Best Free Actual Exam Prep Sources

JOB Exam Prep
Menu

CISSP : Certified Information Systems Security Professional Questions and Answers

Get Full PDF

Question.36
What is the term used to define where data is geographically stored in the cloud?

(A) Data privacy rights
(B) Data sovereignty
(C) Data warehouse
(D) Data subject rights
36. Click here to View Answer

Correct Answer: B

Question.37
Which of the following does the security design process ensure within the System Development Life Cycle (SDLC)?

(A) Proper security controls, security objectives, and security goals are properly initiated.
(B) Security objectives, security goals, and system test are properly conducted.
(C) Proper security controls, security goals, and fault mitigation are properly conducted.
(D) Security goals, proper security controls, and validation are properly initiated.
37. Click here to View Answer

Correct Answer: A

Question.38
Which of the following is MOST important to follow when developing information security controls for an organization?

(A) Use industry standard best practices for security controls in the organization.
(B) Exercise due diligence with regard to all risk management information to tailor appropriate controls.
(C) Review all local and international standards and choose the most stringent based on location.
(D) Perform a risk assessment and choose a standard that addresses existing gaps.
38. Click here to View Answer

Correct Answer: B

Question.39
When recovering from an outage, what is the Recovery Point Objective (RPO), in terms of data recovery?

(A) The RPO is the minimum amount of data that needs to be recovered.
(B) The RPO is the amount of time it takes to recover an acceptable percentage of data lost.
(C) The RPO is a goal to recover a targeted percentage of data lost.
(D) The RPO is the maximum amount of time for which loss of data is acceptable.
39. Click here to View Answer

Correct Answer: D

Question.40
Which of the following attacks, if successful, could give an intruder complete control of a software-defined networking (SDN) architecture?

(A) A brute force password attack on the Secure Shell (SSH) port of the controller
(B) Sending control messages to open a flow that does not pass a firewall from a compromised host within the network
(C) Remote Authentication Dial-In User Service (RADIUS) token replay attack
(D) Sniffing the traffic of a compromised host inside the network
40. Click here to View Answer

Correct Answer: A

Pages: 1 2 3 4 5 6 7 8 9 10 11 12 13
Scroll to Top