★ Pass on Your First TRY ★ 100% Money Back Guarantee ★ Realistic Practice Exam Questions
Free Instant Download NEW CISSP Exam Dumps (PDF & VCE):
Available on:
https://www.certleader.com/CISSP-dumps.html
Want to know Actualtests CISSP Exam practice test features? Want to lear more about ISC2 Certified Information Systems Security Professional (CISSP) certification experience? Study Top Quality ISC2 CISSP answers to Up to the minute CISSP questions at Actualtests. Gat a success with an absolute guarantee to pass ISC2 CISSP (Certified Information Systems Security Professional (CISSP)) test on your first attempt.
2021 Mar CISSP exam prep
Q131. What type of encryption is used to protect sensitive data in transit over a network?
A. Payload encryption and transport encryption
B. Authentication Headers (AH)
C. Keyed-Hashing for Message Authentication
D. Point-to-Point Encryption (P2PE)
Answer: A
Q132. Which of the following are Systems Engineering Life Cycle (SELC) Technical Processes?
A. Concept, Development, Production, Utilization, Support, Retirement
B. Stakeholder Requirements Definition, Architectural Design, Implementation, Verification, Operation
C. Acquisition, Measurement, Configuration Management, Production, Operation, Support
D. Concept, Requirements, Design, Implementation, Production, Maintenance, Support, Disposal
Answer: B
Q133. The birthday attack is MOST effective against which one of the following cipher technologies?
A. Chaining block encryption
B. Asymmetric cryptography
C. Cryptographic hash
D. Streaming cryptography
Answer: C
Q134. Which of the following is an essential step before performing Structured Query Language (SQL) penetration tests on a production system?
A. Verify countermeasures have been deactivated.
B. Ensure firewall logging has been activated.
C. Validate target systems have been backed up.
D. Confirm warm site is ready to accept connections.
Answer: C
Q135. How can a forensic specialist exclude from examination a large percentage of operating system files residing on a copy of the target system?
A. Take another backup of the media in question then delete all irrelevant operating system files.
B. Create a comparison database of cryptographic hashes of the files from a system with the same operating system and patch level.
C. Generate a message digest (MD) or secure hash on the drive image to detect tampering of the media being examined.
D. Discard harmless files for the operating system, and known installed programs.
Answer: B
Rebirth CISSP sample question:
Q136. When implementing a secure wireless network, which of the following supports authentication and authorization for individual client endpoints?
A. Temporal Key Integrity Protocol (TKIP)
B. Wi-Fi Protected Access (WPA) Pre-Shared Key (PSK)
C. Wi-Fi Protected Access 2 (WPA2) Enterprise
D. Counter Mode with Cipher Block Chaining Message Authentication Code Protocol (CCMP)
Answer: C
Q137. Which of the following assessment metrics is BEST used to understand a system's vulnerability to potential exploits?
A. Determining the probability that the system functions safely during any time period
B. Quantifying the system's available services
C. Identifying the number of security flaws within the system
D. Measuring the system's integrity in the presence of failure
Answer: C
Q138. What is the MOST effective method for gaining unauthorized access to a file protected with a long complex password?
A. Brute force attack
B. Frequency analysis
C. Social engineering
D. Dictionary attack
Answer: C
Q139. An organization is designing a large enterprise-wide document repository system. They plan to have several different classification level areas with increasing levels of controls. The BEST way to ensure document confidentiality in the repository is to
A. encrypt the contents of the repository and document any exceptions to that requirement.
B. utilize Intrusion Detection System (IDS) set drop connections if too many requests for documents are detected.
C. keep individuals with access to high security areas from saving those documents into lower security areas.
D. require individuals with access to the system to sign Non-Disclosure Agreements (NDA).
Answer: C
Q140. The PRIMARY characteristic of a Distributed Denial of Service (DDoS) attack is that it
A. exploits weak authentication to penetrate networks.
B. can be detected with signature analysis.
C. looks like normal network activity.
D. is commonly confused with viruses or worms.
Answer: C