• Home
  • Articles
  • CISSP Practice Exam Tests Latest Updated on Jun-2024 [Q313-Q335]

CISSP Practice Exam Tests Latest Updated on Jun-2024 [Q313-Q335]

Share

CISSP Practice Exam Tests Latest Updated on Jun-2024

Pass CISSP Exam in First Attempt Guaranteed Dumps!

NEW QUESTION # 313
Which of the following rules pertaining to a Business Continuity Plan/Disaster Recovery Plan is incorrect?

  • A. In order to facilitate recovery, a single plan should cover all locations.
  • B. Critical vendors should be contacted ahead of time to validate equipment can be obtained in a timely manner.
  • C. There should be requirements to form a committee to decide a course of action. These decisions should be made ahead of time and incorporated into the plan.
  • D. In its procedures and tasks, the plan should refer to functions, not specific individuals.

Answer: A

Explanation:
Explanation/Reference:
Explanation:
A single plan is Always the best idea. Depending on the size of your organization and the number of people involved in the DRP effort, it may be a good idea to maintain multiple types of Recovery Plans documents.
Incorrect Answers:
B: A Business Continuity Plan committee needs to be put together. This committee decides course of actions that are implemented in the Business Continuity Plan.
C: Business continuity planning is focused on keeping business functions uninterrupted when a disaster strikes.
D: The Business Continuity Plan risk assessment should include continuity risks due to outsourced vendors and suppliers. Critical vendors should be contacted to ensure that necessary equipment can be obtained.
References:
Stewart, James M., Ed Tittel, and Mike Chapple, CISSP: Certified Information Systems Security Professional Study Guide, 5th Edition, Sybex, Indianapolis, 2011, p. 661


NEW QUESTION # 314
What is called an attack where the attacker spoofs the source IP address in an ICMP
ECHO broadcast packet so it seems to have originated at the victim's system, in order to flood it with REPLY packets?

  • A. Smurf attack
  • B. Ping of Death attack
  • C. Denial of Service (DOS) attack
  • D. SYN Flood attack

Answer: A

Explanation:
Although it may cause a denial of service to the victim's system, this type of attack is a Smurf attack. A SYN Flood attack uses up all of a system's resources by setting up a number of bogus communication sockets on the victim's system. A Ping of Death attack is done by sending IP packets that exceed the maximum legal length (65535 octets).
Source: HARRIS, Shon, All-In-One CISSP Certification Exam Guide, McGraw-
Hill/Osborne, 2002, chapter 11: Application and System Development (page 789).


NEW QUESTION # 315
The BEST method of demonstrating a company's security level to potential customers is

  • A. a site visit by a customer's security team.
  • B. a formal report from an internal auditor.
  • C. responding to a customer's security questionnaire.
  • D. a report from an external auditor.

Answer: D

Explanation:
The best method of demonstrating a company's security level to potential customers is a report from an external auditor, who is an independent and qualified third party that evaluates the company's security policies, procedures, controls, and practices against a set of standards or criteria, such as ISO 27001, NIST, or COBIT. A report from an external auditor provides an objective and credible assessment of the company's security posture, and may also include recommendations for improvement or certification . References: :
CISSP All-in-One Exam Guide, Eighth Edition, Chapter 1, page 47. : CISSP For Dummies, 7th Edition, Chapter 1, page 29.


NEW QUESTION # 316
Which is the BEST control to meet the Statement on Standards for Attestation Engagements 18 (SSAE-18) confidentiality category?

  • A. Data retention policy
  • B. Storage encryption
  • C. File hashing
  • D. Data processing

Answer: B

Explanation:
The best control to meet the Statement on Standards for Attestation Engagements 18 (SSAE-18) confidentiality category is storage encryption. SSAE-18 is a standard that defines the requirements and guidance for performing attestation engagements on service organizations, such as cloud providers, data centers, or payroll processors. SSAE-18 requires the service organizations to provide a report on the design and effectiveness of their controls over the security, availability, processing integrity, confidentiality, or privacy of the services they provide to their customers. The confidentiality category refers to the protection of the information that is designated as confidential by the service organization or its customers, and that is transmitted, stored, or processed by the service organization. Storage encryption is a control that encrypts the data at rest, such as in hard drives, databases, or backups, and that prevents unauthorized or malicious access, modification, or disclosure of the confidential information. Data processing, file hashing, or data retention policy are not the best controls to meet the SSAE-18 confidentiality category, as they are not directly related to the protection of the confidential information at rest. Data processing is a control that transforms or manipulates the data for a specific purpose, such as analysis, reporting, or validation. File hashing is a control that generates a unique and fixed-length value for a file, and that verifies the integrity or authenticity of the file. Data retention policy is a control that defines the rules and procedures for retaining, storing, or disposing of the data, and that complies with the legal, regulatory, or contractual obligations. References: Official (ISC)2 Guide to the CISSP CBK, Fifth Edition, Chapter 1: Security and Risk Management, page 71.


NEW QUESTION # 317
The basic language of modems and dial-up remote access systems is:

  • A. Asynchronous Interaction.
  • B. Synchronous Communication.
  • C. Asynchronous Communication.
  • D. Synchronous Interaction.

Answer: C

Explanation:
Asynchronous Communication is the basic language of modems and dial-up remote access systems. Source: KRUTZ, Ronald L. & VINES, Russel D., The CISSP Prep Guide: Mastering the Ten Domains of Computer Security, 2001, John Wiley & Sons, Page 100.


NEW QUESTION # 318
Which of the following should NOT be performed by an operator?

  • A. Monitoring execution of the system
  • B. Implementing the initial program load
  • C. Data entry
  • D. Controlling job flow

Answer: C

Explanation:
Explanation/Reference:
Explanation:
Under the principle of separation of duties, an operator should not be performing data entry. This should be left to data entry personnel.
System operators represent a class of users typically found in data center environments where mainframe systems are used. They provide day-to-day operations of the mainframe environment, ensuring that scheduled jobs are running effectively and troubleshooting problems that may arise. They also act as the arms and legs of the mainframe environment, load and unloading tape and results of job print runs.
Operators have elevated privileges, but less than those of system administrators. If misused, these privileges may be used to circumvent the system's security policy. As such, use of these privileges should be monitored through audit logs.
Incorrect Answers:
A: Implementing the initial program load is a function that should be performed by an operator.
B: Monitoring execution of the system is a function that should be performed by an operator.
D: Controlling job flow is a function that should be performed by an operator.


NEW QUESTION # 319
Which of the following statements pertaining to secure information processing facilities is NOT true?

  • A. Location and type of fire suppression systems should be known.
  • B. Windows should be protected with bars.
  • C. Walls should have an acceptable fire rating.
  • D. Doors must resist forcible entry.

Answer: B

Explanation:
Explanation/Reference:
Explanation:
The following statements pertaining to secure information processing facilities are correct:
Walls should have an acceptable fire rating.

Doors must resist forcible entry.

Location and type of fire suppression systems should be known.

Flooring in server rooms and wiring closets should be raised to help mitigate flooding damage.

Separate AC units must be dedicated to the information processing facilities.

Backup and alternate power sources should exist.

The statement "windows should be protected with bars" is tricky. You could argue that they windows should be protected with bars. However, in a 'secure' information processing facility, there should be no windows.
Incorrect Answers:
A: It is true that walls should have an acceptable fire rating. Therefore, this answer is incorrect.
C: It is true that doors must resist forcible entry. Therefore, this answer is incorrect.
D: It is true that the location and type of fire suppression systems should be known. Therefore, this answer is incorrect.


NEW QUESTION # 320
Raid that functions as part of the operating system on the file server

  • A. Netware implementation
  • B. Hardware implementation
  • C. Software implementation
  • D. Network implementation

Answer: C

Explanation:
This kind of RAID is totally depended on the operating system, this is because the server does not have any special hardware - RAID controller in the board. This kind of RAID implementation usually degrades performance because it takes many CPU cycles. A very common example of software RAID is the support for it on Windows 2000 Server, where you can create RAID 0,1 and 5 through heterogeneous disks, you can even make a RAID between one SCSI and one EIDE disk. The software implementation is hardware independent always that the disks are recognized by the Operating System.


NEW QUESTION # 321
Which of the following BEST explains why computerized information systems frequently fail to meet the needs of users?

  • A. Inadequate quality assurance (QA) tools.
  • B. Inadequate user participation in defining the system's requirements.
  • C. Constantly changing user needs.
  • D. Inadequate project management.

Answer: B

Explanation:
Explanation/Reference:
Explanation:
The most important stages of developing computerized information systems (or any other system or software) are the early requirement gathering and design phases. If the needs of the users are not correctly determined, the system will not meet those needs. As end users will be the people using the system, they are will have the most valuable input into the system requirements definition. Inadequate user participation in defining the system's requirements can lead to a system design that does not meet the requirements of the users.
Incorrect Answers:
A: This question is asking for the BEST answer. Inadequate quality assurance (QA) tools may result in poor QA tests so floors in the system aren't recognized. However, defining the system's requirements is the most important stage of the project. If this is not done correctly, then QA testing will have no effect on the suitability of the new system.
B: Constantly changing user needs can be a hazard in a development project. However, this only has an effect if the users are involved in the design of the system.
D: Inadequate project management generally leads to late or over-budget projects. Incorrectly determining the system requirements could be due to inadequate project management. However, Answer C is more specific to the cause of the problem.


NEW QUESTION # 322
Which of the following is the most secure form of triple-DES encryption?

  • A. DES-EDE2
  • B. DES-EDE3
  • C. DES-EEE4
  • D. DES-EDE1

Answer: B

Explanation:
Triple DES with three distinct keys is the most secure form of triple-DES encryption. It can either be DES-EEE3 (encrypt-encrypt-encrypt) or DES-EDE3 (encrypt- decrypt-encrypt). DES-EDE1 is not defined and would mean using a single key to encrypt, decrypt and encrypt again, equivalent to single DES. DES-EEE4 is not defined and DES-
EDE2 uses only 2 keys (encrypt with first key, decrypt with second key, encrypt with first key again).
Source: DUPUIS, Cl?ment, CISSP Open Study Guide on domain 5, cryptography, April
1999.


NEW QUESTION # 323
Many approaches to Knowledge Discovery in Databases (KDD) are used to identify valid and useful patterns in data. This is an evolving field of study that includes a variety of automated analysis solutions such as Data Mining. Which of the following is not an approach used by KDD?

  • A. Oriented
  • B. Classification
  • C. Deviation
  • D. Probabilistic

Answer: A

Explanation:
The Oriented approach does not correctly describe a KDD approach.
The main approaches of KDD according to CBK are:
* Probabilistic approach: uses graphical representation models to compare different knowledge representations. The models are based on probabilities and data independencies. The probabilistic models are useful for applications involving uncertainty, such as those used in planning and control systems.
* Statistical approach: uses rule discovery and is based on data relationships. Learning algorithm can automatically select useful data relationship paths and attributes. These paths and attributes are then used to construct rules for discovering meaningful information. This approach is used to generalize patterns in the data and to construct rules from the noted patterns. An example of the statistical approach is OLAP.
* Classification approach: groups data according to similarities. One example is a pattern discovery and data-cleaning model that reduces a large database to only a few specific records. By eliminating redundant and non-important data, the discovery of patterns in the data is simplified.
* Deviation and trend analysis: uses filtering techniques to detect patterns. An example is an intrusion detection system that filters a large volume of data so that only the pertinent data is analyzed.
* Neural networks: methods used to develop classification, regression, association, and segmentation models. A neural net method organizes data into nodes that are arranged in layers, and links between the nodes have specific weighting classifications. The neural net is helpful in detecting the associations among the input patterns or relationships. It is also considered a learning system because new information is utomatically incorporated into the system. However, the value and relevance of the decisions made by the neural network are only as good as the experience it is given. The greater the experience, the better the decision. Note that neural nets have a specific problem in terms of an individual's ability to substantiate processing in that they are subject to superstitious knowledge, which is a tendency to identify relations when no relations actually exist. More sophisticated neural nets are less subject to this problem.
* Expert system approach: uses a knowledge base (a collection of all the data, or knowledge, on a particular matter) and a set of algorithms and/or rules that infer new facts from knowledge and incoming data. The knowledge base could be the human experience that is available in an organization. Because the system reacts to a set of rules, if the rules are faulty, the response will also be faulty. Also, because human decision is removed from the point of action, if an error were to occur, the reaction time from a human would be longer.
* Hybrid approach: a combination of more than one approach that provides a more powerful and useful system.
The following answers are incorrect:
The other options describes some of the KDD possible approaches but were not the right choice.
The following reference(s) were/was used to create this question:
OFFICIAL (ISC)2 GUIDE TO THE CISSP EXAM - First Edition, page 309.
and
https://en.wikipedia.org/wiki/Data_mining


NEW QUESTION # 324
What should be the FIRST action to protect the chain of evidence when a desktop computer is involved?

  • A. Make a copy of the hard drive
  • B. Take the computer to a forensic lab
  • C. Turn off the computer
  • D. Start documenting

Answer: D


NEW QUESTION # 325
Which of the following steps should be performed first in a business impact analysis (BIA)?

  • A. Evaluate the criticality of business functions
  • B. Estimate the Recovery Time Objectives (RTO)
  • C. Identify all business units within the organization
  • D. Evaluate the impact of the disruptive events

Answer: C


NEW QUESTION # 326
What Cloud Deployment model consist of a cloud infrastructure provisioned for exclusive use by a single organization comprising multiple consumers (e.g., business units)? Such deployment model may be owned, managed, and operated by the organization, a third party, or some combination of them, and it may exist on or off premises.

  • A. Private Cloud
  • B. Hybrid Cloud
  • C. Public Cloud
  • D. Community Cloud

Answer: A

Explanation:
A Private cloud. The cloud infrastructure is provisioned for exclusive use by a single
organization comprising multiple consumers (e.g., business units). It may be owned, managed,
and operated by the organization, a third party, or some combination of them, and it may exist on
or off premises.
Other Cloud Deployment Models are:
Community cloud.
The cloud infrastructure is provisioned for exclusive use by a specific community of consumers
from organizations that have shared concerns (e.g., mission, security requirements, policy, and
compliance considerations). It may be owned, managed, and operated by one or more of the
organizations in the community, a third party, or some combination of them, and it may exist on or
off premises.
Public cloud.
The cloud infrastructure is provisioned for open use by the general public. It may be owned,
managed, and operated by a business, academic, or government organization, or some
combination of them. It exists on the premises of the cloud provider.
Hybrid cloud.
The cloud infrastructure is a composition of two or more distinct cloud infrastructures (private,
community, or public) that remain unique entities, but are bound together by standardized or proprietary technology that enables data and application portability (e.g., cloud bursting for load balancing between clouds).
The following reference(s) were/was used to create this question: NIST Special Publication 800-145 The NIST definition of Cloud Computing and also see NIST Special Publication 800-146 The Cloud Computing Synopsis and Recommendations


NEW QUESTION # 327
The birthday attack is MOST effective against which one of the following cipher technologies?

  • A. Asymmetric cryptography
  • B. Chaining block encryption
  • C. Streaming cryptography
  • D. Cryptographic hash

Answer: D

Explanation:
The birthday attack is most effective against cryptographic hash, which is one of the cipher technologies. A cryptographic hash is a function that takes an input of any size and produces an output of a fixed size, called a hash or a digest, that represents the input. A cryptographic hash has several properties, such as being one-way, collision-resistant, and deterministic3. A birthday attack is a type of brute-force attack that exploits the mathematical phenomenon known as the birthday paradox, which states that in a set of randomly chosen elements, there is a high probability that some pair of elements will have the same value. A birthday attack can be used to find collisions in a cryptographic hash, which means finding two different inputs that produce the same hash. Finding collisions can compromise the integrity or the security of the hash, as it can allow an attacker to forge or modify the input without changing the hash. Chaining block encryption, asymmetric cryptography, and streaming cryptography are not as vulnerable to the birthday attack, as they are different types of encryption algorithms that use keys and ciphers to transform the input into an output. References: 3:
Official (ISC)2 CISSP CBK Reference, 5th Edition, Chapter 3, page 133. : CISSP All-in-One Exam Guide, Eighth Edition, Chapter 3, page 143.


NEW QUESTION # 328
Which of the following exemplifies proper separation of duties?

  • A. Programmers are permitted to use the system console.
  • B. Tape operators are permitted to use the system console.
  • C. Operators are not permitted modify the system time.
  • D. Console operators are permitted to mount tapes and disks.

Answer: C

Explanation:
Explanation/Reference:
Explanation:
Changing the system time would cause logged events to have the wrong time. An operator could commit fraud and cover his tracks by changing the system time to make it appear as the events happened at a different time. Ensuring that operators are not permitted modify the system time (another person would be required to modify the system time) is an example of separation of duties.
The objective of separation of duties is to ensure that one person acting alone cannot compromise the company's security in any way. High-risk activities should be broken up into different parts and distributed to different individuals or departments. That way, the company does not need to put a dangerously high level of trust in certain individuals. For fraud to take place, collusion would need to be committed, meaning more than one person would have to be involved in the fraudulent activity Job rotation in the workplace is a system where employees work at several jobs in a business, performing each job for a relatively short period of time.
Incorrect Answers:
B: Programmers being permitted to use the system console is not an example of separation of duties.
Separation of duties requires that another person is required to do something thus reducing the chance of fraud.
C: Console operators being permitted to mount tapes and disks is not an example of separation of duties.
Separation of duties requires that another person is required to do something thus reducing the chance of fraud.
D: Tape operators being permitted to use the system console is not an example of separation of duties.
Separation of duties requires that another person is required to do something thus reducing the chance of fraud.
References:
Harris, Shon, All In One CISSP Exam Guide, 6th Edition, McGraw-Hill, 2013, pp. 1235-1236


NEW QUESTION # 329
Critical areas should be lighted:

  • A. Eight feet high and two feet out.
  • B. Ten feet high and four feet out.
  • C. Ten feet high and six feet out.
  • D. Eight feet high and four feet out.

Answer: A

Explanation:
Lighting should be used to discourage intruders and provide safety for personnel, entrances, parking areas and critical sections. Critical areas should be illuminated 8 feet high and 2 feet out.
Source: WALLHOFF, John, CBK#10 Physical Security (CISSP Study Guide), April 2002
(page 4).


NEW QUESTION # 330
Under MAC, a clearance is a:

  • A. Object
  • B. Sensitivity
  • C. Subject
  • D. Privilege

Answer: D

Explanation:
It is important to note that mandatory controls are prohibitive (i.e., all that is not expressly permitted is forbidden), not permissive. Only within that context do discretionary controls operate, prohibiting still more access with the same exclusionary principle. In this type of control system decisions are based on privilege (clearance) of subject (user) and sensitivity (classification) of object (file). It requires labeling.


NEW QUESTION # 331
What attribute is included in a X.509-certificate?

  • A. secret key of the issuing CA
  • B. the key pair of the certificate holder
  • C. Telephone number of the department
  • D. Distinguished name of the subject

Answer: D

Explanation:
RFC 2459 : Internet X.509 Public Key Infrastructure Certificate and CRL
Profile; GUTMANN, P., X.509 style guide; SMITH, Richard E., Internet Cryptography, 1997,
Addison-Wesley Pub Co.


NEW QUESTION # 332
IDSs verify, itemize, and characterize threats from:

  • A. Outside your organization's network.
  • B. Inside your organization's network.
  • C. Outside and inside your organization's network.
  • D. The Internet.

Answer: C

Explanation:
IDSs verify, itemize, and characterize the threat from both outside and inside your organization's network, assisting you in making sound decisions regarding your allocation of computer security resources. Using IDSs in this manner is important, as many people mistakenly deny that anyone (outsider or insider) would be interested in breaking into their networks. Furthermore, the information that IDSs give you regarding the source and nature of attacks allows you to make decisions regarding security strategy driven by demonstrated need, not guesswork or folklore.


NEW QUESTION # 333
Which of the following factors is a PRIMARY reason to drive changes in an Information Security Continuous Monitoring (ISCM) strategy?

  • A. Changes to core missions or business processes
  • B. Changes in Service Organization Control (SOC) 2 reporting requirements
  • C. Testing and Evaluation (TE) personnel changes
  • D. Increased Cross-Site Request Forgery (CSRF) attacks

Answer: A


NEW QUESTION # 334
Which of the following regulations dictates how data breaches are handled?

  • A. National Institute of Standards and Technology (NIST)
  • B. General Data Protection Regulation (GDPR)
  • C. Sarbanes-Oxley (SOX)
  • D. Payment Card Industry Data Security Standard (PCI-DSS)

Answer: B

Explanation:
The GDPR is a regulation in EU law on data protection and privacy for all individuals within the European Union (EU) and the European Economic Area (EEA). It also addresses the export of personal data outside the EU and EEA. One of the main purposes of the GDPR is to establish rules for how organizations must handle personal data in the event of a data breach.


NEW QUESTION # 335
......

ISC Certification Free Certification Exam Material from Lead2Passed with 1483 Questions: https://www.lead2passed.com/ISC/CISSP-practice-exam-dumps.html

CISSP Dumps Full Questions - Exam Study Guide: https://drive.google.com/open?id=1nvRZsFFHTe_ohgq3iq95c27UfAmpxx0O

Related Articles

more
ISC CISSP Certification Practice Exam