New CISSP Test Materials & Valid CISSP Test Engine [Q33-Q55]

New CISSP Test Materials & Valid CISSP Test Engine

CISSP Updated Exam Dumps [2023] Practice Valid Exam Dumps Question

NEW QUESTION # 33
Which of the following organizations PRODUCES and PUBLISHES the Federal Information Processing Standards (FIPS)?

• A. The American National Standards Institute (ANSI)
• B. The National Computer Security Center (NCSC)
• C. The National Institute of Standards and Technology (NIST)
• D. The National Security Agency (NSA)

Answer: C

Explanation:
Explanation/Reference:
Explanation:
Federal Information Processing Standards (FIPS) is a standard for adoption and use by United States Federal departments and agencies that has been developed within the Information Technology Laboratory and published by the National Institute of Standards and Technology (NIST), a part of the U.S. Department of Commerce. FIPS describe document processing, encryption algorithms and other information technology standards for use within non-military government agencies and by government contractors and vendors who work with the agencies. The standards cover a specific topic in information technology (IT) and strive to achieve a common level of quality or interoperability.
Incorrect Answers:
A: The National Computer Security Center (NCSC) does not produce or publish the Federal Information Processing Standards (FIPS).
C: The National Security Agency (NSA) does not produce or publish the Federal Information Processing Standards (FIPS).
D: The American National Standards Institute (ANSI) does not produce or publish the Federal Information Processing Standards (FIPS).
References"
http://whatis.techtarget.com/definition/Federal-Information-Processing-Standards-FIPS

NEW QUESTION # 34
Which of the following BEST ensures accountability of users for the actions taken within a system or domain?

• A. Authentication
• B. Authorization
• C. Identification
• D. Credentials

Answer: A

Explanation:
Explanation/Reference:
Explanation:
Identification and authentication are the keystones of most access control systems. Identification is the act of a user professing an identity to a system, usually in the form of a log-on ID to the system. Identification establishes user accountability for the actions on the system. Authentication is verification that the user's claimed identity is valid and is usually implemented through a user password at log-on time.
To 'ensure' accountability, the user must prove that they are who they say they are. This is the function of authentication. Therefore, authentication best ensures accountability of users for the actions taken within a system or domain.
Incorrect Answers:
A: Identification is the user saying who they are. However, to ensure accountability, you need authentication to prove that they are who they say they are.
C: Authorization is the rights and permissions granted to an individual which enable access to a computer resource. This does not ensure accountability because it does not ensure that the user accessing the system is who they say they are.
D: Credentials are the user's username and password combination. However, authentication is the process of validating the credentials. Credentials alone (without validation/authentication) do not ensure that the user accessing the system is who they say they are.
References:
Krutz, Ronald L. and Russell Dean Vines, The CISSP and CAP Prep Guide: Mastering CISSP and CAP, Wiley Publishing, Indianapolis, 2007, p. 57

NEW QUESTION # 35
In a dry pipe system, there is no water standing in the pipe - it is being held back by what type of valve?

• A. Relief valve
• B. Clapper valve
• C. Release valve
• D. Emergency valve

Answer: B

Explanation:
Dry pipe sprinkler systems commonly are used where he ambient temperature of the space they are protecting is expected to be less than 40 F (4.4 C).
The sprinkler pipe is filled with compressed air or nitrogen that is released when a sprinkler opens and allows the dry pipe valve to open, filling the overhead pipes with water. This prevent the pipes from freezing in unattended facilities such as warehouses.
What keeps water from entering the sprinkler pipes prematurely?
The dry pipe valve is designed so that the pressure from the compressed air or nitrogen keeps the valve closed until it is needed.

Clapper Valve Interior
Look at the interior of the valve assembly in the photograph above. The waterway at the bottom is smaller than the air chamber above the clapper valve. This design enables it to enjoy the mechanical advantage of the "differential principle." The larger surface area under relatively low air pressure is able to hold back the water pressure from the smaller orifice.
In most dry pipe valves, this differential principle operates on a ratio of about 1:6; one unit of air pressure will resist six units of water pressure. If, for example, the incoming water pressure were 60 psi (4.1 bar), the differential principle created by the larger surface area would allow as little as 10 psi (0.7 bar) air pressure to keep the valve closed. Some "low- differential" dry pipe valves operate with an air to water ressure ratio of 1:1.2.
While the minimum air pressure will keep the dry pipe valve closed during normal conditions, most sprinkler fitters will put an additional 20 psi (1.4 bar) air pressure on the system to prevent inadvertent valve operation in the event of a small air leak.
The National Fire Protection Association (NFPA) 13, Standard for the installation of
Automatic Sprinkler Systems, provides guidance on minimum air pressure that must be maintained. Another important feature of this dry pipe valve is the latching device pictured in the upper left hand corner. This attachment is designed to hold the heavy dry pipe valve in the open position once it operates so that it does not interfere with water flowing to control a fire.
For additional information, refer to NFPA 13, Standard for the Installation of Automatic
Sprinkler Systems.
All of the other choices presented within the question were only detractors and not good responses for this specific question.
Reference:
KRUTZ, Ronald L. & VINES, Russel D., The CISSP Prep Guide: Mastering the Ten
Domains of Computer Security, 2001, John Wiley & Sons, Page 336.
And
KRUTZ, Ronald L. & VINES, Russel D., The CISSP Prep Guide: GOLD EDITION, John
Wiley & Sons, 2002, page 471.
and
The United State Fire Administration at http://www.usfa.dhs.gov/downloads/pdf/coffee- break/cb_fp_2010_20.pdf

NEW QUESTION # 36
What is the FIRST step prior to executing a test of an organisation's disaster recovery (DR) or business continuity plan (BCP)?

• A. Develop clear evaluation criteria.
• B. Develop recommendations for disaster scenarios.
• C. identify key stakeholders,
• D. Identify potential failure points.

Answer: A

NEW QUESTION # 37
An attacker is able to remain indefinitely logged into a exploiting to remain on the web service?

• A. Alert management
• B. Session management
• C. Password management
• D. Identity management (IM)

Answer: B

NEW QUESTION # 38
The Physical Security domain addresses three areas that can be utilized to physically protect an enterprise's resources and sensitive information. Which of the following is not one of these areas?

• A. Vulnerabilities
• B. Threats
• C. Risks
• D. Countermeasures

Answer: D

NEW QUESTION # 39
What is typically used to illustrate the comparative strengths and weaknesses of each biometric technology?

• A. Zapper Chart
• B. Cipher Chart
• C. Zephyr Chart
• D. Decipher Chart

Answer: C

Explanation:
The Zephyr Chart illustrates the comparative strengths and weaknesses of each biometric technology. The eight primary biometric technologies are listed around the outer border, and for each technology the four major evaluation criteria are ranked from outside (better) to inside (worse). Looking at dynamic signature verification (DSV) will illustrate how the Zephyr Chart works.

NEW QUESTION # 40
Which protocol's primary function is to facilitate file and directory transfer between two machines?

• A. Trivial File Transfer Protocol (TFTP).
• B. File Transfer Protocol (FTP).
• C. Telnet.
• D. Simple Mail Transfer Protocol (SMTP)

Answer: B

Explanation:
File Transfer Protocol (FTP) is the protocol that is used to facilitate file transfer between two machines. TFTP has no directory browsing capabilities. SMTP is generally used to send messages from a mail client to a mail server. Telnet's primary function is terminal emulation. Source: KRUTZ, Ronald L. & VINES, Russel D., The CISSP Prep Guide: Mastering the Ten Domains of Computer Security, 2001, John Wiley & Sons, Page 88.

NEW QUESTION # 41
Network-based logging has which advantage over host-based logging when reviewing malicious activity about a victim machine?

• A. Network-based systems cannot capture users logging into the console.
• B. Host-based system logging has files stored in multiple locations.
• C. Properly handled network-based logs may be more reliable and valid.
• D. Addresses and protocols of network-based logs are analyzed.

Answer: D

Explanation:
Section: Software Development Security

NEW QUESTION # 42
One drawback of Application Level Firewall is that it reduces network performance due to the fact that it must analyze every packet and:

• A. decide what to do with each packet.
• B. decide what to do with each application.
• C. decide what to do with each port.
• D. decide what to do with each user.

Answer: A

Explanation:
Application level firewalls (proxies) must inspect the contents of each packet to make decisions on how the packet will be handled. This inspection imposes additional overhead on the proxy and can reduce the amount of traffic it can handle.
"Decide what to do with each application" is incorrect. Application firewalls are specific to a type of application and therefore there is no decision making based on different applications.
"Decide what to do with each user" is incorrect. This is not how an application layer firewall operates.
Decide what to do with each port" is incorrect. This is not how an application layer firewall operates.
References: CBK, p. 467 AIO3, 488 - 490

NEW QUESTION # 43
HOTSPOT
Which Web Services Security (WS-Security) specification negotiates how security tokens will be issued, renewed and validated? Click on the correct specification in the image below.

Answer:

Explanation:

NEW QUESTION # 44
Which of the following is not an EPA-approved replacement for Halon?

• A. Innergen
• B. Bromine
• C. FM-200
• D. FE-13

Answer: B

Explanation:
Halon is a compound consisting of bromine, fluorine, and carbon. Halons are used
as fire extinguishing agents, both in built-in systems and in handheld portable fire extinguishers.
Halon production in the U.S. ended on December 31, 1993, because they contribute to ozone
depletion. Bromine being part of Halon is not a safe replacement for Halon.
The following are some of the EPA-approved replacements for halon:
Several substitutes have been approved by the SNAP program that may be considered as
potential candidates for specific use conditions as cited in 40 CFR 82 Appendix A to Subpart G,
Substitutes Subject to Use Restrictions and Unacceptable Substitutes. It should be noted that the
following substitutions are merely comments on usage and not conditions. For example, the Army
has considered the use of HFC-125 in the crew compartments of its ground combat vehicles. Also,
the Army has installed IG-541 in normally occupied areas. The following substitutes are listed:
Total Flooding Agents Acceptable Substitutes
Water Mist Systems using Potable or Natural Sea Water
[Foam] A (formerly identified as Water Mist Surfactant Blend A) This agent is not a clean agent,
but is a low-density, short duration foam.
Carbon Dioxide (Must meet NFPA 12 and OSHA 1910.162(b)5 requirements
Water Sprinklers
Total Flooding Agents Substitutes Acceptable Subject To Use Conditions
Normally Occupied Areas
C4F10 (PFC-410 or CEA-410)
C3F8 (PFC-218 or CEA-308)
HCFC Blend A (NAF S-III)
HFC-23 (FE 13)
HFC-227ea (FM 200)
IG-01 (Argon)
IG-55 (Aragonite)
HFC-125
HFC-134a
Normally Unoccupied Areas
Powdered Aerosol C
CF3I
HCFC-22
HCFC-124
HFC-125
HFC-134a
Gelled Halocarbon/Dry Chem. Suspension (PGA)
Inert Gas/Powdered Aerosol Blend (FS 0140)
IG-541 (Inergen)
Unacceptable Substitutes
HFC-32
The following were incorrect answers:
The following are all safe replacement for Halon:
FE-13 is an Halon replacement (Halon 1301) in total flooding and inerting applications where its low toxicity provides for improved safety margins, the protected spaces are large, the cylinder storage area is remote from the protected space, or where the temperatures are likely to go below 0(o)C (32(o)F). Of the clean agents available, DuPont FE-13 has the lowest toxicity and is the safest for protecting areas where people are present. DuPont FE-13 provides the ultimate in human safety while protecting high-value assets and business continuity with a clean agent.
DuPont FE-13 is: safe for people a clean agent that does not leave a residue electrically nonconductive and noncorrosive an environmentally preferred alternative to Halon with zero ozone depletion potential (ODP)
FM-200 is a colorless, liquefied compressed gas. It is stored as a liquid and dispensed into the hazard as a colorless, electrically non-conductive vapor that is clear and does not obscure vision. It leaves no residue and has acceptable toxicity for use in occupied spaces at design concentration. FM-200 does not displace oxygen and, therefore, is safe for use in occupied spaces without fear of oxygen deprivation.
INERGEN is a blend of inert atmospheric gases that contains 52% nitrogen, 40% argon, 8% carbon dioxide, used for fire suppression system agent. It is considered a clean agent for use in gaseous fire suppression applications. Inergen does not contain halocarbons, and has no ozone depletion potential. It is non-toxic. Inergen is used at design concentrations of 35-50% to lower the concentration of oxygen to a point that cannot support combustion, but still safe for humans.
Reference(s) used for this quesiton: Hernandez CISSP, Steven (2012-12-21). Official (ISC)2 Guide to the CISSP CBK, Third Edition ((ISC)2 Press) (Kindle Locations 25616-25620). Auerbach Publications. Kindle Edition. and Harris, Shon (2012-10-25). CISSP All-in-One Exam Guide, 6th Edition (pp. 473-474). McGraw-Hill. Kindle Edition. and Hernandez CISSP, Steven (2012-12-21). Official (ISC)2 Guide to the CISSP CBK, Third Edition ((ISC)2 Press) (Kindle Locations 25623-25626). Auerbach Publications. Kindle Edition. and http://en.wikipedia.org/wiki/Inergen and http://www.p2sustainabilitylibrary.mil/P2_Opportunity_Handbook/3_III_2.html

NEW QUESTION # 45
What is the act of obtaining information of a higher sensitivity by combining information from lower levels of sensitivity?

• A. Data mining
• B. Inference
• C. Polyinstantiation
• D. Aggregation

Answer: D

Explanation:
Aggregation is the act of obtaining information of a higher sensitivity by combining information from lower levels of sensitivity.
The incorrect answers are:
Polyinstantiation is the development of a detailed version of an object from another object using different values in the new object.
Inference is the ability of users to infer or deduce information about data at sensitivity levels for which they do not have access privilege.
Data mining refers to searching through a data warehouse for data correlations.
Sources:
KRUTZ, Ronald L. & VINES, Russel D., The CISSP Prep Guide: Mastering the Ten
Domains of Computer Security, John Wiley & Sons, 2001, Chapter 7: Applications and
Systems Development (page 261).
KRUTZ, Ronald & VINES, Russel, The CISSP Prep Guide: Gold Edition, Wiley Publishing
Inc., 2003, Chapter 7: Database Security Issues (page 358).

NEW QUESTION # 46
Which of the following is the MOST common method of memory protection?

• A. Compartmentalization
• B. Error correction
• C. Segmentation
• D. Virtual Local Area Network (VLAN) tagging

Answer: C

NEW QUESTION # 47
Which type of attack involves the altering of a systems Address Resolution Protocol (ARP) table so that it contains incorrect IP to MAC address mappings?

• A. Reverse ARP
• B. Reverse ARP table poisoning
• C. Poisoning ARP cache
• D. ARP table poisoning

Answer: D

Explanation:
Explanation/Reference:
Explanation:
An attacker that can modify the address table for a network device can potentially compromise the network. Modifying the address table with fake entries can cause switches to send frames to wrong nodes.
An attacker can compromise the ARP table and change the MAC address so that the IP address points to his own MAC address. This type of attack is called an ARP table poisoning attack or a man-in-the-middle attack.
Incorrect Answers:
A: There is no hacker attack method called Reverse ARP.
B: ARP spoofing, ARP cache poisoning, or ARP poison routing, is a technique by which an attacker sends (spoofed) Address Resolution Protocol (ARP) messages onto a local area network.
D: There is no hacker attack method called Reverse ARP table poisoning.

NEW QUESTION # 48
Which of the following should NOT be performed by an operator?

• A. Monitoring execution of the system
• B. Implementing the initial program load
• C. Data entry
• D. Controlling job flow

Answer: C

Explanation:
Explanation/Reference:
Explanation:
Under the principle of separation of duties, an operator should not be performing data entry. This should be left to data entry personnel.
System operators represent a class of users typically found in data center environments where mainframe systems are used. They provide day-to-day operations of the mainframe environment, ensuring that scheduled jobs are running effectively and troubleshooting problems that may arise. They also act as the arms and legs of the mainframe environment, load and unloading tape and results of job print runs.
Operators have elevated privileges, but less than those of system administrators. If misused, these privileges may be used to circumvent the system's security policy. As such, use of these privileges should be monitored through audit logs.
Incorrect Answers:
A: Implementing the initial program load is a function that should be performed by an operator.
B: Monitoring execution of the system is a function that should be performed by an operator.
D: Controlling job flow is a function that should be performed by an operator.

NEW QUESTION # 49
The implementation of which features of an identity management system reduces costs and administration overhead while improving audit and accountability?

• A. Single Sign-On (SSO)
• B. A metadirectory
• C. User self-service
• D. Two-factor authentication

Answer: C

NEW QUESTION # 50
Because of the nature of information that is stored on the computer, the
investigation and prosecution of computer criminal cases have specific
characteristics, one of which is:

• A. Investigators and prosecutors have a longer time frame for the investigation.
• B. Evidence is usually easy to gather.
• C. The information is intangible.
• D. The investigation does not usually interfere with the normal conduct of the business of an organization.

Answer: C

Explanation:
The information is stored in memory on the computer and is intangible as opposed to a physical object. Answer a is incorrect since investigators and prosecutors are under time pressure to gather evidence and proceed to prosecution. If the suspect is alerted, he or she may do damage to the system or destroy important evidencE . Search warrants may have to be obtained by law enforcement to search the suspects home and workplace and seize computers and disks. Answer c is incorrect since an investigation will interfere with the normal conduct of business. Some of the ways in which an investigation may affect an organization are: The organization will have to provide experts to work with law enforcement. Information key to the criminal investigation may be co-resident on the same computer system as information critical to the dayto day operation of the organization. Proprietary data may be subject to disclosure. Management may be exposed if they have not exercised Due Care to protect information resources. There may be negative publicity that will be harmful to the organization. Answer d is incorrect. Evidence is difficult to gather since it is intangible and easily subject to modification or destruction.

NEW QUESTION # 51
Which of the following techniques is known to be effective in spotting resource exhaustion problems, especially with resources such as processes, memory, and connections?

• A. Automated dynamic analysis
• B. Manual code review
• C. Automated static analysis
• D. Fuzzing

Answer: A

Explanation:
Section: Software Development Security
Explanation

NEW QUESTION # 52
Why would anomaly detection IDSs often generate a large number of false positives?

• A. Because they are application-based are more subject to attacks.
• B. Because they cant identify abnormal behavior.
• C. Because normal patterns of user and system behavior can vary wildly.
• D. Because they can only identify correctly attacks they already know about.

Answer: C

Explanation:
One of the most obvious reasons why false alarms occur is because tools are stateless. To detect an intrusion, simple pattern matching of signatures is often insufficient. However, that's what most tools do. Then, if the signature is not carefully designed, there will be lots of matches. For example, tools detect attacks in sendmail by looking for the words "DEBUG" or "WIZARD" as the first word of a line.
If this is in the body of the message, it's in fact innocuous, but if the tool doesn't differentiate between the header and the body of the mail, then a false alarm is generated.
Finally, there are many events happening in the course of the normal life of any system or network that can be mistaken for attacks. A lot of sysadmin activity can be catalogued as anomalous. Therefore, a clear correlation between attack data and administrative data should be established to cross-check that everything happening on a system is actually desired.
Normal patterns and user activities are usually confused with attacks by IDS devices, its expected that the 2nd generations IDS systems will decrease the percent of false positives.

NEW QUESTION # 53
The basic version of the Construction Cost Model (COCOMO), which
proposes quantitative, life-cycle relationships, performs what function?

• A. Estimates software development effort and cost as a function of the
  size of the software product in source instructions modified by
  manpower buildup and productivity factors
• B. Estimates software development effort based on user function
  categories
• C. Estimates software development effort and cost as a function of the
  size of the software product in source instructions
• D. Estimates software development effort and cost as a function of the
  size of the software product in source instructions modified by
  hardware and input functions

Answer: C

Explanation:
The Basic COCOMO Model (B.W. Boehm, Software Engineering
Economics, Prentice-Hall, Englewood Cliffs, New Jersey, 1981)
proposes the following equations:
The number of man-months (MM) required to develop the
most common type of software product, in terms of the number
of thousands of delivered source instructions (KDSI) in the
software product
MM = 2.4 (KDSI)1.05
The development schedule (TDEV) in months
TDEV = 2.5(MM)0.38
In addition, Boehm has developed an intermediate COCOMO
Model that also takes into account hardware constraints, personnel
quality, use of modern tools, and other attributes and their aggregate
impact on overall project costs. A detailed COCOMO Model, by
Boehm, accounts for the effects of the additional factors used in the
intermediate model on the costs of individual project phases.

NEW QUESTION # 54
Which of the following can BEST prevent security flaws occurring in outsourced software development?

• A. Certification of the quality and accuracy of the work done
• B. Contractual requirements for code quality
• C. Licensing, code ownership and intellectual property rights
• D. Delivery dates, change management control and budgetary control

Answer: A

NEW QUESTION # 55
......

CISSP Sample with Accurate & Updated Questions: https://www.examsreviews.com/CISSP-pass4sure-exam-review.html

CISSP Exam Info and Free Practice Test | ExamsReviews: https://drive.google.com/open?id=1_JDfUfKDl8Aj_ciekyKf90ULTAHpFFg-