It is impossible to pass ISC2 cissp study plan exam without any help in the short term. Come to Pass4sure soon and find the most advanced, correct and guaranteed ISC2 cissp requirements practice questions. You will get a surprising result by our Most recent Certified Information Systems Security Professional (CISSP) practice guides.
Q97. When designing a vulnerability test, which one of the following is likely to give the BEST indication of what components currently operate on the network?
A. Topology diagrams
B. Mapping tools
C. Asset register
D. Ping testing
Answer: B
Q98. Which of the following BEST describes the purpose of the security functional requirements of Common Criteria?
A. Level of assurance of the Target of Evaluation (TOE) in intended operational environment
B. Selection to meet the security objectives stated in test documents
C. Security behavior expected of a TOE
D. Definition of the roles and responsibilities
Answer: C
Q99. The FIRST step in building a firewall is to
A. assign the roles and responsibilities of the firewall administrators.
B. define the intended audience who will read the firewall policy.
C. identify mechanisms to encourage compliance with the policy.
D. perform a risk analysis to identify issues to be addressed.
Answer: D
Q100. When in the Software Development Life Cycle (SDLC) MUST software security functional requirements be defined?
A. After the system preliminary design has been developed and.the data security categorization has been performed
B. After the business functional analysis and the data security categorization have been performed
C. After the vulnerability analysis has been performed and before the system detailed design begins
D. After the system preliminary design has been developed and before.the.data security categorization begins
Answer: B
Q101. Which one of the following is a fundamental objective in handling an incident?
A. To restore control of the affected systems
B. To confiscate the suspect's computers
C. To prosecute the attacker
D. To perform full backups of the system
Answer: A
Q102. Refer.to the information below to answer the question.
An organization experiencing a negative financial impact is forced to reduce budgets and the number of Information Technology (IT) operations staff performing basic logical access security administration functions. Security processes have been tightly integrated into normal IT operations and are not separate and distinct roles.
When determining appropriate resource allocation, which of the following is MOST important to monitor?
A. Number of system compromises
B. Number of audit findings
C. Number of staff reductions
D. Number of additional assets
Answer: B
Q103. Which of the following is the PRIMARY.security.concern associated with the implementation of smart cards?
A. The cards have limited memory
B. Vendor application compatibility
C. The cards can be misplaced
D. Mobile code can be embedded in the card
Answer: C
Q104. Which of the following is a detective access control mechanism?
A. Log review
B. Least privilege C. Password complexity
D. Non-disclosure agreement
Answer: A