Want to know Testking CISSP Exam practice test features? Want to lear more about ISC2 Certified Information Systems Security Professional (CISSP) certification experience? Study Refined ISC2 CISSP answers to Far out CISSP questions at Testking. Gat a success with an absolute guarantee to pass ISC2 CISSP (Certified Information Systems Security Professional (CISSP)) test on your first attempt.
2021 Mar CISSP sample question
Q111. Refer.to the information below to answer the question.
Desktop computers in an organization were sanitized.for re-use.in an equivalent security environment. The data was destroyed in accordance with organizational policy and all marking and other external indications of the sensitivity of the data that was formerly stored on the magnetic drives were removed.
Organizational policy requires the deletion of user data from Personal Digital Assistant (PDA) devices before disposal. It may not be possible to delete the user data if the device is malfunctioning. Which destruction method below provides the BEST assurance that the data has been removed?
A. Knurling
B. Grinding
C. Shredding.
D. Degaussing
Answer: C
Q112. As one component of a physical security system, an Electronic Access Control (EAC) token is BEST known for its ability to
A. overcome the problems of key assignments.
B. monitor the opening of windows and doors.
C. trigger alarms when intruders are detected.
D. lock down a facility during an emergency.
Answer: A
Q113. Which of the following is a strategy of grouping requirements in developing a Security Test and Evaluation (ST&E)?
A. Standards, policies, and procedures
B. Tactical, strategic, and financial
C. Management, operational, and technical
D. Documentation, observation, and manual
Answer: C
Q114. When implementing a secure wireless network, which of the following supports authentication and authorization for individual client endpoints?
A. Temporal Key Integrity Protocol (TKIP)
B. Wi-Fi Protected Access (WPA) Pre-Shared Key (PSK)
C. Wi-Fi Protected Access 2 (WPA2) Enterprise
D. Counter Mode with Cipher Block Chaining Message Authentication Code Protocol (CCMP)
Answer: C
Q115. Which of the following MUST system and database administrators be aware of and apply when configuring systems used for storing personal employee data?
A. Secondary use of the data by business users
B. The organization's security policies and standards
C. The business purpose for which the data is to be used
D. The overall protection of corporate resources and data
Answer: B
Renovate CISSP practice exam:
Q116. By allowing storage communications to run on top of Transmission Control
Protocol/Internet Protocol (TCP/IP) with a Storage Area Network (SAN), the
A. confidentiality of the traffic is protected.
B. opportunity to sniff network traffic exists.
C. opportunity for device identity spoofing is eliminated.
D. storage devices are protected against availability attacks.
Answer: B
Q117. Which of the following is a method used to prevent Structured Query Language (SQL)
injection attacks?
A. Data compression
B. Data classification
C. Data warehousing
D. Data validation
Answer: D
Q118. The key benefits of a signed and encrypted e-mail include
A. confidentiality, authentication, and authorization.
B. confidentiality, non-repudiation, and authentication.
C. non-repudiation, authorization, and authentication.
D. non-repudiation, confidentiality, and authorization.
Answer: B
Q119. Refer.to the information below to answer the question.
During the investigation of a security incident, it is determined that an unauthorized individual accessed a system which hosts a database containing financial information.
Aside from the potential records which may have been viewed, which of the following should be the PRIMARY concern regarding the database information?
A. Unauthorized database changes
B. Integrity of security logs
C. Availability of the database
D. Confidentiality of the incident
Answer: A
Q120. Which of the following is the MOST important output from a mobile application threat modeling exercise according to Open Web Application Security Project (OWASP)?
A. Application interface entry and endpoints
B. The likelihood and impact of a vulnerability
C. Countermeasures and mitigations for vulnerabilities
D. A data flow diagram for the application and attack surface analysis
Answer: D