Cause all that matters here is passing the ISC2 cissp bootcamp exam. Cause all that you need is a high score of cissp modules Certified Information Systems Security Professional (CISSP) exam. The only one thing you need to do is downloading Exambible cissp passing score exam study guides now. We will not let you down with our money-back guarantee.
Q171. A thorough review of an organization's audit logs finds that a disgruntled network administrator has intercepted emails meant for the.Chief.Executive Officer.(CEO).and changed them before forwarding them to their intended recipient. What type of attack has MOST likely occurred?
A. Spoofing
B. Eavesdropping
C. Man-in-the-middle
D. Denial of service
Answer: C
Q172. Why must all users be positively identified.prior.to using multi-user computers?
A. To provide access to system privileges
B. To provide access to the operating system
C. To ensure that unauthorized persons cannot access the computers
D. To ensure that management knows what users are currently logged on
Answer: C
Q173. Checking routing information on e-mail to determine it is in a valid format and contains valid information is an example of which of the following anti-spam approaches?
A. Simple Mail Transfer Protocol (SMTP) blacklist
B. Reverse Domain Name System (DNS) lookup
C. Hashing algorithm
D. Header analysis
Answer: D
Q174. An Intrusion Detection System (IDS) is generating alarms that a user account has over 100 failed login attempts per minute. A sniffer is placed on the network, and a variety of passwords for that user are noted. Which of the following is MOST likely occurring?
A. A dictionary attack
B. A Denial of Service (DoS) attack
C. A spoofing attack
D. A backdoor installation
Answer: A
Q175. The key benefits of a signed and encrypted e-mail include
A. confidentiality, authentication, and authorization.
B. confidentiality, non-repudiation, and authentication.
C. non-repudiation, authorization, and authentication.
D. non-repudiation, confidentiality, and authorization.
Answer: B
Q176. Are companies legally required to report all data breaches?
A. No, different jurisdictions have different rules.
B. No, not if the data is encrypted.
C. No, companies' codes of ethics don't require it.
D. No, only if the breach had a material impact.
Answer: A
Q177. What is the GREATEST.challenge of.an agent-based patch management solution?
A. Time to gather vulnerability information about the computers in the program
B. Requires that software be installed, running, and managed on all participating computers
C. The significant amount of network bandwidth while scanning computers
D. The consistency of distributing patches to each participating computer
Answer: B
Q178. Which of the following has the GREATEST impact on an organization's security posture?
A. International and country-specific compliance requirements
B. Security.violations by employees and contractors
C. Resource constraints due to increasing costs of supporting security
D. Audit findings related to employee access and permissions process
Answer: A
Q179. Which item below is a federated identity standard?
A. 802.11i
B. Kerberos
C. Lightweight Directory Access Protocol (LDAP)
D. Security Assertion Markup Language (SAML)
Answer: D
Q180. The 802.1x standard provides a framework for what?
A. Network authentication for only wireless networks
B. Network authentication for wired and wireless networks
C. Wireless encryption using the Advanced Encryption Standard (AES)
D. Wireless network encryption using Secure Sockets Layer (SSL)
Answer: B