CISSP Practice Dumps - Verified By TorrentVCE Updated 1795 Questions [Q642-Q665]

Share

CISSP Practice Dumps - Verified By TorrentVCE Updated 1795 Questions

Updated CISSP Exam Dumps - PDF Questions and Testing Engine


The CISSP certification exam covers a wide range of topics related to information security. CISSP exam is designed to test the candidate's knowledge and understanding of information security concepts, techniques, and best practices. Some of the topics covered in the exam include security and risk management, asset security, security engineering, communication and network security, and software development security. CISSP exam also covers topics related to security operations and business continuity.

 

NEW QUESTION # 642
What scheme includes the requirement that the system maintain the separation of duty requirement expressed in the access control triples?

  • A. Bella
  • B. Clark-Wilson
  • C. Bell-LaPadula
  • D. Lattice

Answer: B

Explanation:
Separation of duty is necessarily determined by conditions external to the computer system. The Clark-Wilson scheme includes the requirement that the system maintain the separation of duty requirement expressed in the access control triples. Enforcement is on a per-user basis, using the user ID from the access control triple.


NEW QUESTION # 643
Which of the following is a remote access protocol that uses a static authentication?

  • A. Point-to-Point Tunneling Protocol (PPTP)
  • B. Routing Information Protocol (RIP)
  • C. Password Authentication Protocol (PAP)
  • D. Challenge Handshake Authentication Protocol (CHAP)

Answer: C

Explanation:
Section: Software Development Security
Explanation


NEW QUESTION # 644
Which of the following keys has the SHORTEST lifespan?

  • A. Public key
  • B. Session key
  • C. Secret key
  • D. Private key

Answer: B

Explanation:
Explanation/Reference:
Explanation:
A session key is a single-use symmetric key that is used to encrypt messages between two users during a single communication session.
If Tanya has a symmetric key she uses to always encrypt messages between Lance and herself, then this symmetric key would not be regenerated or changed. They would use the same key every time they communicated using encryption. However, using the same key repeatedly increases the chances of the key being captured and the secure communication being compromised. If, on the other hand, a new symmetric key were generated each time Lance and Tanya wanted to communicate, it would be used only during their one dialogue and then destroyed. If they wanted to communicate an hour later, a new session key would be created and shared.
A session key provides more protection than static symmetric keys because it is valid for only one session between two computers. If an attacker were able to capture the session key, she would have a very small window of time to use it to try to decrypt messages being passed back and forth.
Incorrect Answers:
A: A secret key is static in nature. It has no fixed lifespan and is used until someone decides to change the key. Session keys are used for single communication sessions so they have a much shorter lifespan.
B: A public key is issued by a CA and typically has a lifespan of one or two years. Session keys are used for single communication sessions so they have a much shorter lifespan.
D: A private key is issued by a CA and typically has a lifespan of one or two years. Session keys are used for single communication sessions so they have a much shorter lifespan.
References:
Harris, Shon, All In One CISSP Exam Guide, 6th Edition, McGraw-Hill, 2013, pp. 798-799


NEW QUESTION # 645
Which of the following layers of the ISO/OSI model do packet filtering firewalls operate at?

  • A. Session layer
  • B. Presentation layer
  • C. Network layer
  • D. Application layer

Answer: C

Explanation:
Packet filtering firewalls work at the network level of the OSI model, or the IP layer of TCP/IP. These firewalls are normally part of a router, which is a device that receives and forwards packets to networks. "In a packet filtering firewall each packet is compared to a set of criteria before it is forwarded. Depending on the packet and the criteria, the firewall can drop the packet, forward it, or send a message to the originator." The criteria used to evaluate a packet include source, destination IP address, destination port, and protocol used. These types of firewalls are low in cost and don't have much of an impact on the network's performance.


NEW QUESTION # 646
Which LAN topology below is MOST vulnerable to a single point of
failure?

  • A. FDDI
  • B. Logical Ring
  • C. Physical Star
  • D. Ethernet Bus

Answer: D

Explanation:
Ethernet bus topology was the first commercially viable network
topology, and consists of all workstations connected to a single coaxial cable. Since the cable must be properly terminated on both ends, a break in the cable stops all communications on the bus.
* the physical star topology acts like a logical bus, but provides better fault tolerance, as a cable break only disconnects the workstation or hub directly affected.
* logical ring topology, is used by Token Ring and FDDI and is highly resilient. Token Ring employs a beacon frame, which, in case of a cable break, initiates auto reconfiguration and attempts to reroute the network around the failed mode. Also, the Token Ring active monitor station performs ring maintenance
functions, like removing continuously circulating frames from the
ring. FDDI employs a second ring to provide redundancy. Sources:
Virtual LANs by Mariana Smith (McGraw-Hill, 1998) and Internetworking
Technologies Handbook, Second Edition (Cisco Press, 1998).


NEW QUESTION # 647
A company needs to provide employee access to travel services, which are hosted by a third-party service provider, Employee experience is important, and when users are already authenticated, access to the travel portal is seamless. Which of the following methods is used to share information and grant user access to the travel portal?

  • A. Open Authorization (OAuth) access
  • B. Federated access
  • C. Security Assertion Markup Language (SAML) access
  • D. Single sign-on (SSO) access

Answer: B


NEW QUESTION # 648
Which of the following classes is the first level (lower) defined in the TCSEC (Orange Book) as mandatory protection?

  • A. B
  • B. C
  • C. D
  • D. A

Answer: A

Explanation:
Explanation/Reference:
Explanation:
The U.S. Department of Defense developed the Trusted Computer System Evaluation Criteria (TCSEC), which was used to evaluate operating systems, applications, and different products. These evaluation criteria are published in a book known as the Orange Book.
TCSEC provides a classification system that is divided into hierarchical divisions of assurance levels:
A. Verified protection
B. Mandatory protection
C. Discretionary protection
D. Minimal protection
Classification A represents the highest level of assurance, and D represents the lowest level of assurance.
Level B: Mandatory Protection: Mandatory access control is enforced by the use of security labels. The architecture is based on the Bell-LaPadula security model, and evidence of reference monitor enforcement must be available.
Incorrect Answers:
B: Level A is defined as verified protection, not mandatory protection.
C: Level C is defined as discretionary protection, not mandatory protection.
D: Level D is defined as minimal security, not mandatory protection.
References:
Harris, Shon, All In One CISSP Exam Guide, 6th Edition, McGraw-Hill, New York, 2013, pp. 392, 395


NEW QUESTION # 649
What are facets of trustworthy software in supply chain operations?

  • A. Confidentiality, integrity, availability, authenticity, and possession
  • B. Reparability, security, upgradability, functionality, and accuracy
  • C. Functionality, safety, reliability, integrity, and accuracy
  • D. Safety, reliability, availability, resilience, and security

Answer: D

Explanation:
Trustworthy software in supply chain operations requires that the software possess key characteristics such as safety, reliability, availability, resilience, and security. Safety ensures that the software does not harm people or the environment. Reliability ensures that the software works as intended and does not fail prematurely. Availability ensures that the software is available when needed. Resilience ensures that the software can withstand and recover from disruptions. Security ensures that the software is protected from unauthorized access, modification, or destruction.


NEW QUESTION # 650
Which of the following is a critical factor for implementing a successful data classification program?

  • A. Internal audit acceptance
  • B. Information security sponsorship
  • C. Executive sponsorship
  • D. End-user acceptance

Answer: C

Explanation:
The critical factor for implementing a successful data classification program is executive sponsorship.
Executive sponsorship is the support and commitment from the senior management of the organization for the data classification program. Executive sponsorship can provide the necessary resources, authority, and guidance for the data classification program, and ensure that the program aligns with the organization's goals, policies, and culture. Executive sponsorship can also influence and motivate the data owners, custodians, and users to participate and comply with the data classification program. The other options are not as critical as executive sponsorship, as they either do not have the same level of influence or authority (B, C, and D), or do not directly contribute to the data classification program (D). References: CISSP All-in-One Exam Guide, Eighth Edition, Chapter 2, page 66; Official (ISC)2 CISSP CBK Reference, Fifth Edition, Chapter 2, page 72.


NEW QUESTION # 651
An Ethernet address is composed of how many bits?

  • A. 128-bit address
  • B. 32-bit address.
  • C. 48-bit address
  • D. 64-bit address

Answer: C

Explanation:
Explanation/Reference:
Explanation:
Ethernet is a common LAN media access technology standardized by IEEE 802.3. Ethernet uses 48-bit MAC addressing, works in contention-based networks, and has extended outside of just LAN environments.
Incorrect Answers:
B: An Ethernet address has 48 bits, not 32 bits.
C: An Ethernet address has 48 bits, not 64 bits.
D: An Ethernet address has 48 bits, not 128 bits.
References:
Harris, Shon, All In One CISSP Exam Guide, 6th Edition, McGraw-Hill, New York, 2013, p. 578


NEW QUESTION # 652
Which of the following issues is not addressed by Kerberos?

  • A. Confidentiality
  • B. Availability
  • C. Authentication
  • D. Integrity

Answer: B

Explanation:
The KDC (Kerberos Distribution Center) can be a single point of failure.
Confidentiality is incorrect. Kerberos does ensure confidentiality, keeping communications private
between systems over a network.
Integrity is incorrect. Kerberos does ensure integrity. Authentication is incorrect. Kerberos does provide authentication.
References: CBK pp 181-194


NEW QUESTION # 653
Which of the following provides the GREATEST level of data security for a Virtual Private Network (VPN) connection?

  • A. Extensible Authentication Protocol (EAP)
  • B. Internet Protocol Payload Compression (IPComp)
  • C. Internet Protocol Security (IPSec)
  • D. Remote Authentication Dial-In User Service (RADIUS)

Answer: C

Explanation:
Internet Protocol Security (IPSec) is a network protocol that provides the greatest level of data security for a Virtual Private Network (VPN) connection. A VPN is a type of connection that creates a secure and encrypted tunnel between two hosts over an unsecured network, such as the internet. A VPN can be used for various purposes, such as remote access, site-to-site, or network-to-network communication. IPSec is a protocol that can secure the VPN connection by using various security features, such as authentication, encryption, integrity, and replay protection. Authentication is the process of verifying the identity and credential of the hosts or users involved in the connection. Encryption is the process of transforming the data into an unreadable form to prevent unauthorized access or disclosure of the data. Integrity is the process of ensuring that the data is not modified or corrupted during the transmission. Replay protection is the process of preventing the attacker from capturing and retransmitting the data to impersonate or disrupt the connection. IPSec can help to protect the VPN connection from various threats, such as eavesdropping, spoofing, or hijacking, by using these security features, as well as by using various protocols, such as Authentication Header (AH) or Encapsulating Security Payload (ESP). Internet Protocol Payload Compression (IPComp), Extensible Authentication Protocol (EAP), or Remote Authentication Dial-In User Service (RADIUS) are not the protocols that provide the greatest level of data security for a VPN connection, as they are either less secure, less comprehensive, or less applicable than IPSec. References: CISSP All-in-One Exam Guide, Eighth Edition, Chapter 6: Secure Network Architecture and Securing Network Components, page 346; CISSP Official (ISC)2 Practice Tests, Third Edition, Domain 4: Communication and Network Security, Question 4.15, page 189.


NEW QUESTION # 654
How should an organization determine the priority of its remediation efforts after a vulnerability assessment has been conducted?

  • A. Use a risk-based approach.
  • B. Use a threat-based approach.
  • C. Use an impact-based approach.
  • D. Use a criticality-based approach.

Answer: A

Explanation:
Section: Software Development Security


NEW QUESTION # 655
Which of the following is the MOST difficult to enforce when using cloud computing?

  • A. Data access
  • B. Data backup
  • C. Data recovery
  • D. Data disposal

Answer: D

Explanation:
The most difficult thing to enforce when using cloud computing is data disposal. Data disposal is the process of permanently deleting or destroying the data that is no longer needed or authorized, in a secure and compliant manner. Data disposal is challenging when using cloud computing, because the data may be stored or replicated in multiple locations, devices, or servers, and the cloud provider may not have the same policies, procedures, or standards as the cloud customer. Data disposal may also be affected by the legal or regulatory requirements of different jurisdictions, or the contractual obligations of the cloud service agreement. Data access, data backup, and data recovery are not the most difficult things to enforce when using cloud computing, as they can be achieved by using encryption, authentication, authorization, replication, or restoration techniques, and by specifying the service level agreements and the roles and responsibilities of the cloud provider and the cloud customer. References: CISSP All-in-One Exam Guide, Eighth Edition, Chapter
3, Security Architecture and Engineering, page 337. Official (ISC)2 CISSP CBK Reference, Fifth Edition, Chapter 3, Security Architecture and Engineering, page 353.


NEW QUESTION # 656
Which of the following answers presents the MOST significant threat to network based IDS or IPS systems?

  • A. Encrypted Traffic
  • B. Complex IDS/IPS Signature Syntax
  • C. Digitally Signed Network Packets
  • D. Segregated VLANs

Answer: A

Explanation:
Explanation/Reference:
Explanation:
Encrypted network packets present the biggest threat to an effective IDS/IPS plan because the network traffic cannot easily be decoded and examined.
Encrypted packets cannot be examined by the IDS to determine if there is a threat there so in most cases the traffic is just forwarded along with the potential threat.
There is an industry where a company provides examination services for your network traffic, acting like a proxy server for all your network traffic.
You simply send them copies of your certificates so they can decode the traffic. This is common in the financial industry where violating federal law or being sued by federal investigators for insider trading can lead to business collapse.
The external company examines all the network traffic coming and going from your network for potential liabilities.
Incorrect Answers:
B: Complex IDS/IPS Signature syntax: IDS/IPS signatures can be complex but this is not the MOST significant threat to the functionality of an IDS/IPS system.
C: Digitally Signed Network Packets: This is not threat to IDS/IPS systems looking for dangerous network traffic.
D: Segregated VLANs are only a threat if the IDS/IPS system is not monitoring traffic on the segregated VLAN. VLANs can present barriers to IDS/IPS systems spotting dangerous traffic. There is an easy solution to VLANs and IDS/IPS systems and that would be simply placing an IDS/IPS sensor on that VLAN and set it up to send its traffic to the IDS/IPS management system.


NEW QUESTION # 657
The security architect has been mandated to assess the security of various brands of mobile devices. At what phase of the product lifecycle would this be MOST likely to occur?

  • A. Operations and maintenance
  • B. Disposal
  • C. Implementation
  • D. Development

Answer: C

Explanation:
The product lifecycle consists of four phases: development, implementation, operations and maintenance, and disposal. The security architect has been mandated to assess the security of various brands of mobile devices, which are products that have already been developed and are ready to be deployed. Therefore, the most likely phase of the product lifecycle for this task is the implementation phase, where the products are installed, configured, tested, and integrated into the existing environment. The security architect should evaluate the security features, controls, and risks of each brand of mobile device and compare them with the security requirements and standards of the organization. The security architect should also consider the usability, performance, and compatibility of the mobile devices with the existing infrastructure and applications.
References: CISSP CBK Reference, 5th Edition, Chapter 3, page 139; CISSP All-in-One Exam Guide, 8th Edition, Chapter 3, page 107


NEW QUESTION # 658
The Chief Executive Officer (CEO) wants to implement an internal audit of the company's information security posture. The CEO wants to avoid any bias in the audit process; therefore, has assigned the Sales Director to conduct the audit. After significant interaction over a period of weeks the audit concludes that the company's policies and procedures are sufficient, robust and well established. The CEO then moves on to engage an external penetration testing company in order to showcase the organization's robust information security stance. This exercise reveals significant failings in several critical security controls and shows that the incident response processes remain undocumented. What is the MOST likely reason for this disparity in the results of the audit and the external penetration test?

  • A. The scope of the penetration test exercise and the internal audit were significantly different.
  • B. The audit team lacked the technical experience and training to make insightful and objective assessments of the data provided to them.
  • C. The information technology (IT) and governance teams have failed to disclose relevant information to the internal audit team leading to an incomplete assessment being formulated.
  • D. The external penetration testing company used custom zero-day attacks that could not have been predicted.

Answer: A


NEW QUESTION # 659
Which of the following is mobile device remote fingerprinting?

  • A. Identifying a device based on common characteristics shared by all devices of a certain type
  • B. Retrieving the serial number of the mobile device
  • C. Installing an application to retrieve common characteristics of the device
  • D. Storing information about a remote device in a cookie file

Answer: A

Explanation:
Section: Mixed questions


NEW QUESTION # 660
During an IS audit, auditor has observed that authentication and authorization steps are split into two functions and there is a possibility to force the authorization step to be completed before the authentication step. Which of the following technique an attacker could user to force authorization step before authentication?

  • A. Eavesdropping
  • B. Race Condition
  • C. Traffic analysis
  • D. Masquerading

Answer: B

Explanation:
A race condition is when processes carry out their tasks on a shared resource in an incorrect order. A race condition is possible when two or more processes use a shared resource, as in data within a variable. It is important that the processes carry out their functionality in the correct sequence. If process 2 carried out its task on the data before process 1, the result will be much different than if process1 carried out its tasks on the data before process 2 In software, when the authentication and authorization steps are split into two functions, there is a possibility an attacker could use a race condition to force the authorization step to be completed before the authentication step. This would be a flaw in the software that the attacker has figured out how to exploit. A race condition occurs when two or more processes use the same resource and the sequences of steps within the software can be carried out in an improper order, something that can drastically affect the output. So, an attacker can force the authorization step to take place before the authentication step and gain unauthorized access to a resource.
The following answers are incorrect: Eavesdropping - is the act of secretly listening to the private conversation of others without their consent, as defined by Black's Law Dictionary. This is commonly thought to be unethical and there is an old adage that "eavesdroppers seldom hear anything good of themselves...eavesdroppers
always try to listen to matters that concern them."
Traffic analysis - is the process of intercepting and examining messages in order to deduce information from patterns in communication. It can be performed even when the messages are encrypted and cannot be decrypted. In general, the greater the number of messages observed, or even intercepted and stored, the more can be inferred from the traffic. Traffic analysis can be performed in the context of military intelligence, counter-intelligence, or pattern-of-life analysis, and is a concern in computer security.
Masquerading - A masquerade attack is an attack that uses a fake identity, such as a network identity, to gain unauthorized access to personal computer information through legitimate access identification. If an authorization process is not fully protected, it can become extremely vulnerable to a masquerade attack. Masquerade attacks can be perpetrated using stolen passwords and logons, by locating gaps in programs, or by finding a way around the authentication process. The attack can be triggered either by someone within the organization or by an outsider if the organization is connected to a public network. The amount of access masquerade attackers get depends on the level of authorization they've managed to attain. As such, masquerade attackers can have a full smorgasbord of cyber crime opportunities if they've gained the highest access authority to a business organization. Personal attacks, although less common, can also be harmful.
Following reference(s) were/was used to create this question:
CISA review manual 2014 Page number 324 Official ISC2 guide to CISSP CBK 3rd Edition Page number 66 CISSP All-In-One Exam guide 6th Edition Page Number 161


NEW QUESTION # 661
Which of the following is not a security goal for remote access?

  • A. Reliable authentication of users and systems
  • B. Automated login for remote users
  • C. Easy to manage access control to systems and network resources
  • D. Protection of confidential data

Answer: B

Explanation:
An automated login function for remote users would imply a weak authentication,
thus certainly not a security goal.
Source: TIPTON, Harold F. & KRAUSE, Micki, Information Security Management Handbook, 4th
edition, volume 2, 2001, CRC Press, Chapter 5: An Introduction to Secure Remote Access (page
100).


NEW QUESTION # 662
A thorough review of an organization's audit logs finds that a disgruntled network administrator has intercepted emails meant for the Chief Executive Officer (CEO) and changed them before forwarding them to their intended recipient. What type of attack has MOST likely occurred?

  • A. Eavesdropping
  • B. Denial of service
  • C. Man-in-the-middle
  • D. Spoofing

Answer: C


NEW QUESTION # 663
Which of the following biometrics devices has the highest Crossover Error Rate (CER)?

  • A. Iris scan
  • B. Fingerprints
  • C. Hand geometry
  • D. Voice pattern

Answer: D

Explanation:
The Crossover Error Rate (CER) is the point where false rejection rate (type I error)
equals the false acceptance rate (type II error). The lower the CER, the better the accuracy of the
device. At the time if this writing, response times and accuracy of some devices are:
System type Response time Accuracy (CER)
Fingerprints 5-7 secs. 5%
Hand Geometry 3-5 secs. 2%
Voice Pattern 10-14 secs. 10%
Retina Scan 4-7 secs. 15%
Iris Scan 25-4 secs. 05%
The term EER which means Equal Error Rate is sometimes use instead of the term CER. It has
the same meaning.
Source: Chris Hare's CISSP Study Notes on Physical Security, based on ISC2 CBK document.
Available at http://www.ccure.org.


NEW QUESTION # 664
With SQL Relational databases where is the actual data stored?

  • A. Schemas and sub-schemas
  • B. Views
  • C. Tables
  • D. Index-sequential tables

Answer: C

Explanation:
SQL is a relational database Query language. SQL stands for structured query language. Schemas describe how the tables and views are structured - careful design is required so that the SQL database runs in an efficient manner. Tables are made up of rows and columns and contain the actual data. Views represent how you want to look at the data. They are not concerned with where the data is, but rather what data you want to view and how you want to see it. You can even join more than one table together. However, the less efficient the views, the longer it takes to retrieve your report. Sub-schemas may be used to establish user privileges to see data.


NEW QUESTION # 665
......


ISC CISSP exam administration language:

The language of the ISC CISSP exam is English.

 

New (2025) ISC CISSP Exam Dumps: https://www.torrentvce.com/CISSP-valid-vce-collection.html

Best Way To Study For ISC CISSP Exam Brilliant CISSP Exam Questions PDF: https://drive.google.com/open?id=1bVx87jPukjxm5I0mxxdjbWJkrV4hWKHz