ISC-CISSP

Which of the following cryptographic system services ensures that information will not be disclosed to any unauthorized person on a local network?

Which of the following are the examples of technical controls? Each correct answer represents a complete solution. Choose three.

Which of the following tenets does the CIA triad provide for which security practices are measured? Each correct answer represents a part of the solution. Choose all that apply.

Which of the following types of attacks cannot be prevented by technical measures only?

Which of the following attacks can be overcome by applying cryptography?

You work as a CSO (Chief Security Officer) for Tech Perfect Inc. You want to perform the following tasks: Develop a risk-driven enterprise information security architecture. Deliver security infrastructure solutions that support critical business initiatives. Which of the following methods will you use to accomplish these tasks?

A network is configured on a Bus topology. Which of the following conditions could cause a network failure? Each correct answer represents a complete solution. Choose all that apply.

Mark works as a Network Administrator for NetTech Inc. He wants users to access only those resources that are required for them. Which of the following access control models will he use?

Which of the following processes is used to identify relationships between mission critical applications, processes, and operations and all supporting elements?

Which of the following devices is a least expensive power protection device for filtering the electrical stream to control power surges, noise, power sags, and power spikes?

Peter works as a Network Administrator for Net World Inc. The company wants to allow remote users to connect and access its private network through a dial-up connection via the Internet. All the data will be sent across a public network. For security reasons, the management wants the data sent through the Internet to be encrypted. The company plans to use a Layer 2 Tunneling Protocol (L2TP) connection. Which communication protocol will Peter use to accomplish the task?

Which of the following types of halon is found in portable extinguishers and is stored as a liquid?

Mark has been hired by a company to work as a Network Assistant. He is assigned the task to configure a dial-up connection. He is configuring a laptop. Which of the following protocols should he disable to ensure that the password is encrypted during remote access?

Which of the following disaster recovery tests includes the operations that shut down at the primary site, and are shifted to the recovery site according to the disaster recovery plan?

In which of the following network topologies does the data travel around a loop in a single direction and pass through each device?

Which of the following security protocols provides confidentiality, integrity, and authentication of network traffic with end-to-end and intermediate-hop security?

Which of the following is an entry in an object's discretionary access control list (DACL) that grants permissions to a user or group?

You work as a Security Manager for Tech Perfect Inc. The management tells you to implement a hashing method in the organization that can resist forgery and is not open to the man-in-the-middle attack. Which of the following methods will you use to accomplish the task?

Which of the following decides access control on an object in the mandatory access control (MAC) environment?

Which of the following protocols should a Chief Security Officer configure in the network of his company to protect sessionless datagram protocols?

An international trading organization that holds an International Organization for Standardization (ISO) 27001 certification is seeking to outsource their security monitoring to a managed security service provider (MSSP). The trading organization's security officer is tasked with drafting the requirements that need to be included in the outsourcing contract. Which of the following MUST be included in the contract?

Which of the following is the PRIMARY type of cryptography required to support non-repudiation of a digitally signed document?

What is the MOST effective method to enhance security of a single sign-on (SSO) solution that interfaces with critical systems?

Which of the following is MOST appropriate to collect evidence of a zero-day attack?

When assessing web vulnerabilities, how can navigating the dark web add value to a penetration test?

You work as a Network Administrator for NetTech Inc. The company wants to encrypt its e-mails. Which of the following will you use to accomplish this?

Andrew works as a Network Administrator for Infonet Inc. The company's network has a Web server that hosts the company's Web site. Andrew wants to increase the security of the Web site by implementing Secure Sockets Layer (SSL). Which of the following types of encryption does SSL use? Each correct answer represents a complete solution. Choose two.

John works as a professional Ethical Hacker. He has been assigned the project of testing the security of www.we-are-secure.com. John notices that the We-are- secure network is vulnerable to a man-in-the-middle attack since the key exchange process of the cryptographic algorithm it is using does not thenticate participants. Which of the following cryptographic algorithms is being used by the We-are-secure server?

Which of the following electrical events shows a sudden drop of power source that can cause a wide variety of problems on a PC or a network?

Which of the following is the duration of time and a service level within which a business process must be restored after a disaster in order to avoid unacceptable consequences associated with a break in business continuity?