ISC2 Certified Information Systems Security Professional CISSP Exam Practice Test

Page: 1 / 14
Total 1486 questions
Question 1

Which of the following is the top barrier for companies to adopt cloud technology?



Answer : D

The top barrier for companies to adopt cloud technology is security. Cloud technology is a technology that enables the delivery or consumption of computing resources or services over the internet, such as servers, storage, databases, networks, applications, or analytics. Cloud technology can offer many benefits to companies, such as cost reduction, scalability, flexibility, or efficiency. However, cloud technology also poses many challenges or risks to companies, such as security, compliance, performance, or reliability. Security is the top barrier for companies to adopt cloud technology, as it is the most critical and complex issue that companies face when moving to or using the cloud. Security is the barrier that prevents or hinders the companies from adopting cloud technology, as it involves the protection of the data, the systems, and the users from unauthorized or malicious access, modification, or disruption, and the compliance with the legal, regulatory, or contractual obligations. Security is the barrier that requires or demands the most attention, effort, or resources from the companies when adopting cloud technology, as it involves the assessment, evaluation, or verification of the security posture, capabilities, or controls of the cloud provider, the cloud service, and the cloud customer, and the implementation, management, or monitoring of the security policies, procedures, or measures for the cloud environment. Migration period, data integrity, or cost are not the top barriers for companies to adopt cloud technology, as they are not the most critical or complex issues that companies face when moving to or using the cloud. Migration period is the time or the duration that it takes for the companies to transfer or migrate their data, systems, or applications from their on-premises or legacy environment to the cloud environment. Data integrity is the quality or the condition of the data that ensures that the data is accurate, complete, or consistent, and that the data is not corrupted, altered, or lost. Cost is the amount or the value of the money or the resources that the companies spend or invest in adopting or using the cloud technology. Migration period, data integrity, or cost are important or relevant issues that companies face when adopting cloud technology, but they are not the top barriers, as they are not the most critical or complex issues, and they can be addressed or resolved by using proper planning, testing, or optimization techniques or methods.Reference:Official (ISC)2 Guide to the CISSP CBK, Fifth Edition, Chapter 4: Communication and Network Security, page 287.


Question 2

Which of the following initiates the systems recovery phase of a disaster recovery plan?



Answer : B

The systems recovery phase of a disaster recovery plan is the phase that involves restoring the critical systems and operations of the organization after a disaster. The systems recovery phase is initiated by activating the organization's hot site. A hot site is a fully equipped and operational alternative site that can be used to resume the business functions within a short time after a disaster. A hot site typically has the same hardware, software, network, and data as the original site, and can be switched to quickly and seamlessly. A hot site can ensure the continuity and availability of the organization's systems and services during a disaster recovery situation. Reference: CISSP All-in-One Exam Guide, Eighth Edition, Chapter 7: Business Continuity and Disaster Recovery Planning, page 365; [Official (ISC)2 CISSP CBK Reference, Fifth Edition, Chapter 7: Business Continuity Planning, page 499]


Question 3

Which of the following protocols will allow the encrypted transfer of content on the Internet?



Answer : B

Secure copy (SCP) is a protocol that allows the encrypted transfer of content on the Internet. SCP uses Secure Shell (SSH) to provide authentication and encryption for the data transfer. SCP can be used to copy files between local and remote hosts, or between two remote hosts.Reference: Unable to provide specific references due to browsing limitations.


Question 4
Question 5

Which of the following is the key requirement for test results when implementing forensic procedures?



Question 6

Which of the following would MINIMIZE the ability of an attacker to exploit a buffer overflow?



Answer : B

Code review is the technique that would minimize the ability of an attacker to exploit a buffer overflow. A buffer overflow is a type of vulnerability that occurs when a program writes more data to a buffer than it can hold, causing the data to overwrite the adjacent memory locations, such as the return address or the stack pointer. An attacker can exploit a buffer overflow by injecting malicious code or data into the buffer, and altering the execution flow of the program to execute the malicious code or data. Code review is the technique that would minimize the ability of an attacker to exploit a buffer overflow, as it involves examining the source code of the program to identify and fix any errors, flaws, or weaknesses that may lead to buffer overflow vulnerabilities. Code review can help to detect and prevent the use of unsafe or risky functions, such as gets, strcpy, or sprintf, that do not perform any boundary checking on the buffer, and replace them with safer or more secure alternatives, such as fgets, strncpy, or snprintf, that limit the amount of data that can be written to the buffer. Code review can also help to enforce and verify the use of secure coding practices and standards, such as input validation, output encoding, error handling, or memory management, that can reduce the likelihood or impact of buffer overflow vulnerabilities. Memory review, message division, and buffer division are not techniques that would minimize the ability of an attacker to exploit a buffer overflow, although they may be related or useful concepts. Memory review is not a technique, but a process of analyzing the memory layout or content of a program, such as the stack, the heap, or the registers, to understand or debug its behavior or performance. Memory review may help to identify or investigate the occurrence or effect of a buffer overflow, but it does not prevent or mitigate it. Message division is not a technique, but a concept of splitting a message into smaller or fixed-size segments or blocks, such as in cryptography or networking. Message division may help to improve the security or efficiency of the message transmission or processing, but it does not prevent or mitigate buffer overflow. Buffer division is not a technique, but a concept of dividing a buffer into smaller or separate buffers, such as in buffering or caching. Buffer division may help to optimize the memory usage or allocation of the program, but it does not prevent or mitigate buffer overflow.


Question 7

Write Once, Read Many (WORM) data storage devices are designed to BEST support which of the following core security concepts?



Answer : A

Write Once, Read Many (WORM) data storage devices are designed to best support the core security concept of integrity. Integrity is the property that ensures that data or information is accurate, complete, consistent, and protected from unauthorized modification or deletion. WORM data storage devices are devices that allow data to be written only once, and then read multiple times, without the possibility of altering or erasing the data. WORM data storage devices can support the integrity of the data, as they can prevent any accidental or intentional changes or corruption of the data, and preserve the original state and content of the data. Some examples of WORM data storage devices are optical discs, magnetic tapes, or flash drives. Scalability, availability, and confidentiality are not the core security concepts that WORM data storage devices are designed to best support. Scalability is the property that enables a system or a network to handle an increasing amount of work or demand, without compromising the performance or quality of the service. Availability is the property that ensures that data or information is accessible and usable by authorized parties, whenever and wherever needed. Confidentiality is the property that ensures that data or information is disclosed or revealed only to authorized parties, and protected from unauthorized access or exposure. WORM data storage devices may not necessarily support these security concepts, as they may not be able to accommodate more data or users, provide continuous or reliable access to the data, or restrict or encrypt the data.Reference:Official (ISC)2 CISSP CBK Reference, Fifth Edition, Domain 3, Security Architecture and Engineering, page 331.CISSP All-in-One Exam Guide, Eighth Edition, Chapter 3, Security Architecture and Engineering, page 314.


Page:    1 / 14   
Total 1486 questions