Certified Information Systems Security Professional – CISSP – Question367

Which of the following benefits does Role Based Access Control (RBAC) provide for the access review process?

A.
Lowers the amount of access requests after review
B. Gives more control into the revocation phase
C. Gives more fine-grained access analysis to accesses
D. Lowers the number of items to be reviewed

Correct Answer: C

Certified Information Systems Security Professional – CISSP – Question366

Which of the following is the MOST relevant risk indicator after a penetration test?

A.
Lists of hosts vulnerable to remote exploitation attacks
B. Details of vulnerabilities and recommended remediation
C. Lists of target systems on the network identified and scanned for vulnerabilities
D. Details of successful vulnerability exploitations

Correct Answer: C

Certified Information Systems Security Professional – CISSP – Question365

The process of “salting” a password is designed to increase the difficulty of cracking which of the following?

A.
Specific password
B. Password hash function
C. Password algorithm
D. Maximum password length

Certified Information Systems Security Professional – CISSP – Question364

A data owner determines the appropriate job-based access for an employee to perform their duties. Which type of access control is this?

A.
Discretionary Access Control (DAC)
B. Non-discretionary access control
C. Mandatory Access Control (MAC)
D. Role-based access control (RBAC)

Certified Information Systems Security Professional – CISSP – Question363

A group of organizations follows the same access standards and practices. One manages the verification and due diligence processes for the others. For a user to access a resource from one of the organizations, a check is made to see if that user has been certified. Which Federated Identity Management (FIM) process is this an example of?

A.
One-time authentication
B. Web based access management
C. Cross-certification model
D. Bridge model

Correct Answer: B

Certified Information Systems Security Professional – CISSP – Question362

Which action is MOST effective for controlling risk and minimizing maintenance costs in the software supply chain?

A.
Selecting redundant suppliers
B. Selecting suppliers based on business requirements
C. Selecting fewer, more reliable suppliers
D. Selecting software suppliers with the fewest known vulnerabilities

Correct Answer: D

Certified Information Systems Security Professional – CISSP – Question361

A security team member was selected as a member of a Change Control Board (CCB) for an organization. Which of the following is one of their responsibilities?

A.
Approving or disapproving the change
B. Determining the impact of the change
C. Carrying out the requested change
D. Logging the change

Correct Answer: B

Certified Information Systems Security Professional – CISSP – Question360

A security practitioner has just been assigned to address an ongoing Denial of Service (DoS) attack against the company’s network, which includes an e-commerce web site. The strategy has to include defenses for any size of attack without rendering the company network unusable. Which of the following should be a PRIMARY concern when addressing this issue?

A.
Deal with end user education and training.
B. Pay more for a dedicated path to the Internet.
C. Allow legitimate connections while blocking malicious connections.
D. Ensure the web sites are properly backed up on a daily basis.

Correct Answer: C

Certified Information Systems Security Professional – CISSP – Question359

What is a consideration when determining the potential impact an organization faces in the event of the loss of confidentiality of Personally Identifiable Information (PII)?

A.
Quantity
B. Availability
C. Quality
D. Criticality

Certified Information Systems Security Professional – CISSP – Question358

Which of the following provides for the STRONGEST protection of data confidentiality in a Wi-Fi environment?

A.
Wi-Fi Protected Access (WPA) + Temporal Key Integrity Protocol (TKIP)
B. Wi-Fi Protected Access 2 (WPA2) + Advanced Encryption Standard (AES)
C. Wi-Fi Protected Access 2 (WPA2) + Counter Mode with Cipher Block Chaining Message Authentication Code Protocol (CCMP)
D. Wired Equivalent Privacy (WEP) + Advanced Encryption Standard (AES)

Correct Answer: B