Proper study guides for Up to the immediate present ISC2 Certified Information Systems Security Professional (CISSP) certified begins with ISC2 CISSP preparation products which designed to deliver the Guaranteed CISSP questions by making you pass the CISSP test at your first time. Try the free CISSP demo right now.
2021 Mar CISSP exam question
Q11. For a service provider, which of the following MOST effectively addresses confidentiality concerns for customers using cloud computing?
A. Hash functions
B. Data segregation
C. File system permissions
D. Non-repudiation controls
Answer: B
Q12. When using third-party software developers, which of the following is the MOST effective method of providing software development Quality Assurance (QA)?
A. Retain intellectual property rights through contractual wording.
B. Perform overlapping code reviews by both parties.
C. Verify that the contractors attend development planning meetings.
D. Create a separate contractor development environment.
Answer: B
Q13. Which of the following BEST represents the principle of open design?
A. Disassembly, analysis, or reverse engineering will reveal the security functionality of the computer system.
B. Algorithms must be protected to ensure the security and interoperability of the designed system.
C. A knowledgeable user should have limited privileges on the system to prevent their ability to compromise security capabilities.
D. The security of a mechanism should not depend on the secrecy of its design or implementation.
Answer: D
Q14. What is the MOST effective method for gaining unauthorized access to a file protected with a long complex password?
A. Brute force attack
B. Frequency analysis
C. Social engineering
D. Dictionary attack
Answer: C
Q15. Contingency plan exercises are intended to do which of the following?
A. Train personnel in roles and responsibilities
B. Validate service level agreements
C. Train maintenance personnel
D. Validate operation metrics
Answer: A
Improve CISSP dumps:
Q16. The PRIMARY characteristic of a Distributed Denial of Service (DDoS) attack is that it
A. exploits weak authentication to penetrate networks.
B. can be detected with signature analysis.
C. looks like normal network activity.
D. is commonly confused with viruses or worms.
Answer: C
Q17. The BEST example of the concept of "something that a user has" when providing an authorized user access to a computing system is
A. the user's hand geometry.
B. a credential stored in a token.
C. a passphrase.
D. the user's face.
Answer: B
Q18. Which of the following methods provides the MOST protection for user credentials?
A. Forms-based authentication
B. Digest authentication
C. Basic authentication
D. Self-registration
Answer: B
Q19. Which of the following are required components for implementing software configuration management systems?
A. Audit control and signoff
B. User training and acceptance
C. Rollback and recovery processes
D. Regression testing and evaluation
Answer: C
Q20. If an identification process using a biometric system detects a 100% match between a presented template and a stored template, what is the interpretation of this result?
A. User error
B. Suspected tampering
C. Accurate identification
D. Unsuccessful identification
Answer: B