ISC CISSP Exam | EnsurePass.com
ISC CISSP Certification Exam
Vendor: ISC Exam Code: CISSP Exam Name: Certified Information Systems Security Professional Version: 13.01 Q & As: 2137
Contact Us: support@ensurepass.com. Copyright © 2014 by EnsurePass.com. All rights reserved.
Why do you choose EnsurePass.com for your exam Preparation: 1. Real Exam Questions and Answers with PDF and VCE Files. 2. Free VCE Software 3. We do provide Personal Consulting Services. 4. Money Back Guarantee.
How to buy: CISSP Exam Questions & Answers http://www.ensurepass.com/CISSP.html
ISC CISSP Exam | EnsurePass.com
QUESTION 1 All of the following are basic components of a security policy EXCEPT the A. B. C. D.
definition of the issue and statement of relevant terms statement of roles and responsibilities statement of applicability and compliance requirements statement of performance of characteristics and requirements
Correct Answer: D
QUESTION 2 A security policy would include all of the following EXCEPT A. B. C. D.
Background Scope statement Audit requirements Enforcement
Correct Answer: B
QUESTION 3 Which one of the following is an important characteristic of an information security policy? A. B. C. D.
Identifies major functional areas of information. Quantifies the effect of the loss of the information. Requires the identification of information owners. Lists applications that support the business function.
Correct Answer: A
QUESTION 4 Ensuring the integrity of business information is the PRIMARY concern of A. B. C. D.
Encryption Security Procedural Security Logical Security On-line Security
Correct Answer: B
Contact Us: support@ensurepass.com. Copyright Š 2014 by EnsurePass.com. All rights reserved.
ISC CISSP Exam | EnsurePass.com
QUESTION 5 Which of the following would be the first step in establishing an information security program? A. B. C. D.
Adoption of a corporate information security policy statement. Development and implementation of an information security standards manual. Development of a security awareness-training program. Purchase of security access control software.
Correct Answer: A
QUESTION 6 Which of the following department managers would be best suited to oversee the development of an information security policy? A. B. C. D.
Information Systems Human Resources Business operations Security administration
Correct Answer: C
QUESTION 7 What is the function of a corporate information security policy? A. Issue corporate standard to be used when addressing specific security problems. B. Issue guidelines in selecting equipment, configuration, design, and secure operations. C. Define the specific assets to be protected and identify the specific tasks which must be completed to secure them. D. Define the main security objectives which must be achieved and the security framework to meet business objectives. Correct Answer: D
QUESTION 8 Why must senior management endorse a security policy? A. B. C. D.
So that they will accept ownership for security within the organization. So that employees will follow the policy directives. So that external bodies will recognize the organizations commitment to security. So that they can be held legally accountable.
Contact Us: support@ensurepass.com. Copyright Š 2014 by EnsurePass.com. All rights reserved.
ISC CISSP Exam | EnsurePass.com
Correct Answer: A
QUESTION 9 In which one of the following documents is the assignment of individual roles and responsibilities MOST appropriately defined? A. B. C. D.
Security policy Enforcement guidelines Acceptable use policy Program manual
Correct Answer: C
QUESTION 10 Which of the following defines the intent of a system security policy? A. A definition of the particular settings that have been determined to provide optimum security. B. A brief, high-level statement defining what is and is not permitted during the operation of the system. C. A definition of those items that must be excluded on the system. D. A listing of tools and applications that will be used to protect the system. Correct Answer: A
QUESTION 11 When developing an information security policy, what is the FIRST step that should be taken? A. B. C. D.
Obtain copies of mandatory regulations. Gain management approval. Seek acceptance from other departments. Ensure policy is compliant with current working practices.
Correct Answer: B
QUESTION 12 Which one of the following should NOT be contained within a computer policy? A. Definition of management expectations. B. Responsibilities of individuals and groups for protected information. Contact Us: support@ensurepass.com. Copyright Š 2014 by EnsurePass.com. All rights reserved.
ISC CISSP Exam | EnsurePass.com
C. Statement of senior executive support. D. Definition of legal and regulatory controls. Correct Answer: B
QUESTION 13 Which one of the following is NOT a fundamental component of a Regulatory Security Policy? A. B. C. D.
What is to be done? When it is to be done? Who is to do it? Why is it to be done?
Correct Answer: C
QUESTION 14 Which one of the following statements describes management controls that are instituted to implement a security policy? A. B. C. D.
They prevent users from accessing any control function. They eliminate the need for most auditing functions. They may be administrative, procedural, or technical. They are generally inexpensive to implement.
Correct Answer: C
QUESTION 15 Which must bear the primary responsibility for determining the level of protection needed for information systems resources? A. B. C. D.
IS security specialists Senior Management Seniors security analysts system auditors
Correct Answer: B
Contact Us: support@ensurepass.com. Copyright Š 2014 by EnsurePass.com. All rights reserved.
ISC CISSP Exam | EnsurePass.com
QUESTION 16 Which of the following choices is NOT part of a security policy? A. definition of overall steps of information security and the importance of security B. statement of management intend, supporting the goals and principles of information security C. definition of general and specific responsibilities for information security management D. description of specific technologies used in the field of information security Correct Answer: D
QUESTION 17 In an organization, an Information Technology security function should: A. B. C. D.
Be a function within the information systems functions of an organization. Report directly to a specialized business unit such as legal, corporate security or insurance. Be lead by a Chief Security Officer and report directly to the CEO. Be independent but report to the Information Systems function.
Correct Answer: C
QUESTION 18 Which of the following embodies all the detailed actions that personnel are required to follow? A. B. C. D.
Standards Guidelines Procedures Baselines
Correct Answer: C
QUESTION 19 A significant action has a state that enables actions on an ADP system to be traced to individuals who may then be held responsible. The action does NOT include: A. B. C. D.
Violations of security policy. Attempted violations of security policy. Non-violations of security policy. Attempted violations of allowed actions.
Correct Answer: C Contact Us: support@ensurepass.com. Copyright Š 2014 by EnsurePass.com. All rights reserved.
ISC CISSP Exam | EnsurePass.com
QUESTION 20 Network Security is a A. B. C. D.
Product protocols ever evolving process quick-fix solution
Correct Answer: C
QUESTION 21 Security is a process that is: A. B. C. D.
Continuous Indicative Examined Abnormal
Correct Answer: A
QUESTION 22 What are the three fundamental principles of security? A. B. C. D.
Accountability, confidentiality, and integrity. Confidentiality, integrity, and availability. Integrity, availability, and accountability. Availability, accountability, and confidentiality.
Correct Answer: B
QUESTION 23 Which of the following prevents, detects, and corrects errors so that the integrity, availability, and confidentiality of transactions over networks may be maintained? A. B. C. D.
Communications security management and techniques. Networks security management and techniques. Clients security management and techniques. Servers security management and techniques.
Correct Answer: A
Contact Us: support@ensurepass.com. Copyright Š 2014 by EnsurePass.com. All rights reserved.
ISC CISSP Exam | EnsurePass.com
QUESTION 24 Making sure that the data is accessible when and where it is needed is which of the following? A. B. C. D.
confidentiality integrity acceptability availability
Correct Answer: D
QUESTION 25 Which of the following describes elements that create reliability and stability in networks and systems and which assures that connectivity is accessible when needed? A. B. C. D.
Availability Acceptability Confidentiality Integrity
Correct Answer: A
QUESTION 26 Most computer attacks result in violation of which of the following security properties? A. B. C. D.
Availability Confidentiality Integrity and control All of the choices
Correct Answer: D
QUESTION 27 Which of the following are objectives of an information systems security program? A. B. C. D.
Threats, vulnerabilities, and risks. Security, information value, and threats. Integrity, confidentiality, and availability. Authenticity, vulnerabilities, and costs.
Correct Answer: C
Contact Us: support@ensurepass.com. Copyright Š 2014 by EnsurePass.com. All rights reserved.
ISC CISSP Exam | EnsurePass.com
QUESTION 28 An area of the Telecommunications and Network Security domain that directly affects the Information Systems Security tenet of Availability can be defined as: A. B. C. D.
Netware availability Network availability Network acceptability Network accountability
Correct Answer: B
QUESTION 29 The Structures, transmission methods, transport formats, and security measures that are used to provide integrity, availability, and authentication, and confidentiality for transmissions over private and public communications networks and media includes: A. B. C. D.
The Telecommunications and Network Security domain. The Telecommunications and Netware Security domain. The Technical communications and Network Security domain. The Telnet and Security domain.
Correct Answer: A
QUESTION 30 Which one of the following is the MOST crucial link in the computer security chain? A. B. C. D.
Access controls People Management Awareness programs
Correct Answer: C
QUESTION 31 The security planning process must define how security will be managed, who will be responsible, and A. B. C. D.
Who practices are reasonable and prudent for the enterprise? Who will work in the security department? What impact security will have on the intrinsic value of data? How security measures will be tested for effectiveness? Contact Us: support@ensurepass.com. Copyright Š 2014 by EnsurePass.com. All rights reserved.
ISC CISSP Exam | EnsurePass.com
Correct Answer: D
QUESTION 32 Information security is the protection of data. Information will be protected mainly based on: A. B. C. D.
Its sensitivity to the company. Its confidentiality. Its value. All of the choices.
Correct Answer: D
QUESTION 33 Organizations develop change control procedures to ensure that A. B. C. D.
All changes are authorized, tested, and recorded. Changes are controlled by the Policy Control Board (PCB). All changes are requested, scheduled, and completed on time. Management is advised of changes made to systems.
Correct Answer: A
QUESTION 34 Within the organizational environment, the security function should report to an organizational level that A. B. C. D.
Has information technology oversight. Has autonomy from other levels. Is an external operation. Provides the internal audit function.
Correct Answer: B
QUESTION 35 What is the MAIN purpose of a change control/management system? A. B. C. D.
Notify all interested parties of the completion of the change. Ensure that the change meets user specifications. Document the change for audit and management review. Ensure the orderly processing of a change request. Contact Us: support@ensurepass.com. Copyright Š 2014 by EnsurePass.com. All rights reserved.
ISC CISSP Exam | EnsurePass.com
Correct Answer: C
QUESTION 36 Which of the following is most relevant to determining the maximum effective cost of access control? A. B. C. D.
the value of information that is protected management’s perceptions regarding data importance budget planning related to base versus incremental spending the cost to replace lost data
Correct Answer: A
QUESTION 37 Which one of the following is the MAIN goal of a security awareness program when addressing senior management? A. B. C. D.
Provide a vehicle for communicating security procedures. Provide a clear understanding of potential risk and exposure. Provide a forum for disclosing exposure and risk analysis. Provide a forum to communicate user responsibilities.
Correct Answer: B
QUESTION 38 In developing a security awareness program, it is MOST important to A. B. C. D.
Understand the corporate culture and how it will affect security. Understand employees preferences for information security. Know what security awareness products are available. Identify weakness in line management support.
Correct Answer: A
QUESTION 39 Which of the following would be best suited to provide information during a review of the controls over the process of defining IT service levels? A. Systems programmer B. Legal stuff Contact Us: support@ensurepass.com. Copyright Š 2014 by EnsurePass.com. All rights reserved.
EnsurePass.com Members Features: 1. 2. 3. 4. 5.
Verified Answers researched by industry experts. Q&As are downloadable in PDF and VCE format. 98% success Guarantee and Money Back Guarantee. Free updates for 180 Days. Instant Access to download the Items
View list of All Exam provided: http://www.ensurepass.com/certfications?index=A To purchase Lifetime Full Access Membership click here: http://www.ensurepass.com/user/register
Valid Discount Code 20% OFF for 2019: MMJ4-IGD8-X3QW To purchase the HOT Exams: Vendors Cisco Cisco Cisco Cisco Cisco Cisco Cisco Cisco Cisco Cisco CompTIA CompTIA CompTIA CompTIA CompTIA CompTIA CompTIA CompTIA CompTIA CompTIA CompTIA Microsoft Microsoft Microsoft Microsoft Microsoft Microsoft Microsoft Microsoft ISC
Hot Exams 100-105 200-105 200-125 200-310 200-355 300-101 300-115 300-135 300-320 400-101 220-1001 220-1002 220-901 220-902 CAS-003 LX0-103 LX0-104 N10-007 PK0-004 SK0-004 SY0-501 70-410 70-411 70-412 70-740 70-741 70-742 70-761 70-762 CISSP
Download http://www.ensurepass.com/100-105.html http://www.ensurepass.com/200-105.html http://www.ensurepass.com/200-125.html http://www.ensurepass.com/200-310.html http://www.ensurepass.com/200-355.html http://www.ensurepass.com/300-101.html http://www.ensurepass.com/300-115.html http://www.ensurepass.com/300-135.html http://www.ensurepass.com/300-320.html http://www.ensurepass.com/400-101.html http://www.ensurepass.com/220-1001.html http://www.ensurepass.com/220-1002.html http://www.ensurepass.com/220-901.html http://www.ensurepass.com/220-902.html http://www.ensurepass.com/CAS-003.html http://www.ensurepass.com/LX0-103.html http://www.ensurepass.com/LX0-104.html http://www.ensurepass.com/N10-007.html http://www.ensurepass.com/PK0-004.html http://www.ensurepass.com/SK0-004.html http://www.ensurepass.com/SY0-501.html http://www.ensurepass.com/70-410.html http://www.ensurepass.com/70-411.html http://www.ensurepass.com/70-412.html http://www.ensurepass.com/70-740.html http://www.ensurepass.com/70-741.html http://www.ensurepass.com/70-742.html http://www.ensurepass.com/70-761.html http://www.ensurepass.com/70-762.html http://www.ensurepass.com/CISSP.html
Cisco Exam Dumps CCDA
CCIE Security
200-310
300-101
300-701
400-251
CCDE
CCIE Service Provider
352-001
300-501 400-201
CCDP
CCIE Wireless
300-115
300-320
400-351
CCENT
CCNA
100-105
200-301
CCIE Collaboration
CCNA Cloud
300-801
400-051
CCIE Data Center 300-601
400-151
CCIE Enterprise Infrastructure 300-401
CCIE Enterprise Wireless 300-401
210-451
210-455
CCNA Collaboration 210-060
210-065
CCNA Cyber Ops 210-250
210-255
CCNA Data Center 200-150
200-155
CCIE Routing and Switching
CCNA Industrial
400-101
200-601
CCNA Routing & Switching 100-105
200-105
CCNP Routing & Switching 300-101 300-115
200-125
300-135
CCNA Security
CCT Data Center
210-260
010-151
CCNA Service Provider
CCT Routing & Switching
640-875
640-878
640-692
CCNA Wireless
Cisco Certified DevNet Associate
200-355
200-901
CCNP Cloud
Cisco Network Programmability Design and
300-460
300-465
Implementation Specialist
300-470
300-475
300-550
CCNP Collaboration
CCNP Enterprise
300-070 300-075
300-080
300-401
300-410
300-415
300-085 300-801
300-810
300-420
300-425
300-430
300-815 300-820
300-835
CCNP Data Center
300-435
CCNP Security
300-160 300-165
300-170
300-206
300-208
300-209
300-175 300-180
300-601
300-210
300-701
300-710
300-610 300-615
300-620
300-715
300-720
300-725
300-625
300-635
300-730 300-735
CCNP Service Provider 300-501 300-510
300-515
642-883 642-885
642-887
642-889
300-535
CCNP Wireless 300-360
300-365
300-370
300-375
Cisco Certified DevNet Professional 300-435 300-535
300-635
300-735 300-835
300-901
300-910 300-915
300-920
Cisco Certified DevNet Specialist 300-435 300-535
300-635
300-735
300-835
300-901
300-910 300-915
300-920
Cisco Network Programmability Developer Specialist 300-560
Role-based Exams Dumps Azure Security Engineer Associate
Microsoft 365 Certified Fundamentals
AZ-500
MS-900
Dynamics 365 Fundamentals
Messaging Administrator Associate
MB-900
Dynamics 365 for Marketing Functional Consultant Associate MB-200
MS-200
MS-201
MS-202
Modern Desktop Administrator Associate MD-100
MD-101
MB-220
Dynamics 365 for Field Ser vice Functional
Security Administrator Associate
Consultant Associate
MS-500
MB-200
MB-240
Dynamics 365 for Finance and Operations, Financials Functional Consultant Associate MB-300
Teamwork Administrator Associate MS-300
MS-301
MS-302
MB-310
Dynamics 365 for Finance and Operations,
Azure Administrator Associate
Manufacturing Functional Consultant
AZ-103
Associate MB-300
MB-320
Dynamics 365 for Finance and Operations,
Azure AI Engineer Associate
Supply Chain Management Functional
AI-100
Consultant Associate MB-300
MB-330
Azure Data Engineer Associate DP-200
DP-201
Azure Data Scientist Associate DP-100
Microsoft Certified Azure Fundamentals AZ-900
Azure Solutions Architect Expert AZ-300
AZ-301
Azure Developer Associate
Dynamics 365 for Customer Ser vice
AZ-203
Functional Consultant Associate MB-200
MB-230
Azure DevOps Engineer Expert
Dynamics 365 for Sales Functional Consultant
AZ-400
Associate MB-200
MB-210
MCSA Exams Dumps
BI Reporting
SQL Ser ver 2012/2014
70-778
70-461
70-779
70-462 70-463
Microsoft Dynamics 365 for Operations
Universal Windows Platform
70-764
70-483
70-765
70-357
MB6-894
SQL 2016 BI Development
Web Applications
70-767
70-480
70-768
70-483 70-486
SQL 2016 Database Administration
Windows Ser ver 2012
70-764
70-410
70-765
70-411 70-412
SQL 2016 Database Development
Windows Ser ver 2016
70-761
70-740
70-762
70-741 70-742
MCSE Exams Dumps
Business Applications
Data Management and Analytics
MB2-716
70-464
MB2-718
70-465
MB2-719
70-466
MB6-895
70-467
MB6-896
70-762
MB6-897
70-767
MB6-898
70-768 70-777
Core Infrastructure
MCSE Productivity Solutions Expert
70-744
70-345
70-745
70-339
70-413
70-333
70-414
70-334
70-537
MCSD Exams Dumps
70-357
70-486
70-487
MTA Exams Dumps
Exam 98-349
Exam 98-369
Exam 98-361
Exam 98-375
Exam 98-364
Exam 98-380
Exam 98-365
Exam 98-381
Exam 98-366
Exam 98-382
Exam 98-367
Exam 98-383
Exam 98-368
Exam 98-388
CompTIA Exam Dumps CompTIA A+ 2019
220-1001
CompTIA A+ 2019
220-1002
CompTIA A+ 2019
220-901
CompTIA A+ 2019
220-902
CompTIA Advanced Security Practitioner
CAS-003
CompTIA Cloud Essentials
CLO-001
CompTIA Cloud Essentials
CLO-002
CompTIA CySA+
CS0-001
CompTIA Cloud+
CV0-002
CompTIA IT Fundamentals
FC0-U51
CompTIA IT Fundamentals
FC0-U61
CompTIA Linux+
LX0-103
CompTIA Linux+
LX0-104
CompTIA Network+
N10-007
CompTIA Project+
PK0-004
CompTIA PenTest+
PT0-001
CompTIA Security+
SY0-501
CompTIA CTT+
TK0-201
CompTIA CTT+
TK0-202
CompTIA CTT+
TK0-203
CompTIA Linux+
XK0-004
