Practice Exams:

Free CISSP Exam Braindumps

Pass your Certified Information Systems Security Professional (CISSP) exam with these free Questions and Answers

Page 9 of 298
PDF with 1487 Questions
QUESTION 36

- (Exam Topic 10)
Multi-Factor Authentication (MFA) is necessary in many systems given common types of password attacks. Which of the following is a correct list of password attacks?

  1. A. Masquerading, salami, malware, polymorphism
  2. B. Brute force, dictionary, phishing, keylogger
  3. C. Zeus, netbus, rabbit, turtle
  4. D. Token, biometrics, IDS, DLP

Correct Answer: B

QUESTION 37

- (Exam Topic 14)
What Is the FIRST step for a digital investigator to perform when using best practices to collect digital evidence from a potential crime scene?

  1. A. Consult the lead investigate to team the details of the case and required evidence.
  2. B. Assure that grounding procedures have been followed to reduce the loss of digital data due to static electricity discharge.
  3. C. Update the Basic Input Output System (BIOS) and Operating System (OS) of any tools used to assure evidence admissibility.
  4. D. Confirm that the appropriate warrants were issued to the subject of the investigation to eliminate illegal search claims.

Correct Answer: D

QUESTION 38

- (Exam Topic 14)
Which of the following is a characteristic of a challenge/response authentication process?

  1. A. Presenting distorted graphics of text for authentication
  2. B. Transmitting a hash based on the user's password
  3. C. Using a password history blacklist
  4. D. Requiring the use of non-consecutive numeric characters

Correct Answer: A

QUESTION 39

- (Exam Topic 13)
Which of the following combinations would MOST negatively affect availability?

  1. A. Denial of Service (DoS) attacks and outdated hardware
  2. B. Unauthorized transactions and outdated hardware
  3. C. Fire and accidental changes to data
  4. D. Unauthorized transactions and denial of service attacks

Correct Answer: A

QUESTION 40

- (Exam Topic 15)
Which of the following is a term used to describe maintaining ongoing awareness of information security, vulnerabilities, and threats to support organizational risk management decisions?

  1. A. Information Security Management System (ISMS)
  2. B. Information Sharing & Analysis Centers (ISAC)
  3. C. Risk Management Framework (RMF)
  4. D. Information Security Continuous Monitoring (ISCM)

Correct Answer: D

Page 9 of 298
PDF with 1487 Questions

Post your Comments and Discuss ISC2 CISSP exam with other Community members: