CISSP exam

Which of the following is a PRIMARY advantage of using a third-party identity service?A . Consolidation of multiple providersB . Directory synchronizationC . Web based logonD . Automated account managementView AnswerAnswer: D

The configuration management and control task of the certification and accreditation process is incorporated in which phase of the System Development Life Cycle (SDLC)?A . System acquisition and developmentB . System operations and maintenanceC . System initiationD . System implementationView AnswerAnswer: A Explanation: Reference https://online.concordia.edu/computer-science/system-development-life-cycle-phases/

Single Sign-on (SSO) is characterized by which of the following advantages?A .  ConvenienceB .  Convenience and centralized administrationC .  Convenience and centralized data administrationD .  Convenience and centralized network administrationView AnswerAnswer: B Explanation: Convenience -Using single sign-on users have to type their passwords only once when they first log in...

What principle requires that for particular sets of transactions, no single individual be allowed to execute all transactions within the set?A . Use of rightsB . Balance of powerC . Separation of dutiesD . Fair useView AnswerAnswer: C

An important principle of defense in depth is that achieving information security requires a balanced focus on which PRIMARY elements?A . Development, testing, and deploymentB . Prevention, detection, and remediationC . People, technology, and operationsD . Certification, accreditation, and monitoringView AnswerAnswer: C Explanation: Reference: https://www.giac.org/paper/gsec/3873/information-warfare-cyber-warfare-future­warfare/106165 (14)

FOR THIS QUESTION, REFER TO THE FOLLOWING INFORMATION Converged networks supporting both data and Voice over Internet Protocol (VoIP), by their nature, provide a single channel to attack both the data and the voice components. Which of the following is the BEST mechanism to secure the voice component?A . Filter...

Which of the following represents the GREATEST risk to data confidentiality?A . Network redundancies are not implementedB . Security awareness training is not completedC . Backup tapes are generated unencryptedD . Users have administrative privilegesView AnswerAnswer: C

Which trusted facility management concept implies that two operators must review and approve the work of each other?A . Two-man controlB . Dual controlC . Double controlD . Segregation controlView AnswerAnswer: A

Controlling access to information systems and associated networks is necessary for the preservation of their:A .  Authenticity, confidentiality and availabilityB .  Confidentiality, integrity, and availability.C .  integrity and availability.D .  authenticity,confidentiality, integrity and availability.View AnswerAnswer: B Explanation: Controlling access to information systems and associated networks is necessary for the preservation...

A manufacturing organization wants to establish a Federated Identity Management (FIM) system with its 20 different supplier companies. Which of the following is the BEST solution for the manufacturing organization?A . Trusted third-party certificationB . Lightweight Directory Access Protocol (LDAP)C . Security Assertion Markup language (SAML)D . Cross-certificationView AnswerAnswer: C...