Free CISSP Exam Braindumps

- (Exam Topic 14)
Which would result in the GREATEST import following a breach to a cloud environment?

1. A. The hypervisor host Is poorly seared
2. B. The same Logical Unit Number (LLN) is used for ail VMs
3. C. Insufficient network segregation
4. D. Insufficient hardening of Virtual Machines (VM)

Correct Answer: C

- (Exam Topic 9)
Which one of the following is a threat related to the use of web-based client side input validation?

1. A. Users would be able to alter the input after validation has occurred
2. B. The web server would not be able to validate the input after transmission
3. C. The client system could receive invalid input from the web server
4. D. The web server would not be able to receive invalid input from the client

Correct Answer: A

- (Exam Topic 15)
The Chief Information Security Officer (CISO) of an organization has requested that a Service Organization Control (SOC) report be created to outline the security and availability of a
particular system over a 12-month period. Which type of SOC report should be utilized?

1. A. SOC 1 Type 1
2. B. SOC 2 Type 2
3. C. SOC 2 Type 2
4. D. SOC 3 Type 1

Correct Answer: C

- (Exam Topic 15)
At which phase of the software assurance life cycle should risks associated with software acquisition strategies be identified?

1. A. Follow-on phase
2. B. Planning phase
3. C. Monitoring and acceptance phase
4. D. Contracting phase

Correct Answer: C

- (Exam Topic 15)
The application owner of a system that handles confidential data leaves an organization. It is anticipated that a replacement will be hired in approximately six months. During that time, which of the following should the organization do?

1. A. Gram temporary access to the former application owner's account
2. B. Assign a temporary application owner to the system.
3. C. Restrict access to the system until a replacement application owner rs hired.
4. D. Prevent changes to the confidential data until a replacement application owner is hired.

Correct Answer: B