Download Certified Information Systems Security Professional.CISSP.ActualTests.2021-05-13.386q.vcex

Vendor: ISC
Exam Code: CISSP
Exam Name: Certified Information Systems Security Professional
Date: May 13, 2021
File Size: 1023 KB
Downloads: 16

How to open VCEX files?

Files with VCEX extension can be opened by ProfExam Simulator.

Demo Questions

Question 1
All of the following items should be included in a Business Impact Analysis (BIA) questionnaire EXCEPT questions that
  1. determine the risk of a business interruption occurring
  2. determine the technological dependence of the business processes
  3. Identify the operational impacts of a business interruption
  4. Identify the financial impacts of a business interruption
Correct answer: B
Question 2
Which of the following actions will reduce risk to a laptop before traveling to a high risk area?
  1. Examine the device for physical tampering
  2. Implement more stringent baseline configurations
  3. Purge or re-image the hard disk drive
  4. Change access codes 
Correct answer: B
Question 3
Which of the following represents the GREATEST risk to data confidentiality?
  1. Network redundancies are not implemented
  2. Security awareness training is not completed
  3. Backup tapes are generated unencrypted
  4. Users have administrative privileges
Correct answer: C
Question 4
What is the MOST important consideration from a data security perspective when an organization plans to relocate?
  1. Ensure the fire prevention and detection systems are sufficient to protect personnel
  2. Review the architectural plans to determine how many emergency exits are present
  3. Conduct a gap analysis of a new facilities against existing security requirements
  4. Revise the Disaster Recovery and Business Continuity (DR/BC) plan
Correct answer: C
Question 5
A company whose Information Technology (IT) services are being delivered from a Tier 4 data center, is preparing a companywide Business Continuity Planning (BCP). 
Which of the following failures should the IT manager be concerned with?
  1. Application
  2. Storage
  3. Power
  4. Network
Correct answer: C
Question 6
When assessing an organization’s security policy according to standards established by the International Organization for Standardization (ISO) 27001 and 27002, 
when can management responsibilities be defined?
  1. Only when assets are clearly defined
  2. Only when standards are defined
  3. Only when controls are put in place
  4. Only procedures are defined 
Correct answer: A
Question 7
Which of the following types of technologies would be the MOST cost-effective method to provide a reactive control for protecting personnel in public areas?
  1. Install mantraps at the building entrances
  2. Enclose the personnel entry area with polycarbonate plastic
  3. Supply a duress alarm for personnel exposed to the public
  4. Hire a guard to protect the public area
Correct answer: C
Question 8
An important principle of defense in depth is that achieving information security requires a balanced focus on which PRIMARY elements?
  1. Development, testing, and deployment
  2. Prevention, detection, and remediation
  3. People, technology, and operations
  4. Certification, accreditation, and monitoring 
Correct answer: C
Question 9
Intellectual property rights are PRIMARY concerned with which of the following?
  1. Owner’s ability to realize financial gain
  2. Owner’s ability to maintain copyright
  3. Right of the owner to enjoy their creation
  4. Right of the owner to control delivery method
Correct answer: A
Question 10
A control to protect from a Denial-of-Service (DoS) attach has been determined to stop 50% of attacks, and additionally reduces the impact of an attack by 50%. 
What is the residual risk?
  1. 25%
  2. 50%
  3. 75%
  4. 100% 
Correct answer: A

Use VCE Exam Simulator to open VCE files


Use ProfExam Simulator to open VCEX and EXAM files
ProfExam Screen

ProfExam at a 20% markdown

You have the opportunity to purchase ProfExam at a 20% reduced price

Get Now!