Practice Exams:

Free CISSP Exam Braindumps

Pass your Certified Information Systems Security Professional (CISSP) exam with these free Questions and Answers

Page 2 of 298
PDF with 1487 Questions
QUESTION 1

- (Exam Topic 13)
Who is responsible for the protection of information when it is shared with or provided to other organizations?

  1. A. Systems owner
  2. B. Authorizing Official (AO)
  3. C. Information owner
  4. D. Security officer

Correct Answer: C
Section: Security Operations

QUESTION 2

- (Exam Topic 7)
Which of the following is the FIRST step in the incident response process?

  1. A. Determine the cause of the incident
  2. B. Disconnect the system involved from the network
  3. C. Isolate and contain the system involved
  4. D. Investigate all symptoms to confirm the incident

Correct Answer: D

QUESTION 3

- (Exam Topic 9)
Which of the following is a limitation of the Common Vulnerability Scoring System (CVSS) as it relates to conducting code review?

  1. A. It has normalized severity ratings.
  2. B. It has many worksheets and practices to implement.
  3. C. It aims to calculate the risk of published vulnerabilities.
  4. D. It requires a robust risk management framework to be put in place.

Correct Answer: C

QUESTION 4

- (Exam Topic 12)
Match the types of e-authentication tokens to their description.
Drag each e-authentication token on the left to its corresponding description on the right.
CISSP dumps exhibit
Solution:
Look-up secret token - A physical or electronic token that stores a set of secrets between the claimant and the credential service provider
Out-of-Band Token - A physical token that is uniquely addressable and can receive a verifier-selected secret for one-time use
Pre-registered Knowledge Token - A series of responses to a set of prompts or challenges established by the subscriber and credential service provider during the registration process
Memorized Secret Token - A secret shared between the subscriber and credential service provider that is typically character strings

Does this meet the goal?

  1. A. Yes
  2. B. No

Correct Answer: A

QUESTION 5

- (Exam Topic 14)
Information security metrics provide the GREATEST value tp management when based upon the security manager’s knowledge of which of the following?

  1. A. Likelihood of a security breach
  2. B. Value of information assets
  3. C. Cost of implementing effective controls
  4. D. Benefits related to quantitative analysts

Correct Answer: B

Page 2 of 298
PDF with 1487 Questions

Post your Comments and Discuss ISC2 CISSP exam with other Community members: