Proper study guides for Latest ISC2 Certified Information Systems Security Professional (CISSP) certified begins with ISC2 CISSP preparation products which designed to deliver the Breathing CISSP questions by making you pass the CISSP test at your first time. Try the free CISSP demo right now.
2021 Aug CISSP practice test
Q171. In a basic SYN flood attack, what is the attacker attempting to achieve?
A. Exceed the threshold limit of the connection queue for a given service
B. Set the threshold to zero for a given service
C. Cause the buffer to overflow, allowing root access
D. Flush the register stack, allowing hijacking of the root account
Answer: A
Q172. Data leakage of sensitive information is MOST often.concealed.by which of the following?
A. Secure Sockets Layer (SSL).
B. Secure Hash Algorithm (SHA)
C. Wired Equivalent Privacy (WEP)
D. Secure Post Office Protocol (POP)
Answer: A
Q173. What is the MOST effective method for gaining unauthorized access to a file protected with a long complex password?
A. Brute force attack
B. Frequency analysis
C. Social engineering
D. Dictionary attack
Answer: C
Q174. The PRIMARY security concern for handheld devices is the
A. strength of the encryption algorithm.
B. spread of malware during synchronization.
C. ability to bypass the authentication mechanism.
D. strength of the Personal Identification Number (PIN).
Answer: C
Q175. Which of the following is a MAJOR consideration in implementing a Voice over IP (VoIP) network?
A. Use of a unified messaging.
B. Use of separation for the voice network.
C. Use of Network Access Control (NAC) on switches.
D. Use of Request for Comments (RFC) 1918 addressing.
Answer: B
Update CISSP free practice questions:
Q176. Which of the following is the PRIMARY issue when collecting detailed log information?
A. Logs may be unavailable when required B. Timely review of the data is potentially difficult
C. Most systems and applications do not support logging
D. Logs do not provide sufficient details of system and individual activities
Answer: B
Q177. Which of the following secures web transactions at the Transport Layer?
A. Secure HyperText Transfer Protocol (S-HTTP)
B. Secure Sockets Layer (SSL)
C. Socket Security (SOCKS)
D. Secure Shell (SSH)
Answer: B
Q178. Which of the following are Systems Engineering Life Cycle (SELC) Technical Processes?
A. Concept, Development, Production, Utilization, Support, Retirement
B. Stakeholder Requirements Definition, Architectural Design, Implementation, Verification, Operation
C. Acquisition, Measurement, Configuration Management, Production, Operation, Support
D. Concept, Requirements, Design, Implementation, Production, Maintenance, Support, Disposal
Answer: B
Q179. A security consultant has been asked to research an organization's legal obligations to protect privacy-related information. What kind of reading material is MOST relevant to this project?
A. The organization's current security policies concerning privacy issues
B. Privacy-related regulations enforced by governing bodies applicable to the organization
C. Privacy best practices published by recognized security standards organizations
D. Organizational procedures designed to protect privacy information
Answer: B
Q180. A system is developed so that its business users can perform business functions but not user administration functions. Application administrators can perform administration functions but not user business functions. These capabilities are BEST described as
A. least privilege.
B. rule based access controls.
C. Mandatory Access Control (MAC).
D. separation of duties.
Answer: D