Free Sharing Of Lead2pass Updated ISC CISSP VCE And PDF Dumps

Get a complete hold on CISSP exam syllabus through Lead2pass training and boost up your skills. No need to hassle if you are stuck in exam difficulties, Lead2pass will assist you right through exam specific preparation material which are updated regularly.

Vendor: ISC
Exam Code: CISSP
Exam Name: Certified Information Systems Security Professional
Version: DEMO
QUESTION 1
The type of discretionary access control (DAC) that is based on an individual’s identity is also called:

A.    Identity-based Access control
B.    Rule-based Access control
C.    Non-Discretionary Access Control
D.    Lattice-based Access control

Answer: A

QUESTION 2
Which access control type has a central authority that determine to what objects the subjects have access to and it is based on role or on the organizational security policy?

A.    Mandatory Access Control
B.    Discretionary Access Control
C.    Non-Discretionary Access Control
D.    Rule-based Access control

Answer: C

QUESTION 3
Which of the following control pairings include: organizational policies and procedures, pre- employment background checks, strict hiring practices, employment agreements, employee termination procedures, vacation scheduling, labeling of sensitive materials, increased supervision, security awareness training, behavior awareness, and sign-up procedures to obtain access to information systems and networks?

A.    Preventive/Administrative Pairing
B.    Preventive/Technical Pairing
C.    Preventive/Physical Pairing
D.    Detective/Administrative Pairing

Answer: A

QUESTION 4
External consistency ensures that the data stored in the database is:

A.    in-consistent with the real world.
B.    remains consistant when sent from one system to another.
C.    consistent with the logical world.
D.    consistent with the real world.

Answer: D
Explanation:
External consistency ensures that the data stored in the database is consistent with the real world.

QUESTION 5
A central authority determines what subjects can have access to certain objects based on the organizational security policy is called:

A.    Mandatory Access Control
B.    Discretionary Access Control
C.    Non-Discretionary Access Control
D.    Rule-based Access control

Answer: C

QUESTION 6
What is called the act of a user professing an identity to a system, usually in the form of a log-on ID?

A.    Authentication
B.    Identification
C.    Authorization
D.    Confidentiality

Answer: B

QUESTION 7
Which one of the following factors is NOT one on which Authentication is based?

A.    Type 1 Something you know, such as a PIN or password
B.    Type 2 Something you have, such as an ATM card or smart card
C.    Type 3 Something you are (based upon one or more intrinsic physical or behavioral traits), such as a fingerprint or retina scan
D.    Type 4 Something you are, such as a system administrator or security administrator

Answer: D

QUESTION 8
A central authority determines what subjects can have access to certain objects based on the organizational security policy is called:

A.    Mandatory Access Control
B.    Discretionary Access Control
C.    Non-Discretionary Access Control
D.    Rule-based Access control

Answer: C

QUESTION 9
What is called the act of a user professing an identity to a system, usually in the form of a log-on ID?

A.    Authentication
B.    Identification
C.    Authorization
D.    Confidentiality

Answer: B

QUESTION 10
What is called the verification that the user’s claimed identity is valid and is usually implemented through a user password at log-on time?

A.    Authentication
B.    Identification
C.    Integrity
D.    Confidentiality

Answer: A

QUESTION 11
Which one of the following factors is NOT one on which Authentication is based?

A.    Type 1 Something you know, such as a PIN or password
B.    Type 2 Something you have, such as an ATM card or smart card
C.    Type 3 Something you are (based upon one or more intrinsic physical or behavioral traits), such as a fingerprint or retina scan
D.    Type 4 Something you are, such as a system administrator or security administrator

Answer: D

QUESTION 12
The act of requiring two of the three factors to be used in the authentication process refers to:

A.    Two-Factor Authentication
B.    One-Factor Authentication
C.    Bi-Factor Authentication
D.    Double Authentication

Answer: A

QUESTION 13
Which type of password provides maximum security because a new password is required for each new log-on?

A.    One-time or dynamic password
B.    Congnitive password
C.    Static password
D.    Passphrase

Answer: A

QUESTION 14
What is called a password that is the same for each log-on session?

A.    “one-time password”
B.    “two-time password”
C.    static password
D.    dynamic password

Answer: C

QUESTION 15
What is called a sequence of characters that is usually longer than the allotted number for a password?

A.    passphrase
B.    cognitive phrase
C.    anticipated phrase
D.    Real phrase

Answer: A

QUESTION 16
Which best describes a tool (i.e. keyfob, calculator, memory card or smart card) used to supply dynamic passwords?

A.    Tickets
B.    Tokens
C.    Token passing networks
D.    Coupons

Answer: B

QUESTION 17
Which of the following would be true about Static password tokens?

A.    The owner identity is authenticated by the token
B.    The owner will never be authenticated by the token.
C.    The owner will authenticate himself to the system.
D.    The token does not authenticates the token owner but the system.

Answer: A

QUESTION 18
In Synchronous dynamic password tokens:

A.    The token generates a new password value at fixed time intervals (this password could be based on the time of day encrypted with a secret key).
B.    The token generates a new non-unique password value at fixed time intervals (this password could be based on the time of day encrypted with a secret key).
C.    The unique password is not entered into a system or workstation along with an owner’s PIN.
D.    The authentication entity in a system or workstation knows an owner’s secret key and PIN, and the entity verifies that the entered password is invalid and that it was entered during the invalid time window.

Answer: B

If you want to get more CISSP exam preparation material,you can download the free demos in PDF files on Lead2pass.It would be great help for you exam.Wish you pass the exam successfully.

www.lead2pass.com/CISSP.html