Free CISSP Exam Braindumps

- (Exam Topic 8)
When in the Software Development Life Cycle (SDLC) MUST software security functional requirements be defined?

1. A. After the system preliminary design has been developed and the data security categorization has been performed
2. B. After the vulnerability analysis has been performed and before the system detailed design begins
3. C. After the system preliminary design has been developed and before the data security categorization begins
4. D. After the business functional analysis and the data security categorization have been performed

Correct Answer: D

- (Exam Topic 14)
Which of the following is the MOST important reason for timely installation of software patches?

1. A. Attackers may be conducting network analysis.
2. B. Patches ere only available for a specific time.
3. C. Attackers reverse engineer the exploit from the patch.
4. D. Patches may not be compatible with proprietary software

Correct Answer: C

- (Exam Topic 14)
Which area of embedded devices are most commonly attacked?

1. A. Application
2. B. Firmware
3. C. Protocol
4. D. Physical Interface

Correct Answer: A

- (Exam Topic 9)
Which layer of the Open Systems Interconnections (OSI) model implementation adds information concerning the logical connection between the sender and receiver?

1. A. Physical
2. B. Session
3. C. Transport
4. D. Data-Link

Correct Answer: C

- (Exam Topic 13)
Which of the following mandates the amount and complexity of security controls applied to a security risk?

1. A. Security vulnerabilities
2. B. Risk tolerance
3. C. Risk mitigation
4. D. Security staff

Correct Answer: C