Free CISSP Exam Braindumps

- (Exam Topic 10)
When using third-party software developers, which of the following is the MOST effective method of providing software development Quality Assurance (QA)?

1. A. Retain intellectual property rights through contractual wording.
2. B. Perform overlapping code reviews by both parties.
3. C. Verify that the contractors attend development planning meetings.
4. D. Create a separate contractor development environment.

Correct Answer: B

- (Exam Topic 6)
A Virtual Machine (VM) environment has five guest Operating Systems (OS) and provides strong isolation. What MUST an administrator review to audit a user’s access to data files?

1. A. Host VM monitor audit logs
2. B. Guest OS access controls
3. C. Host VM access controls
4. D. Guest OS audit logs

Correct Answer: A

- (Exam Topic 15)
Which of the following is the BEST method a security practitioner can use to ensure that systems and sub-systems gracefully handle invalid input?

1. A. Unit testing
2. B. Integration testing
3. C. Negative testing
4. D. Acceptance testing

Correct Answer: B

- (Exam Topic 15)
What type of attack sends Internet Control Message Protocol (ICMP) echo requests to the target machine with a larger payload than the target can handle?

1. A. Man-in-the-Middle (MITM)
2. B. Denial of Service (DoS)
3. C. Domain Name Server (DNS) poisoning
4. D. Buffer overflow

Correct Answer: B

- (Exam Topic 15)
An organization's retail website provides its only source of revenue, so the disaster recovery plan (DRP) must document an estimated time for each step in the plan.
Which of the following steps in the DRP will list the GREATEST duration of time for the service to be fully operational?

1. A. Update the Network Address Translation (NAT) table.
2. B. Update Domain Name System (DNS) server addresses with domain registrar.
3. C. Update the Border Gateway Protocol (BGP) autonomous system number.
4. D. Update the web server network adapter configuration.

Correct Answer: B