ISC CISSP Certified Information Systems Security Professional Online Training
ISC CISSP Online Training
The questions for CISSP were last updated at May 12,2025.
- Exam Code: CISSP
- Exam Name: Certified Information Systems Security Professional
- Certification Provider: ISC
- Latest update: May 12,2025
By allowing storage communications to run on top of Transmission Control Protocol/Internet Protocol (TCP/IP) with a Storage Area Network (SAN), the
- A . confidentiality of the traffic is protected.
- B . opportunity to sniff network traffic exists.
- C . opportunity for device identity spoofing is eliminated.
- D . storage devices are protected against availability attacks.
Why must all users be positively identified prior to using multi-user computers?
- A . To provide access to system privileges
- B . To provide access to the operating system
- C . To ensure that unauthorized persons cannot access the computers
- D . To ensure that management knows what users are currently logged on
A system has been scanned for vulnerabilities and has been found to contain a number of communication ports that have been opened without authority. To which of the following might this system have been subjected?
- A . Trojan horse
- B . Denial of Service (DoS)
- C . Spoofing
- D . Man-in-the-Middle (MITM)
The Structured Query Language (SQL) implements Discretionary Access Controls (DAC) using
- A . INSERT and DELETE.
- B . GRANT and REVOKE.
- C . PUBLIC and PRIVATE.
- D . ROLLBACK and TERMINATE.
Alternate encoding such as hexadecimal representations is MOST often observed in which of the following forms of attack?
- A . Smurf
- B . Rootkit exploit
- C . Denial of Service (DoS)
- D . Cross site scripting (XSS)
An Intrusion Detection System (IDS) is generating alarms that a user account has over 100 failed login attempts per minute. A sniffer is placed on the network, and a variety of passwords for that user are noted .
Which of the following is MOST likely occurring?
- A . A dictionary attack
- B . A Denial of Service (DoS) attack
- C . A spoofing attack
- D . A backdoor installation
Which of the following methods protects Personally Identifiable Information (PII) by use of a full replacement of the data element?
- A . Transparent Database Encryption (TDE)
- B . Column level database encryption
- C . Volume encryption
- D . Data tokenization
In a basic SYN flood attack, what is the attacker attempting to achieve?
- A . Exceed the threshold limit of the connection queue for a given service
- B . Set the threshold to zero for a given service
- C . Cause the buffer to overflow, allowing root access
- D . Flush the register stack, allowing hijacking of the root account
The birthday attack is MOST effective against which one of the following cipher technologies?
- A . Chaining block encryption
- B . Asymmetric cryptography
- C . Cryptographic hash
- D . Streaming cryptography
Which one of the following security mechanisms provides the BEST way to restrict the execution of privileged procedures?
- A . Role Based Access Control (RBAC)
- B . Biometric access control
- C . Federated Identity Management (IdM)
- D . Application hardening
Latest CISSP Dumps Valid Version with 981 Q&As
Latest And Valid Q&A | Instant Download | Once Fail, Full Refund
