ISC2 certification is highly treasured inside industry. Case regarding ISC2 certification can apply intended for career all around the entire world. ISC2 certification is the brand regarding warranty. A professional can certainly strengthen his/her abilities and will very easily enhance his/her expertise plus knowledge by using ISC2. Businesses are looking for people personnel whore nicely certified and get additional ordinary competencies plus competencies inside their niche.

2021 Nov CISSP pdf exam

Q181. Which of the following MUST be part of a contract to support electronic discovery of data stored in a cloud environment? 

A. Integration with organizational directory services for authentication 

B. Tokenization of data 

C. Accommodation of hybrid deployment models 

D. Identification of data location 

Answer:


Q182. In a data classification scheme, the data is owned by the 

A. Information Technology (IT) managers. 

B. business managers. 

C. end users. 

D. system security managers. 

Answer:


Q183. Which one of the following is a threat related to the use of web-based client side input validation? 

A. Users would be able to alter the input after validation has occurred 

B. The web server would not be able to validate the input after transmission 

C. The client system could receive invalid input from the web server 

D. The web server would not be able to receive invalid input from the client 

Answer:


Q184. Refer.to the information below to answer the question. 

A new employee is given a laptop computer with full administrator access. This employee does not have a personal computer at home and has a child that uses the computer to send and receive e-mail, search the web, and use instant messaging. The organization’s Information Technology (IT) department discovers that a peer-to-peer program has been installed on the computer using the employee's access. 

Which of the following solutions would have MOST likely detected the use of peer-to-peer programs when the computer was connected to the office network? 

A. Anti-virus software 

B. Intrusion Prevention System (IPS) 

C. Anti-spyware software 

D. Integrity checking software 

Answer:


Q185. For privacy protected data, which of the following roles has the highest authority for establishing dissemination rules for the data? 

A. Information Systems Security Officer 

B. Data Owner 

C. System Security Architect 

D. Security Requirements Analyst 

Answer:


Updated CISSP free practice test:

Q186. The.Hardware Abstraction Layer (HAL).is implemented in the 

A. system software. 

B. system hardware. 

C. application software. 

D. network hardware. 

Answer:


Q187. Which of the following methods protects.Personally Identifiable.Information (PII).by use of a full replacement of the data element? 

A. Transparent Database Encryption (TDE) 

B. Column level database encryption 

C. Volume encryption 

D. Data tokenization 

Answer:


Q188. Which of the following is a MAJOR consideration in implementing a Voice over IP (VoIP) network? 

A. Use of a unified messaging. 

B. Use of separation for the voice network. 

C. Use of Network Access Control (NAC) on switches. 

D. Use of Request for Comments (RFC) 1918 addressing. 

Answer:


Q189. Which of the following is a recommended alternative to an integrated email encryption system? 

A. Sign emails containing sensitive data 

B. Send sensitive data in separate emails 

C. Encrypt sensitive data separately in attachments 

D. Store sensitive information to be sent in encrypted drives 

Answer:


Q190. Which of the following is a strategy of grouping requirements in developing a Security Test and Evaluation (ST&E)? 

A. Standards, policies, and procedures 

B. Tactical, strategic, and financial 

C. Management, operational, and technical 

D. Documentation, observation, and manual 

Answer: