Act now and download your ISC2 CISSP test today! Do not waste time for the worthless ISC2 CISSP tutorials. Download Abreast of the times ISC2 Certified Information Systems Security Professional (CISSP) exam with real questions and answers and begin to learn ISC2 CISSP with a classic professional.

2021 Nov CISSP sample question

Q41. An organization lacks a data retention policy. Of the following, who is the BEST person to consult for such requirement? 

A. Application Manager 

B. Database Administrator 

C. Privacy Officer 

D. Finance Manager 

Answer:


Q42. Sensitive customer data is going to be added to a database. What is the MOST effective implementation for ensuring data privacy? 

A. Discretionary Access Control (DAC) procedures 

B. Mandatory Access Control (MAC) procedures 

C. Data link encryption 

D. Segregation of duties 

Answer:


Q43. A vulnerability test on an Information System (IS) is conducted to 

A. exploit security weaknesses in the IS. 

B. measure system performance on systems with weak security controls. 

C. evaluate the effectiveness of security controls. 

D. prepare for Disaster Recovery (DR) planning. 

Answer:


Q44. Which of the following types of security testing is the MOST effective in providing a better indication of the everyday security challenges of an organization when performing a security risk assessment? 

A. External 

B. Overt 

C. Internal 

D. Covert 

Answer:


Q45. Following the completion of a network security assessment, which of the following can BEST be demonstrated? 

A. The effectiveness of controls can be accurately measured 

B. A penetration test of the network will fail 

C. The network is compliant to industry standards 

D. All unpatched vulnerabilities have been identified 

Answer:


Latest CISSP actual test:

Q46. Which of the following defines the key exchange for Internet Protocol Security (IPSec)? 

A. Secure Sockets Layer (SSL) key exchange 

B. Internet Key Exchange (IKE) 

C. Security Key Exchange (SKE) 

D. Internet Control Message Protocol (ICMP) 

Answer:


Q47. Which of the following is a physical security control that protects Automated Teller Machines (ATM) from skimming? 

A. Anti-tampering 

B. Secure card reader 

C. Radio Frequency (RF) scanner 

D. Intrusion Prevention System (IPS) 

Answer:


Q48. Which of the following is critical for establishing an initial baseline for software components in the operation and maintenance of applications? 

A. Application monitoring procedures 

B. Configuration control procedures 

C. Security audit procedures 

D. Software patching procedures 

Answer:


Q49. Refer.to the information below to answer the question. 

A new employee is given a laptop computer with full administrator access. This employee does not have a personal computer at home and has a child that uses the computer to send and receive e-mail, search the web, and use instant messaging. The organization’s Information Technology (IT) department discovers that a peer-to-peer program has been installed on the computer using the employee's access. 

Which.of.the.following.could.have.MOST.likely.prevented.the.Peer-to-Peer.(P2P).program.from.being.installed.on.the.computer? 

A. Removing employee's full access to the computer 

B. Supervising their child's use of the computer 

C. Limiting computer's access to only the employee 

D. Ensuring employee understands their business conduct guidelines 

Answer:


Q50. Which item below is a federated identity standard? 

A. 802.11i 

B. Kerberos 

C. Lightweight Directory Access Protocol (LDAP) 

D. Security Assertion Markup Language (SAML) 

Answer: