ISC-CISSP

You work as an Incident handler in Mariotrixt.Inc. You have followed the Incident handling process to handle the events and incidents. You identify Denial of Service attack (DOS) from a network linked to your internal enterprise network. Which of the following phases of the Incident handling process should you follow next to handle this incident?

You have decided to implement video surveillance in your company in order to enhance network security. Which of the following locations must have a camera in order to provide the minimum level of security for the network resources? Each correct answer represents a complete solution. Choose two.

You work as a Network Administrator for NetTech Inc. You want to have secure communication on the company's intranet. You decide to use public key and private key pairs. What will you implement to accomplish this?

Which of the following protocols is used to compare two values calculated using the Message Digest (MD5) hashing function?

Which of the following is a technique used for modifying messages, providing Information and Cyber security, and reducing the risk of hacking attacks during communications and message passing over the Internet?

Which of the following terms refers to a mechanism which proves that the sender really sent a particular message?

Which of the following terms refers to the method that allows or restricts specific types of packets from crossing over the firewall?

Adam works as a Security Analyst for Umbrella Inc. CEO of the company ordered him to implement two-factor authentication for the employees to access their networks. He has told him that he would like to use some type of hardware device in tandem with a security or identifying pin number. Adam decides to implement smart cards but they are not cost effective. Which of the following types of hardware devices will Adam use to implement two-factor authentication?

Maria works as a Network Security Officer for Gentech Inc. She wants to encrypt her network traffic. The specific requirement for the encryption algorithm is that it must be a symmetric key block cipher. Which of the following techniques will she use to fulfill this requirement?

Which of the following protocols uses public-key cryptography to authenticate the remote computer?

An organization wants to define as physical perimeter. What primary device should be used to accomplish this objective if the organization's perimeter MUST cost- efficiently deter casual trespassers?

Which of the following vulnerabilities can be BEST detected using automated analysis?

A project manager for a large software firm has acquired a government contract that generates large amounts of Controlled Unclassified Information (CUI). The organization's information security manager had received a request to transfer project-related CUI between systems of differing security classifications. What role provides the authoritative guidance for this transfer?

Which of the following determines how traffic should flow based on the status of the infrastructure layer?

When testing password strength, which of the following is the BEST method for brute forcing passwords?

Physical assets defined in an organization's business impact analysis (BIA) could include which of the following?

An organization has been collecting a large amount of redundant and unusable data and filling up the storage area network (SAN). Management has requested the identification of a solution that will address ongoing storage problems. Which is the BEST technical solution?

What is the PRIMARY purpose of creating and reporting metrics for a security awareness, training, and education program?

In a DevOps environment, which of the following actions is MOST necessary to have confidence in the quality of the changes being made?

What is the MAIN purpose of a security assessment plan?

Which of the following uses a Key Distribution Center (KDC) to authenticate a principle?

Which of the following two cryptography methods are used by NTFS Encrypting File System (EFS) to encrypt the data stored on a disk on a file-by-file basis?

Which of the following keys are included in a certificate revocation list (CRL) of a public key infrastructure (PKI)? Each correct answer represents a complete solution. Choose two.

Which of the following protocols provides certificate-based authentication for virtual private networks (VPNs)?

A company named Money Builders Inc., hires you to provide consultancy for setting up their Windows network. The company's server room will be in a highly secured environment. You are required to suggest an authentication method for it. The CFO of the company wants the server to use thumb impressions for authentication. Which of the following authentication methods will you suggest?

Which of the following sections come under the ISO/IEC 27002 standard?

Which of the following U.S. Federal laws addresses computer crime activities in communication lines, stations, or systems?

Which of the following access control models uses a predefined set of access privileges for an object of a system?

Which of the following protocols is used with a tunneling protocol to provide security?

Which of the following are the levels of military data classification system? Each correct answer represents a complete solution. Choose all that apply.