CISSPPreview

Which part of an operating system (OS) is responsible for providing security interfaces among the hardware, OS, and other parts of the computing system?

The security architect is designing and implementing an internal certification authority to generate digital certificates for all employees. Which of the following is the
BEST solution to securely store the private keys?

Which of the following is the BEST way to protect an organization's data assets?

In a quarterly system access review, an active privileged account was discovered that did not exist in the prior review on the production system. The account was created one hour after the previous access review. Which of the following is the BEST option to reduce overall risk in addition to quarterly access reviews?

When reviewing vendor certifications for handling and processing of company data, which of the following is the BEST Service Organization Controls (SOC) certification for the vendor to possess?

What process facilitates the balance of operational and economic costs of protective measures with gains in mission capability?

When auditing the Software Development Life Cycle (SDLC) which of the following is one of the high-level audit phases?

Which of the following does the security design process ensure within the System Development Life Cycle (SDLC)?

A subscription service which provides power, climate control, raised flooring, and telephone wiring but NOT the computer and peripheral equipment is BEST described as a:

What is the BEST approach to anonymizing personally identifiable information (PII) in a test environment?

An organization has implemented a protection strategy to secure the network from unauthorized external access. The new Chief Information Security Officer
(CISO) wants to increase security by better protecting the network from unauthorized internal access. Which Network Access Control (NAC) capability BEST meets this objective?

Which of the following threats would be MOST likely mitigated by monitoring assets containing open source libraries for vulnerabilities?

Which of the following ensures old log data is not overwritten?

Which of the following virtual network configuration options is BEST to protect virtual machines (VM)?

An organization has been collecting a large amount of redundant and unusable data and filling up the storage area network (SAN). Management has requested the identification of a solution that will address ongoing storage problems. Which is the BEST technical solution?

Which of the following is included in change management?

When designing a new Voice over Internet Protocol (VoIP) network, an organization's top concern is preventing unauthorized users accessing the VoIP network.
Which of the following will BEST help secure the VoIP network?

Which of the following is the PRIMARY type of cryptography required to support non-repudiation of a digitally signed document?

An organization would like to ensure that all new users have a predefined departmental access template applied upon creation. The organization would also like additional access for users to be granted on a per-project basis. What type of user access administration is BEST suited to meet the organization's needs?

What is the PRIMARY consideration when testing industrial control systems (ICS) for security weaknesses?

A Simple Power Analysis (SPA) attack against a device directly observes which of the following?

Which security audit standard provides the BEST way for an organization to understand a vendor's Information Systems (IS) in relation to confidentiality, integrity, and availability?

An organization is looking to include mobile devices in its asset management system for better tracking. In which system tier of the reference architecture would mobile devices be tracked?

A criminal organization is planning an attack on a government network. Which of the following scenarios presents the HIGHEST risk to the organization?