Tested of cissp verification free practice questions materials and bootcamp for ISC2 certification for examinee, Real Success Guaranteed with Updated cissp certification pdf dumps vce Materials. 100% PASS Certified Information Systems Security Professional (CISSP) exam Today!
Q201. When implementing a secure wireless network, which of the following supports authentication and authorization for individual client endpoints?
A. Temporal Key Integrity Protocol (TKIP)
B. Wi-Fi Protected Access (WPA) Pre-Shared Key (PSK)
C. Wi-Fi Protected Access 2 (WPA2) Enterprise
D. Counter Mode with Cipher Block Chaining Message Authentication Code Protocol (CCMP)
Answer: C
Q202. Which of the following statements is TRUE for point-to-point microwave transmissions?
A. They are not subject to interception due to encryption.
B. Interception only depends on signal strength.
C. They are too highly multiplexed for meaningful interception.
D. They are subject to interception by an antenna within proximity.
Answer: D
Q203. As one component of a physical security system, an Electronic Access Control (EAC) token is BEST known for its ability to
A. overcome the problems of key assignments.
B. monitor the opening of windows and doors.
C. trigger alarms when intruders are detected.
D. lock down a facility during an emergency.
Answer: A
Q204. Which of the following is a recommended alternative to an integrated email encryption system?
A. Sign emails containing sensitive data
B. Send sensitive data in separate emails
C. Encrypt sensitive data separately in attachments
D. Store sensitive information to be sent in encrypted drives
Answer: C
Q205. Which of the following is the MOST important output from a mobile application threat modeling exercise according to Open Web Application Security Project (OWASP)?
A. Application interface entry and endpoints
B. The likelihood and impact of a vulnerability
C. Countermeasures and mitigations for vulnerabilities
D. A data flow diagram for the application and attack surface analysis
Answer: D
Q206. Which of the following Disaster Recovery (DR) sites is the MOST difficult to test?
A. Hot site
B. Cold site
C. Warm site
D. Mobile site
Answer: B
Q207. Which of the following can BEST prevent security flaws occurring in outsourced software development?
A. Contractual requirements for code quality
B. Licensing, code ownership and intellectual property rights
C. Certification.of the quality and accuracy of the work done
D. Delivery dates, change management control and budgetary control
Answer: C
Q208. Which of the following roles has the obligation to ensure that a third party provider is capable of processing and handling data in a secure manner and meeting the standards set by the organization?
A. Data Custodian
B. Data Owner
C. Data Creator
D. Data User
Answer: B