It is more faster and easier to pass the ISC2 CISSP exam by using Realistic ISC2 Certified Information Systems Security Professional (CISSP) questuins and answers. Immediate access to the Most up-to-date CISSP Exam and find the same core area CISSP questions with professionally verified answers, then PASS your exam with a high score now.
2021 Mar CISSP testing engine
Q101. Which of the following is the best practice for testing a Business Continuity Plan (BCP)?
A. Test.before the IT Audit
B. Test when environment changes
C. Test after installation of security patches
D. Test after implementation of system patches
Answer: B
Q102. An organization has developed a major application that has undergone accreditation testing. After receiving the results of the evaluation, what is the final step before the application can be accredited?
A. Acceptance of risk by the authorizing official
B. Remediation of vulnerabilities
C. Adoption of standardized policies and procedures
D. Approval of the System Security Plan (SSP)
Answer: A
Q103. Which of the following are Systems Engineering Life Cycle (SELC) Technical Processes?
A. Concept, Development, Production, Utilization, Support, Retirement
B. Stakeholder Requirements Definition, Architectural Design, Implementation, Verification, Operation
C. Acquisition, Measurement, Configuration Management, Production, Operation, Support
D. Concept, Requirements, Design, Implementation, Production, Maintenance, Support, Disposal
Answer: B
Q104. Which of the following is a detective access control mechanism?
A. Log review
B. Least privilege C. Password complexity
D. Non-disclosure agreement
Answer: A
Q105. Why is a system's criticality classification important in large organizations?
A. It provides for proper prioritization and scheduling of security and maintenance tasks.
B. It reduces critical system support workload and reduces the time required to apply patches.
C. It allows for clear systems status communications to executive management.
D. It provides for easier determination of ownership, reducing confusion as to the status of the asset.
Answer: A
Regenerate CISSP book:
Q106. By.carefully.aligning.the.pins.in.the.lock, which of the following defines the opening of a mechanical lock without the proper key?
A. Lock pinging
B. Lock picking
C. Lock bumping
D. Lock bricking
Answer: B
Q107. Which of the following actions should be performed when implementing a change to a database schema in a production system?
A. Test in development, determine dates, notify users, and implement in production
B. Apply change to production, run in parallel, finalize change in production, and develop a back-out strategy
C. Perform user acceptance testing in production, have users sign off, and finalize change
D. Change in development, perform user acceptance testing, develop a back-out strategy, and implement change
Answer: D
Q108. Which of the following is ensured when hashing files during chain of custody handling?
A. Availability
B. Accountability
C. Integrity
D. Non-repudiation
Answer: C
Q109. In the area of disaster planning and recovery, what strategy entails the presentation of information about the plan?
A. Communication
B. Planning
C. Recovery
D. Escalation
Answer: A
Q110. After acquiring the latest security updates, what must be done before deploying to production systems?
A. Use tools to detect missing system patches
B. Install the patches on a test system
C. Subscribe to notifications for vulnerabilities
D. Assess the severity of the situation
Answer: B