Exam Code: CISSP (Practice Exam Latest Test Questions VCE PDF)
Exam Name: Certified Information Systems Security Professional (CISSP)
Certification Provider: ISC2
Free Today! Guaranteed Training- Pass CISSP Exam.

2021 Jan CISSP exam answers

Q101. Which of the following PRIMARILY contributes to security incidents in web-based applications? 

A. Systems administration and operating systems 

B. System incompatibility and patch management 

C. Third-party applications and change controls 

D. Improper stress testing and application interfaces 

Answer:


Q102. Which of the following is the MOST crucial for a successful audit plan? 

A. Defining the scope of the audit to be performed 

B. Identifying the security controls to be implemented 

C. Working with the system owner on new controls 

D. Acquiring evidence of systems that are not compliant 

Answer:


Q103. When implementing a secure wireless network, which of the following supports authentication and authorization for individual client endpoints? 

A. Temporal Key Integrity Protocol (TKIP) 

B. Wi-Fi Protected Access (WPA) Pre-Shared Key (PSK) 

C. Wi-Fi Protected Access 2 (WPA2) Enterprise 

D. Counter Mode with Cipher Block Chaining Message Authentication Code Protocol (CCMP) 

Answer:


Q104. From a security perspective, which of the following is a best practice to configure a Domain Name Service (DNS) system? 

A. Configure secondary servers to use the primary server as a zone forwarder. 

B. Block all Transmission Control Protocol (TCP) connections. 

C. Disable all recursive queries on the name servers. 

D. Limit zone transfers to authorized devices. 

Answer:


Q105. Which of the following provides effective management assurance for a Wireless Local Area Network (WLAN)? 

A. Maintaining an inventory of authorized Access Points (AP) and connecting devices B. Setting the radio frequency to the minimum range required 

C. Establishing a Virtual Private Network (VPN) tunnel between the WLAN client device and a VPN concentrator 

D. Verifying that all default passwords have been changed 

Answer:


Up to the immediate present CISSP test:

Q106. DRAG DROP 

In which order, from MOST to LEAST impacted, does user awareness training reduce the occurrence of the events below?.

Answer: 


Q107. The BEST example of the concept of "something that a user has" when providing an authorized user access to a computing system is 

A. the user's hand geometry. 

B. a credential stored in a token. 

C. a passphrase. 

D. the user's face. 

Answer:


Q108. Which of the following is the MOST effective method of mitigating data theft from an active user workstation? 

A. Implement full-disk encryption 

B. Enable multifactor authentication 

C. Deploy file integrity checkers 

D. Disable use of portable devices 

Answer:


Q109. Which of the following is the PRIMARY concern when using an Internet browser to access a cloud-based service? 

A. Insecure implementation of Application Programming Interfaces (API) 

B. Improper use and storage of management keys 

C. Misconfiguration of infrastructure allowing for unauthorized access 

D. Vulnerabilities within protocols that can expose confidential data 

Answer:


Q110. Which of the following is the FIRST action that a system administrator should take when it is revealed during a penetration test that everyone in an organization has unauthorized access to a server holding sensitive data? 

A. Immediately document the.finding and.report to senior management. 

B. Use system privileges to alter the permissions to secure the server 

C. Continue the testing to its completion and then inform IT management 

D. Terminate the penetration test and pass the finding to the server management team 

Answer: