSP Dumps are demonstrated by diligence Experts

We are so keen to provide our users with that questions which are verified by the ISC2 Professionals, who are extremely skilled and have spent many years in this field.

Money Back Guarantee

Dumpssure is so devoted to our customers that we provide to most important and latest questions to pass you in the ISC2 CISSP exam. If you have purchased the complete CISSP dumps PDF file and not availed the promised facilities for the ISC2 exams you can either replace your exam or claim for money back policy which is so simple for more detail visit Guarantee Page.

ISC2 CISSP Sample Questions

Question # 1

What is the PRIMARY purpose of auditing, as it relates to the security review cycle? 

A. To ensure the organization's controls and pokies are working as intended  
B. To ensure the organization can still be publicly traded  
C. To ensure the organization's executive team won't be sued  
D. To ensure the organization meets contractual requirements  

Question # 2

An application is used for funds transfer between an organization and a third-party. During a security audit, an issue with the business continuity/disaster recovery policy and procedures for this application. Which of the following reports should the audit file with the organization?

A. Service Organization Control (SOC) 1  
B. Statement on Auditing Standards (SAS) 70
C. Service Organization Control (SOC) 2  
D. Statement on Auditing Standards (SAS) 70-1  

Question # 3

The Industrial Control System (ICS) Computer Emergency Response Team (CERT) has released an alert regarding ICS-focused malware specifically propagating through Windows-based business networks. Technicians at a local water utility note that their dams, canals, and locks controlled by an internal Supervisory Control and Data Acquisition (SCADA) system have been malfunctioning. A digital forensics professional is consulted in the Incident Response (IR) and recovery. Which of the following is the MOST challenging aspect of this investigation?

A. SCADA network latency  
B. Group policy implementation  
C. Volatility of data  
D. Physical access to the system

Question # 4

Which of the following needs to be tested to achieve a Cat 6a certification for a company's data cabling?

A. RJ11  
B. LC ports  
C. Patch panel  
D. F-type connector  

Question # 5

Which access control method is based on users issuing access requests on system resources, features assigned to those resources, the operational or situational context, and a set of policies specified in terms of those features and context?

A. Mandatory Access Control (MAC)  
B. Role Based Access Control (RBAC)  
C. Discretionary Access Control (DAC)  
D. Attribute Based Access Control (ABAC)  

Question # 6

Which of the following are the B EST characteristics of security metrics? 

A. They are generalized and provide a broad overview  
B. They use acronyms and abbreviations to be concise  
C. They use bar charts and Venn diagrams  
D. They are consistently measured and quantitatively expressed  

Question # 7

Which reporting type requires a service organization to describe its system and define its control objectives and controls that are relevant to users' internal control over financial reporting?

A. Statement on Auditing Standards (SAS)70  
B. Service Organization Control 1 (SOC1)  
C. Service Organization Control 2 (SOC2)  
D. Service Organization Control 3 (SOC3)  

Question # 8

Which of the following is the PRIMARY purpose of installing a mantrap within a facility? 

A. Control traffic  
B. Prevent rapid movement  
C. Prevent plggybacking  
C. Prevent piggybacking  

Question # 9

A manager identified two conflicting sensitive user functions that were assigned to a single user account that had the potential to result in a financial and regulatory risk to the company. The manager MOST likely discovered this during which of the following?

A. Security control assessment.  
B. Separation of duties analysis  
C. Network Access Control (NAC) review  
D. Federated identity management (FIM) evaluation  

Question # 10

Which of the following system components enforces access controls on an object? 

A. Security perimeter  
B. Access control matrix  
C. Trusted domain  
D. Reference monitor  

Question # 11

Which of the following provides the MOST secure method for Network Access Control (NAC)?

A. Media Access Control (MAC) filtering  
B. 802.IX authentication  
C. Application layer filtering  
D. Network Address Translation (NAT)  

Question # 12

A software development company found odd behavior in some recently developed software, creating a need for a more thorough code review. What is the MOST effective argument for a more thorough code review?

A. It will increase the flexibility of the applications developed.  
B. It will increase accountability with the customers.  
C. It will impede the development process.  
D. lt will reduce the potential for vulnerabilities.  

Question # 13

How should the retention period for an organization's social media content be defined? 

A. Wireless Access Points (AP)  
B. Token-based authentication  
C. Host-based firewalls  
D. Trusted platforms  

Question # 14

When designing a new Voice over Internet Protocol (VoIP) network, an organization's top concern is preventing unauthorized users from accessing the VoIP network. Which of the following will BEST help secure the VoIP network?

A. Transport Layer Security (TLS)  
B. 802.1x  
C. 802.119  
D. Web application firewall (WAF)

Question # 15

Which of the following factors should be considered characteristics of Attribute Based Access Control (ABAC) in terms of the attributes used?

A. Mandatory Access Control (MAC) and Discretionary Access Control (DAC)  
B. Discretionary Access Control (DAC) and Access Control List (ACL)  
C. Role Based Access Control (RBAC) and Mandatory Access Control (MAC)  
D. Role Based Access Control (RBAC) and Access Control List (ACL)  

Question # 16

What is the PRIMARY purpose of creating and reporting metrics for a security awareness, training, and education program?

A. Make all stakeholders aware of the program's progress.  
B. Measure the effect of the program on the organization's workforce.  
C. Facilitate supervision of periodic training events.  
D. Comply with legal regulations and document due diligence in security practices.  

Question # 17

In a DevOps environment, which of the following actions is MOST necessary to have confidence in the quality of the changes being made?

A. Prepare to take corrective actions quickly.  
B. Receive approval from the change review board.  
C. Review logs for any anomalies.  
D. Automate functionality testing.

Question # 18

A Chief Information Officer (CIO) has delegated responsibility of their system security to the head of the information technology (IT) department. While corporate policy dictates that only the CIO can make decisions on the level of data protection required, technical implementation decisions are done by the head of the IT department. Which of the following BEST describes the security role filled by the head of the IT department?

A. System analyst  
B. System security officer  
C. System processor  
D. System custodian  

Question # 19

During a Disaster Recovery (DR) simulation, it is discovered that the shared recovery site lacks adequate data restoration capabilities to support the implementation of multiple plans simultaneously. What would be impacted by this fact if left unchanged?

A. Recovery Point Objective (RPO) 
B. Recovery Time Objective (RTO) 
C. Business Impact Analysis (BIA) 
D. Return on Investment (ROI) 

Question # 20

In a multi-tenant cloud environment, what approach will secure logical access to assets? 

A. Hybrid cloud  
B. Transparency/Auditability of administrative access  
C. Controlled configuration management (CM)  
D. Virtual private cloud (VPC)

Question # 21

A company is moving from the V model to Agile development. How can the information security department BEST ensure that secure design principles are implemented in the new methodology?

A. All developers receive mandatory targeted information security training.  
B. The non-financial information security requirements remain mandatory for the new model. 
C. The information security department performs an information security assessment after each sprint.
D. Information security requirements are captured in mandatory user stories.  

Question # 22

Which of the following is the BEST method to gather evidence from a computer's hard drive?

A. Disk duplication  
B. Disk replacement  
C. Forensic signature  
D. Forensic imaging  

Question # 23

What is the FIRST step when developing an Information Security Continuous Monitoring (ISCM) program? 

A. Establish an ISCM technical architecture.  
B. Collect the security-related information required for metrics, assessments, and reporting.  
C. Establish an ISCM program determining metrics, status monitoring frequencies, and control assessment frequencies.  
D. Define an ISCM strategy based on risk tolerance.  

Question # 24

The security team is notified that a device on the network is infected with malware. Which of the following is MOST effective in enabling the device to be quickly located and remediated?

A. data loss protection (DLP)  
B. Intrusion detection  
C. Vulnerability scanner  
D. Information Technology Asset Management (ITAM)  

Question # 25

Which of the following BEST describes the objectives of the Business Impact Analysis (BIA)?

A. Identifying the events and environmental factors that can adversely affect an organization
B. Identifying what is important and critical based on disruptions that can affect the organization. 
C. Establishing the need for a Business Continuity Plan (BCP) based on threats that can affect an organization 
D. Preparing a program to create an organizational awareness for executing the Business Continuity Plan (BCP) 

Question # 26

Computer forensics requires which of the following MAIN steps? 

A. Announce the incident to responsible sections, analyze the data, assimilate the data for correlation
B. Take action to contain the damage, announce the incident to responsible sections, analyze the data 
C. Acquire the data without altering, authenticate the recovered data, analyze the data  
D. Access the data before destruction, assimilate the data for correlation, take action to contain the damage 

Question # 27

An attacker is able to remain indefinitely logged into a exploit to remain on the web service?

A. Alert management  
B. Password management  
C. Session management  
D. Identity management (IM)  

Question # 28

Which of the following would qualify as an exception to the "right to be forgotten" of the General Data Protection Regulation (GDPR)?

A. For the establishment, exercise, or defense of legal claims  
B. The personal data has been lawfully processed and collected  
C. The personal data remains necessary to the purpose for which it was collected  
D. For the reasons of private interest  

Question # 29

The initial security categorization should be done early in the system life cycle and should be reviewed periodically. Why is it important for this to be done correctly?

A. It determines the security requirements.
B. It affects other steps in the certification and accreditation process.  
C. It determines the functional and operational requirements.  
D. The system engineering process works with selected security controls.  

Question # 30

When defining a set of security controls to mitigate a risk, which of the following actions MUST occur?

A. Each control's effectiveness must be evaluated individually.  
B. Each control must completely mitigate the risk.  
C. The control set must adequately mitigate the risk.  
D. The control set must evenly divided the risk.  

Question # 31

When conducting a third-party risk assessment of a new supplier, which of the following reports should be reviewed to confirm the operating effectiveness of the security, availability, confidentiality, and privacy trust principles?

A. Service Organization Control (SOC) 1, Type 2  
B. Service Organization Control (SOC) 2, Type 2  
C. International Organization for Standardization (ISO) 27001  
D. International Organization for Standardization (ISO) 27002  

Question # 32

During a penetration test, what are the three PRIMARY objectives of the planning phase? 

A. Determine testing goals, identify rules of engagement and conduct an initial discovery scan. 
B. Finalize management approval, determine testing goals, and gather port and service information. 
C. Identify rules of engagement, finalize management approval, and determine testing goals. 
D. Identify rules of engagement, document management approval, and collect system and application information. 

Question # 33

What is the PRIMARY reason that a bit-level copy is more desirable than a file-level copy when replicating a hard drive's contents for an e-discovery investigation?

A. Files that have been deleted will be transferred.  
B. The file and directory structure is retained.  
C. File-level security settings will be preserved.  
D. The corruption of files is less likely.

Question # 34

An organization wants to migrate to Session Initiation Protocol (SIP) to save on telephony expenses. Which of the following security related statements should be considered in the decision-making process? 

A. Cloud telephony is less secure and more expensive than digital telephony services.  
B. SIP services are more secure when used with multi-layer security proxies.  
C. H.323 media gateways must be used to ensure end-to-end security tunnels.  
D. Given the behavior of SIP traffic, additional security controls would be required.  

Question # 35

When assessing the audit capability of an application, which of the following activities is MOST important?

A. Determine if audit records contain sufficient information.  
B. Review security plan for actions to be taken in the event of audit failure.  
C. Verify if sufficient storage is allocated for audit records.  
D. Identify procedures to investigate suspicious activity.  

Question # 36

Which of the following vulnerabilities can be BEST detected using automated analysis? 

A. Valid cross-site request forgery (CSRF) vulnerabilities  
B. Multi-step process attack vulnerabilities
C. Business logic flaw vulnerabilities  
D. Typical source code vulnerabilities  

Question # 37

In setting expectations when reviewing the results of a security test, which of the following statements is MOST important to convey to reviewers?

A. The target’s security posture cannot be further compromised.  
B. The results of the tests represent a point-in-time assessment of the target(s).  
C. The accuracy of testing results can be greatly improved if the target(s) are properly hardened. 
D. The deficiencies identified can be corrected immediately  

Question # 38

Who should perform the design review to uncover security design flaws as part of the Software Development Life Cycle (SDLC)?

A. The business owner  
B. security subject matter expert (SME)  
C. The application owner  
D. A developer subject matter expert (SME)

Question # 39

An organization is trying to secure instant messaging (IM) communications through its network perimeter. Which of the following is the MOST significant challenge?

A. IM clients can interoperate between multiple vendors.  
B. IM clients can run without administrator privileges.  
C. IM clients can utilize random port numbers.  
D. IM clients can run as executables that do not require installation.  

Question # 40

When designing a Cyber-Physical System (CPS), which of the following should be a security practitioner's first consideration?

A. Detection of sophisticated attackers  
B. Resiliency of the system  
C. Topology of the network used for the system  
D. Risk assessment of the system

Question # 41

Which of the following is fundamentally required to address potential security issues when initiating software development?

A. Implement ongoing security audits in all environments.  
B. Ensure isolation of development from production.  
C. Add information security objectives into development.  
D. Conduct independent source code review.

Question # 42

A project manager for a large software firm has acquired a government contract that generates large amounts of Controlled Unclassified Information (CUI). The organization's information security manager has received a request to transfer project-related CUI between systems of differing security classifications. What role provides the authoritative guidance for this transfer?

A. Information owner  
B. PM  
C. Data Custodian  
D. Mission/Business Owner  

Question # 43

What is the MOST appropriate hierarchy of documents when implementing a security program? 

A. Organization principle, policy, standard, guideline  
B. Policy, organization principle, standard, guideline  
C. Standard, policy, organization principle, guideline  
D. Organization principle, guideline, policy, standard  

Question # 44

employee training, risk management, and data handling procedures and policies could be characterized as which type of security measure?

A. Non-essential  
B. Management  
C. Preventative  
D. Administrative  

Question # 45

A network security engineer needs to ensure that a security solution analyzes traffic for protocol manipulation and various sorts of common attacks. In addition, all Uniform Resource Locator (URL) traffic must be inspected and users prevented from browsing inappropriate websites. Which of the following solutions should be implemented to enable administrators the capability to analyze traffic, blacklist external sites, and log user traffic for later analysis?

A. Intrusion detection system (IDS)  
B. Circuit-Level Proxy  
C. Application-Level Proxy  
D. Host-based Firewall  

Question # 46

An organization with divisions in the United States (US) and the United Kingdom (UK) processes data comprised of personal information belonging to subjects living in the European Union (EU) and in the US. Which data MUST be handled according to the privacy protections of General Data Protection Regulation (GDPR)?

A. Only the EU citizens’ data  
B. Only the EU residents' data  
C. Only the UK citizens’ data  
D. Only data processed in the UK

Question # 47

A company wants to store data related to users on an offsite server. What method can be deployed to protect the privacy of the user’s information while maintaining the field-level configuration of the database?

A. {Encryption  
B. Encoding  
C. Tokenization  
D. Hashing  

Question # 48

Which of the following determines how traffic should flow based on the status of the infrastructure layer?

A. Traffic plane  
B. Application plane  
C. Data plane  
D. Control plane  

Question # 49

Which of the following is security control volatility? 

A. A reference to the stability of the security control.  
B. A reference to how unpredictable the security control is.  
C. A reference to the impact of the security control.  
D. A reference to the likelihood of change in the security control.  

Question # 50

An organization has implemented a password complexity and an account lockout policy enforcing five incorrect logins tries within ten minutes. Network users have reported significantly increased account lockouts. Which of the following security principles is this company affecting?

A. Availability  
B. Integrity  
C. Confidentiality  
D. Authentication  

Question # 51

An organization implements Network Access Control (NAC) ay Institute of Electrical and Electronics Engineers (IEEE) 802.1x and discovers the printers do not support the IEEE 802.1x standard. Which of the following is the BEST resolution?

A. Implement port security on the switch ports for the printers.  
B. Implement a virtual local area network (VLAN) for the printers.  
C. Do nothing; IEEE 802.1x is irrelevant to printers.  
D. Install an IEEE 802. 1x bridge for the printers.  

Question # 52

An information security professional is reviewing user access controls on a customer-facing application. The application must have multi-factor authentication (MFA) in place. The application currently requires a username and password to log in. Which of the following options would BEST implement MFA?

A. Geolocate the user and compare to previous logins  
B. Require a pre-selected number as part of the login  
C. Have the user answer a secret question that is known to them  
D. Enter an automatically generated number from a hardware token  

Question # 53

Which of the following is a limitation of the Bell-LaPadula model? 

A. Segregation of duties (SoD) is difficult to implement as the "no read-up" rule limits the ability of an object to access information with a higher classification. 
B. Mandatory access control (MAC) is enforced at all levels making discretionary access control (DAC) impossible to implement. 
C. It contains no provision or policy for changing data access control and works well only with access systems that are static in nature. 
D. It prioritizes integrity over confidentiality which can lead to inadvertent information disclosure. 

Question # 54

What is the benefit of using Network Admission Control (NAC)? 

A. Operating system (OS) versions can be validated prior to allowing network access.  
B. NAC supports validation of the endpoint's security posture prior to allowing the session to go into an authorized state. 
C. NAC can require the use of certificates, passwords, or a combination of both before allowing network admission. 
D. NAC only supports Windows operating systems (OS).  

Question # 55

Which combination of cryptographic algorithms are compliant with Federal Information Processing Standard (FIPS) Publication 140-2 for non-legacy systems?

A. Diffie-hellman (DH) key exchange: DH (>=2048 bits) Symmetric Key: Advanced Encryption Standard (AES) > 128 bits Digital Signature: Rivest-Shamir-Adleman (RSA) (1024 bits)
B. Diffie-hellman (DH) key exchange: DH (>=2048 bits) Symmetric Key: Advanced Encryption Standard (AES) > 128 bits Digital Signature: Digital Signature Algorithm (DSA) (>=2048 bits)
C. Diffie-hellman (DH) key exchange: DH (<= 1024 bits) Symmetric Key: Blowfish Digital Signature: Rivest-Shamir-Adleman (RSA) (>=2048 bits)
D. Diffie-hellman (DH) key exchange: DH (>=2048 bits) Symmetric Key: Advanced Encryption Standard (AES) < 128 bits Digital Signature: Elliptic Curve Digital Signature Algorithm (ECDSA) (>=256 bits)

Question # 56

When designing a Cyber-Physical System (CPS), which of the following should be a security practitioner’s first consideration?

A. Resiliency of the system  
B. Detection of sophisticated attackers  
C. Risk assessment of the system  
D. Topology of the network used for the system  

Question # 57

Which of the following vulnerability assessment activities BEST exemplifies the Examine method of assessment?

A. Ensuring that system audit logs capture all relevant data fields required by the security controls baseline 
B. Performing Port Scans of selected network hosts to enumerate active services  
C. Asking the Information System Security Officer (ISSO) to describe the organization’s patch management processes 
D. Logging into a web server using the default administrator account and a default password 

Question # 58

Building blocks for software-defined networks (SDN) require which of the following? 

A. The SDN is mostly composed of virtual machines (VM).  
B. The SDN is composed entirely of client-server pairs.  
C. Virtual memory is used in preference to random-access memory (RAM).  
D. Random-access memory (RAM) is used in preference to virtual memory.  

Question # 59

Which of the following BEST describes why software assurance is critical in helping prevent an increase in business and mission risk for an organization? 

A. Software that does not perform as intended may be exploitable which makes it vulnerable to attack.
B. Request for proposals (RFP) avoid purchasing software that does not meet business needs. 
C. Contracting processes eliminate liability for security vulnerabilities for the purchaser.  
D. Decommissioning of old software reduces long-term costs related to technical debt.  

Question # 60

What is the FIRST step for an organization to take before allowing personnel to access social media from a corporate device or user account?

A. Publish a social media guidelines document.  
B. Publish an acceptable usage policy.  
C. Document a procedure for accessing social media sites.  
D. Deliver security awareness training.  

Question # 61

All hosts on the network are sending logs via syslog-ng to the log collector. The log collector is behind its own firewall, The security professional wants to make sure not to put extra load on the firewall due to the amount of traffic that is passing through it. Which of the following types of filtering would MOST likely be used?

A. Uniform Resource Locator (URL) Filtering  
B. Web Traffic Filtering  
C. Dynamic Packet Filtering  
D. Static Packet Filtering  

Question # 62

When designing a business continuity plan (BCP), what is the formula to determine the Maximum Tolerable Downtime (MTD)?

A. Annual Loss Expectancy (ALE) + Work Recovery Time (WRT)  
B. Business impact analysis (BIA) + Recovery Point Objective (RPO)  
C. Recovery Time Objective (RTO) + Work Recovery Time (WRT)  
D. Estimated Maximum Loss (EML) + Recovery Time Objective (RTO)  

Question # 63

Which of the following will an organization's network vulnerability testing process BEST enhance?

A. Firewall log review processes  
B. Asset management procedures  
C. Server hardening processes  
D. Code review procedures  

Question # 64

What are the three key benefits that application developers should derive from the northbound application programming interface (API) of software-defined networking (SDN)?

A. Familiar syntax, abstraction of network topology, and definition of network protocols  
B. Network syntax, abstraction of network flow, and abstraction of network protocols  
C. Network syntax, abstraction of network commands, and abstraction of network protocols  
D. Familiar syntax, abstraction of network topology, and abstraction of network protocols  

Question # 65

An organization wants to share data securely with their partners via the Internet. Which standard port is typically used to meet this requirement?

A. Setup a server on User Datagram Protocol (UDP) port 69  
B. Setup a server on Transmission Control Protocol (TCP) port 21  
C. Setup a server on Transmission Control Protocol (TCP) port 22  
D. Setup a server on Transmission Control Protocol (TCP) port 80  

Question # 66

A criminal organization is planning an attack on a government network. Which of the following scenarios presents the HIGHEST risk to the organization?

A. Network is flooded with communication traffic by the attacker.  
B. Organization loses control of their network devices.  
C. Network management communications is disrupted.  
D. Attacker accesses sensitive information regarding the network topology.  

Question # 67

Which media sanitization methods should be used for data with a high security categorization?

A. Clear or destroy  
B. Clear or purge  
C. Destroy or delete  
D. Purge or destroy  

Question # 68

What is the PRIMARY benefit of relying on Security Content Automation Protocol (SCAP)? 

A. Save security costs for the organization.  
B. Improve vulnerability assessment capabilities.  
C. Standardize specifications between software security products.  
D. Achieve organizational compliance with international standards.  

Question # 69

Of the following, which BEST provides non- repudiation with regards to access to a server room?

A. Fob and Personal Identification Number (PIN)  
B. Locked and secured cages  
C. Biometric readers  
D. Proximity readers  

Question # 70

Which of the fallowing statements is MOST accurate regarding information assets? 

A. International Organization for Standardization (ISO) 27001 compliance specifies which information assets must be included in asset inventory.
B. S3 Information assets include any information that is valuable to the organization,  
C. Building an information assets register is a resource-intensive job.  
D. Information assets inventory is not required for risk assessment.  

Question # 71

Which of the following security tools will ensure authorized data is sent to the application when implementing a cloud based application?

A. Host-based intrusion prevention system (HIPS)  
B. Access control list (ACL)  
C. File integrity monitoring (FIM)  
D. Data loss prevention (DLP)

Question # 72

Which of the following would be the BEST mitigation practice for man-in-the-middle (MITM) Voice over Internet Protocol (VoIP) attacks?

A. Use Media Gateway Control Protocol (MGCP)  
B. Use Transport Layer Security (TLS) protocol
C. Use File Transfer Protocol (FTP)  
D. Use Secure Shell (SSH) protocol

Question # 73

Write Once, Read Many (WORM) data storage devices are designed to BEST support which of the following core security concepts?

A. lntegrity  
B. Scalability  
C. Availability  
D. Confidentiality  

Question # 74

Which of the following types of web-based attack is happening when an attacker is able to send a well-crafted, malicious request to an authenticated user without the user realizing it?

A. ross-Site Scripting (XSS)  
B. Cross-Site request forgery (CSRF)  
C. Cross injection  
D. Broken Authentication And Session Management  

Question # 75

Which of the following is the PRIMARY type of cryptography required to support nonrepudiation of a digitally signed document?

A. Message digest (MD)  
B. Asymmetric  
C. Symmetric  
D. Hashing  

Question # 76

Which of the following is the MOST important first step in preparing for a security audit? 

A. Identify team members.  
B. Define the scope.  
C. Notify system administrators.  
D. Collect evidence.  

Question # 77

In which of the following scenarios is locking server cabinets and limiting access to keys preferable to locking the server room to prevent unauthorized access?

A. Server cabinets are located in an unshared workspace.  
B. Server cabinets are located in an isolated server farm.  
C. Server hardware is located in a remote area.  
D. Server cabinets share workspace with multiple projects.  

Question # 78

Information Security Continuous Monitoring (1SCM) is defined as maintaining ongoing awareness of information security, vulnerabilities, and threats to support organizational risk management decisions. Which of the following is the FIRST step in developing an ISCM strategy and implementing an ISCM program?

A. Define a strategy based on risk tolerance that maintains clear visibility into assets, awareness of vulnerabilities, up-to-date threat information, and mission/business impacts.
B. Conduct a vulnerability assessment to discover current threats against the environment and incorporate them into the program.
C. Respond to findings with technical management, and operational mitigating activities or acceptance, transference/sharing, or avoidance/rejection. 
D. Analyze the data collected and report findings, determining the appropriate response. It may be necessary to collect additional information to clarify or supplement existing monitoring data. 

Question # 79

The Rivest-Shamir-Adleman (RSA) algorithm is BEST suited for which of the following operations?

A. Bulk data encryption and decryption  
B. One-way secure hashing for user and message authentication  
C. Secure key exchange for symmetric cryptography  
D. Creating digital checksums for message integrity  

Question # 80

Which security feature fully encrypts code and data as it passes to the servers and only decrypts below the hypervisor layer?

A. File-system level encryption  
B. Transport Layer Security (TLS)  
C. Key management service  
D. Trusted execution environments

Question # 81

Which of the following BEST describes the use of network architecture in reducing corporate risks associated with mobile devices?

A. Maintaining a "closed applications model on all mobile devices depends on demilitarized 2one (DM2) servers 
B. Split tunneling enabled for mobile devices improves demilitarized zone (DMZ) security posture
C. Segmentation and demilitarized zone (DMZ) monitoring are implemented to secure a virtual private network (VPN) access for mobile devices
D. Applications that manage mobile devices are located in an Internet demilitarized zone (DMZ) 

Question # 82

Which section of the assessment report addresses separate vulnerabilities, weaknesses, and gaps? 

A. Key findings section  
B. Executive summary with full details  
C. Risk review section  
D. Findings definition section

Question # 83

What is the BEST method to use for assessing the security impact of acquired software? 

A. Common vulnerability review  
B. Software security compliance validation
C. Threat modeling  
D. Vendor assessment  

Question # 84

What is the correct order of execution for security architecture? 

A. Governance, strategy and program management, project delivery, operations  
B. Strategy and program management, governance, project delivery, operations  
C. Governance, strategy and program management, operations, project delivery  
D. Strategy and program management, project delivery, governance, operations  

Question # 85

A cloud service accepts Security Assertion Markup Language (SAML) assertions from users to on and security However, an attacker was able to spoof a registered account on the network and query the SAML provider. What is the MOST common attack leverage against this flaw? 

A. Attacker forges requests to authenticate as a different user.  
B. Attacker leverages SAML assertion to register an account on the security domain.  
C. Attacker conducts denial-of-service (DoS) against the security domain by authenticating as the same user repeatedly.
D. Attacker exchanges authentication and authorization data between security domains.  

Question # 86

Network Access Control (NAC) capability BEST meets this objective? 

A. Application firewall  
B. Port security  
C. Strong passwords  
D. Two-factor authentication (2FA)

Question # 87

Which of the following is performed to determine a measure of success of a security awareness training program designed to prevent social engineering attacks?

A. Employee evaluation of the training program  
B. Internal assessment of the training program's effectiveness  
C. Multiple choice tests to participants  
D. Management control of reviews

Question # 88

Two computers, each with a single connection on the same physical 10 gigabit Ethernet network segment, need to communicate with each other. The first machine has a single Internet Protocol (IP) Classless Inter-Domain Routing (CIDR) address of and the second machine has an IP/CIDR address Which of the following is correct?

A. Since each computer is on a different layer 3 networks, traffic between the computers must be processed by a network bridge in order to communicate. 
B. Since each computer is on the same layer 3 networks, traffic between the computers may be processed by a network bridge in order to communicate. 
C. Since each computer is on the same layer 3 networks, traffic between the computers may be processed by a network router in order to communicate. 
D. Since each computer is on a different layer 3 networks, traffic between the computers must be processed by a network router in order to communicate. 

Question # 89

The customer continues to experience attacks on their email, web, and File Transfer Protocol (FTP) servers. These attacks are impacting their business operations. Which of the following is the BEST recommendation to make?

A. Configure an intrusion detection system (IDS).  
B. Create a demilitarized zone (DMZ).  
C. Deploy a bastion host.  
D. Setup a network firewall.  

Question # 90

When testing password strength, which of the following is the BEST method for brute forcing passwords?

A. Conduct an offline attack on the hashed password information.  
B. Conduct an online password attack until the account being used is locked.  
C. Use a comprehensive list of words to attempt to guess the password.  
D. Use social engineering methods to attempt to obtain the password.  

Question # 91

A hospital’s building controls system monitors and operates the environmental equipment to maintain a safe and comfortable environment. Which of the following could be used to minimize the risk of utility supply interruption?

A. Digital devices that can turn equipment off and continuously cycle rapidly in order to increase supplies and conceal activity on the hospital network 
B. Standardized building controls system software with high connectivity to hospital networks 
C. Lock out maintenance personnel from the building controls system access that can impact critical utility supplies
D. Digital protection and control devices capable of minimizing the adverse impact to critical utility 

Question # 92

During an internal audit of an organizational Information Security Management System (ISMS), nonconformities are identified. In which of the following management stages are nonconformities reviewed, assessed and/or corrected by the organization?

A. Planning  
B. Operation  
C. Assessment  
D. Improvement  

Question # 93

Which of the following is established to collect information Se eee ee ee nation readily available in part through implemented security controls?

A. Security Assessment Report (SAR)  
B. Organizational risk tolerance  
C. Information Security Continuous Monitoring (ISCM)  
D. Risk assessment report  

Question # 94

Two remote offices need to be connected securely over an untrustworthy MAN. Each office needs to access network shares at the other site. Which of the following will BEST provide this functionality?

A. Client-to-site VPN  
B. Third-party VPN service  
C. Site-to-site VPN  
D. Split-tunnel VPN  

Question # 95

An organization has discovered that organizational data is posted by employees to data storage accessible to the general public. What is the PRIMARY step an organization must take to ensure data is properly protected from public release? 

A. Implement a data classification policy.
B. Implement a data encryption policy.  
C. Implement a user training policy.  
D. Implement a user reporting policy.  

Question # 96

Which of the following is the FIRST step during digital identity provisioning? 

A. Authorizing the entity for resource access  
B. Synchronizing directories  
C. Issuing an initial random password  
D. Creating the entity record with the correct attributes  

Question # 97

Which of the following is the BEST way to protect an organization's data assets? 

A. Monitor and enforce adherence to security policies.  
B. Encrypt data in transit and at rest using up-to-date cryptographic algorithms.  
C. Create the Demilitarized Zone (DMZ) with proxies, firewalls, and hardened bastion hosts.  
D. Require Multi-Factor Authentication (MFA) and Separation of Duties (SoD).  

Question # 98

What is the FINAL step in the waterfall method for contingency planning? 

A. Maintenance  
B. Testing  
C. Implementation  
D. Training  

Question # 99

Which of the following is an open standard for exchanging authentication and authorization data between parties?

A. Wired markup language  
B. Hypertext Markup Language (HTML)  
C. Extensible Markup Language (XML)  
D. Security Assertion Markup Language (SAML)

Question # 100

Which of the following is the BEST method to identify security controls that should be implemented for a web-based application while in development?

A. Application threat modeling  
B. Secure software development.  
C. Agile software development  
D. Penetration testing  

Question # 101

Which of the following BEST describes the purpose of Border Gateway Protocol (BGP)? 

A. Maintain a list of network paths between internet routers.  
B. Provide Routing Information Protocol (RIP) version 2 advertisements to neighboring layer 3 devices. 
C. Provide firewall services to cloud-enabled applications.  
D. Maintain a list of efficient network paths between autonomous systems.  

Question # 102

Configuring a Wireless Access Point (WAP) with the same Service Set Identifier (SSID) as another WAP in order to have users unknowingly connect is referred to as which of the following?

A. Jamming  
B. Man-right-Middle (MITM)  
C. War driving  
D. Internet Protocol (IP) spoofing

Question # 103

A company hired an external vendor to perform a penetration test ofa new payroll system. The company’s internal test team had already performed an in-depth application and security test of the system and determined that it met security requirements. However, the external vendor uncovered significant security weaknesses where sensitive personal data was being sent unencrypted to the tax processing systems. What is the MOST likely cause of the security issues?

A. Failure to perform interface testing  
B. Failure to perform negative testing  
C. Inadequate performance testing  
D. Inadequate application level testing  

Question # 104

What BEST describes the confidentiality, integrity, availability triad? 

A. A tool used to assist in understanding how to protect the organization's data  
B. The three-step approach to determine the risk level of an organization  
C. The implementation of security systems to protect the organization's data  
D. A vulnerability assessment to see how well the organization's data is protected  

What Our Client Says