Login / Register   My Cart (0)
  • Home
  • Articles
  • Updated Oct-2023 CISSP Free Exam Files Downloaded Instantly [Q68-Q90]

Updated Oct-2023 CISSP Free Exam Files Downloaded Instantly [Q68-Q90]

Share

Updated Oct-2023 CISSP Free Exam Files Downloaded Instantly

Practice Exams and Training Solutions for Certifications


To become a CISSP, candidates must demonstrate a minimum of five years of professional experience in the information security industry. They must also pass the CISSP exam, which consists of 250 multiple-choice questions and takes six hours to complete. CISSP exam is challenging, and only those who have a solid understanding of the various domains of information security can pass it.


ISC CISSP exam is not easy, and the difficulty level is quite high. With a multiple-choice format, the exam consists of 250 questions that must be completed within six hours. CISSP exam measures the ability of candidates to apply their knowledge in real-world situations, making it a highly sought-after certification for professionals looking to boost their careers in the field of information security.

 

NEW QUESTION # 68
What is the BEST approach for controlling access to highly sensitive information when employees have the same level of security clearance?

  • A. Two-factor authentication
  • B. Application of least privilege
  • C. Audit logs
  • D. Role-Based Access Control (RBAC)

Answer: D

Explanation:
Section: Identity and Access Management (IAM)


NEW QUESTION # 69
Which of the following is not a DES mode of operation?

  • A. Cipher feedback
  • B. Input feedback
  • C. Electronic code book
  • D. Cipher block chaining

Answer: B

Explanation:
Explanation/Reference:
Explanation:
DES modes include the following:
Electronic Code Book (ECB)

Cipher Block Chaining (CBC)

Cipher Feedback (CFB)

Output Feedback (OFB)

Counter Mode (CTR)

Input feedback is not a DES mode.

Incorrect Answers:
A, B, & D: Cipher block chaining, Electronic code book, and Cipher feedback are modes of DES.
Reference:
Harris, Shon, All In One CISSP Exam Guide, 6th Edition, McGraw-Hill, 2013, pp. 802-807


NEW QUESTION # 70
All hosts on an IP network have a logical ID called a(n):

  • A. IP address.
  • B. TCP address.
  • C. MAC address.
  • D. Datagram address.

Answer: A

Explanation:
Explanation/Reference:
Explanation:
Each node on an IP network must have a unique IP address.
Incorrect Answers:
B: IP hosts use IP addresses, not MAC addresses.
C: There is no such thing as a TCP address in the TCP/IP model.
D: There is no such thing as a datagram address in the TCP/IP model.
References:
Harris, Shon, All In One CISSP Exam Guide, 6th Edition, McGraw-Hill, New York, 2013, p. 541


NEW QUESTION # 71
Which of the following can prevent hijacking of a web session?

  • A. PPP
  • B. RSA
  • C. SET
  • D. SSL

Answer: D

Explanation:
The Secure Socket Layer (SSL) protocol is used between a web server and client and provides entire session encryption, thus preventing from session hijacking. RSA is asymmetric encryption algorithm that can be used in setting up a SSL session. SET is the Secure Electronic Transaction protocol that was introduced by Visa and Mastercard to allow for more credit card transaction possibilities. PPP is a point-to-point protocol. Source: KRUTZ, Ronald L. & VINES, Russel D., The CISSP Prep Guide: Mastering the Ten Domains of Computer Security, John Wiley & Sons, 2001, Chapter 3: Telecommunications and Network Security (page 89).


NEW QUESTION # 72
Which choice below is the correct definition of a Mutual Aid Agreement?

  • A. A prearranged agreement to render assistance to the parties of the agreement
  • B. Activities taken to eliminate or reduce the degree of risk to life and property
  • C. A management-level analysis that identifies the impact of losing an entitys resources
  • D. An appraisal or determination of the effects of a disaster on human, physical, economic, and natural resources

Answer: A

Explanation:
Amutual aid agreement is used by two or more parties to provide
for assistance if one of the parties experiences an emergency. It is
expected that the other parties will assist the affected party in various
ways, perhaps by making office space available, or computing
time or resources, or supplying manpower if needed. While mutual
aid agreements may be a very cost-effective solution for disaster
recovery, it does not provide for full operations redundancy. An
example of a problem with a total reliance on mutual aid would be
the event that affects all parties to the agreement, thereby rendering
the agreement useless. While they are an effective means to provide
some resources to the organization in an emergency, they in themselves
are not a replacement for a full disaster recovery plan, including
alternate computer processing sites.
*Answer "A management-level analysis that identifies the impact of losing an entitys resources"
describes a business continuity plan.
*Answer "An appraisal or determination of the effects of a disaster on human, physical, economic,
and natural resources" describes a damage assessment
*answer "Activities taken to eliminate or reduce the degree of risk to life and property" describes
risk mitigation.
Source: NFPA 1600 Standard on Disaster/Emergency Management
and Business Continuity, National Fire Protection Association, 2000
edition, and Emergency Management Guide for Business and
Industry, Federal Emergency Management Agency, August 1998.


NEW QUESTION # 73
Which of the following is used in database information security to hide information?

  • A. Polymorphism
  • B. Inheritance
  • C. Delegation
  • D. Polyinstantiation

Answer: D

Explanation:
Polyinstantiation enables a relation to contain multiple tuples with the same primary keys with each instance distinguished by a security level. When this information is inserted into a database, lower-level subjects need to be restricted from this information. Instead of just restricting access, another set of data is created to fool the lower-level subjects into thinking that the information actually means something else. Source: HARRIS, Shon, All-In-One CISSP Certification Exam Guide, McGraw-Hill/Osborne, 2002, chapter 11: Application and System Development (page 727).


NEW QUESTION # 74
Which of the following is the most costly countermeasures to reducing physical security risks?

  • A. procedural controls
  • B. hardware devices
  • C. electronic systems
  • D. personnel

Answer: D


NEW QUESTION # 75
Which of the following statements pertaining to firewalls NOT true?

  • A. Firewalls protect a network at all layers of the OSI models.
  • B. Firewalls allow for centralization of security services in machines optimized and dedicated to the task.
  • C. Firewalls create bottlenecks between the internal and external network.
  • D. Firewalls are used to create security checkpoints at the boundaries of private networks.

Answer: A

Explanation:
Explanation/Reference:
Explanation:
Packet filtering firewalls work at the network level of the OSI model.
If you filter specific ports, you can say you're filtering at layer 4.
If your firewall inspects specific protocol states or data, you can say it operates at layer 7.
Firewalls do not work at layer 1, layer 2, or layer 3 of the OSI model.
Incorrect Answers:
A: Firewalls can create bottlenecks between the internal and external network.
B: Firewalls can be administered from a central location.
D: Firewall are most often placed at the boundaries of the private networks to implement a security checkpoint to restrict access from the Internet.
References:
Harris, Shon, All In One CISSP Exam Guide, 6th Edition, McGraw-Hill, New York, 2013, p. 628


NEW QUESTION # 76
What is a consideration when determining the potential impact an organization faces in the event of the loss of confidentiality of Personally Identifiable Information (PII)?

  • A. Quantity
  • B. Availability
  • C. Quality
  • D. Criticality

Answer: A

Explanation:
Section: Mixed questions
Explanation/Reference: https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-122.pdf


NEW QUESTION # 77
For fault-tolerance to operate, a system must be:

  • A. Capable of only detecting the fault.
  • B. Capable of a cold start.
  • C. Capable of detecting and correcting the fault.
  • D. Capable of terminating operations in a safe mode.

Answer: C

Explanation:
The correct answer is "Capable of detecting and correcting the fault". The two conditions required
for a faulttolerant system.
Answer "Capable of only detecting the fault" is a distracter.
Answer "Capable of terminating operations in a safe mode" is the definition of fail safe and answer
"Capable of a cold start" refers to starting after a system shutdown.


NEW QUESTION # 78
Knowing the language in which an encrypted message was originally produced might help a cryptanalyst to perform a

  • A. frequency analysis.
  • B. stochastic assessment.
  • C. clear-text attack.
  • D. known cipher attack.

Answer: A

Explanation:
Section: Software Development Security


NEW QUESTION # 79
DRAG DROP
In which order should the following steps be taken to create an
emergency management plan?

Answer:

Explanation:

Explanation:

60-2
The proper order of steps in the emergency management planning
process is:
Establish a planning team
Analyze capabilities and hazards
Develop the plan
Implement the plan
Source: Emergency Management Guide for Business and Industry,
Federal Emergency Management Agency, August 1998.


NEW QUESTION # 80
Which of the following is NOT a type of data network?

  • A. WAN
  • B. LAN
  • C. MAN
  • D. GAN

Answer: D

Explanation:
The correct answer is d. GAN does not exist. LAN stands for Local
Area Network, WAN stands for Wide Area Network, and MAN
stands for Metropolitan Area Network.


NEW QUESTION # 81
Which of the following cloud computing service model provides a way to rent operating systems, storage and network capacity over the Internet?

  • A. Infrastructure as a service
  • B. Platform as a service
  • C. Data as a service
  • D. Software as a service

Answer: B


NEW QUESTION # 82
What physical characteristic does a retinal scan biometric device measure?

  • A. The amount of light reaching the retina
  • B. The amount of light reflected by the retina
  • C. The pattern of light receptors at the back of the eye
  • D. The pattern of blood vessels at the back of the eye

Answer: D

Explanation:
The retina, a thin nerve (1/50th of an inch) on the back of the eye, is the part of the eye which senses light and transmits impulses through the optic nerve to the brain - the equivalent of film in a camera. Blood vessels used for biometric identification are located along the neural retina, the outermost of retina's four cell layers.
The following answers are incorrect:
The amount of light reaching the retina The amount of light reaching the retina is not used in the biometric scan of the retina.
The amount of light reflected by the retina The amount of light reflected by the retina is not used in the biometric scan of the retina.
The pattern of light receptors at the back of the eye This is a distractor
The following reference(s) were/was used to create this question:
Reference: Retina Scan Technology.
ISC2 Official Guide to the CBK, 2007 (Page 161)


NEW QUESTION # 83
Which of the following features is MOST effective in mitigating against theft of data on a corporate mobile device which has been stolen?

  • A. Mobile device tracking with geolocation
  • B. Whole device encryption with key escrow
  • C. Mobile Device Management (MDM) with device wipe
  • D. Virtual private network (VPN) with traffic encryption

Answer: C


NEW QUESTION # 84
What operations role is responsible for protecting the enterprise from corrupt or contaminated media?

  • A. Information security practitioner
  • B. Information librarian
  • C. Network administrator
  • D. Computer operator

Answer: B


NEW QUESTION # 85
Which of the following are the valid categories of hand geometry scanning?

  • A. Electrical and image-edge detection.
  • B. Logical and image-edge detection.
  • C. Mechanical and image-edge detection.
  • D. Mechanical and image-ridge detection.

Answer: C

Explanation:
Hand geometry reading (scanning) devices usually fall into one of two categories: mechanical or image-edge detection. Both methods are used to measure specific characteristics of a person's hand such as length of fingers and thumb, widths, and depth.


NEW QUESTION # 86
Which choice below is the BEST description of an Annualized Loss
Expectancy (ALE)?

  • A. An estimate of how often a given threat event may occur annually
  • B. The expected risk factor of an annual threat event, derived by
    multiplying the SLE by its ARO
  • C. The percentile of the value of the asset expected to be lost, used to calculate the SLE
  • D. A value determined by multiplying the value of the asset by its
    exposure factor

Answer: B

Explanation:
Answer "An estimate of how often a given threat event may occur annually" describes the
Annualized Rate of Occurrence (ARO).
Answer "The percentile of the value of the asset expected to be lost, used to calculate the SLE" describes the Exposure Factor (EF).
Answer "A value determined by multiplying the value of the asset by its exposure factor" describes the algorithm to determine the Single Loss
Expectancy (SLE) of a threat.


NEW QUESTION # 87
Elliptic curve cryptosystems:

  • A. Cannot be used to implement encryption.
  • B. Cannot be used to implement digital signatures.
  • C. Have a lower strength per bit than an RSA.
  • D. Have a higher strength per bit than an RSA.

Answer: D

Explanation:
The correct answer is "Have a higher strength per bit than an RSA". It is more difficult to compute Elliptic Curve discreet logarithms than conventional discreet logarithms or factoring. Smaller key sizes in the elliptic curve implementation can yield higher levels of security. Therefore, answer "Have a lower strength per bit than an
RSA" is incorrect.
Answers "Cannot be used to implement digital signatures" and "Cannot be used to implement encryption" are incorrect because elliptic curve cryptosystems can be used for digital signatures and encryption.


NEW QUESTION # 88
Which of the following offers confidentiality to an e-mail message?

  • A. The sender encrypting it with its private key.
  • B. The sender encrypting it with the receiver's private key.
  • C. The sender encrypting it with its public key.
  • D. The sender encrypting it with the receiver's public key.

Answer: D

Explanation:
An e-mail message's confidentiality is protected when encrypted with the receiver's public key, because he is the only one able to decrypt the message. The sender is not supposed to have the receiver's private key. By encrypting a message with its private key, anybody possessing the corresponding public key would be able to read the message. By encrypting the message with its public key, not even the receiver would be able to read the message. Source: HARRIS, Shon, All-In-One CISSP Certification Exam Guide, McGraw-Hill/Osborne, 2002, chapter 8: Cryptography (page 517).


NEW QUESTION # 89
At what stage of the applications development process should the security department become involved?

  • A. Prior to the implementation
  • B. Prior to systems testing
  • C. During requirements development
  • D. During unit testing

Answer: C

Explanation:
Source: TIPTON, Hal, (ISC)2, Introduction to the CISSP Exam presentation.


NEW QUESTION # 90
......

Q&As with Explanations Verified & Correct Answers: https://testking.testpassed.com/CISSP-pass-rate.html

Related Articles

more
ISC CISSP Certification Practice Exam

If you choose TestPassed test questions, you will pass test and gain success surely! Top-level faculty and excellent educational experts guarantee high-quality test questions which make users pass exam certainly.

Latest Test Passed

Useful Links

Contact Us

Our Working Time: ( GMT 0:00-15:00 )
From Monday to Saturday

Support: Contact now 

If you have any question please leave me your email address, we will reply and send email to you in 12 hours.

Copyright © 2026 TestPassed NETWORK CO.,LIMITED. All Rights Reserved. All trademarks used are properties of their respective owners. Privacy Policy