Vivid of CISSP braindumps materials and item pool for ISC2 certification for customers, Real Success Guaranteed with Updated CISSP pdf dumps vce Materials. 100% PASS Certified Information Systems Security Professional (CISSP) exam Today!

2017 Mar CISSP practice exam

Q211. Which of the following statements is TRUE regarding value boundary analysis as a functional software testing technique? 

A. It is useful for testing communications protocols and graphical user interfaces. 

B. It is characterized by the stateless behavior of a process implemented in a function. 

C. Test inputs are obtained from the derived threshold of the given functional specifications. 

D. An entire partition can be covered by considering only one representative value from that partition. 


Q212. Which of the following is the BEST solution to provide redundancy for telecommunications links? 

A. Provide multiple links from the same telecommunications vendor. 

B. Ensure that the telecommunications links connect to the network in one location. 

C. Ensure.that the telecommunications links connect to the network in multiple locations. 

D. Provide multiple links from multiple telecommunications vendors. 



A software security engineer is developing a black box-based test plan that will measure the system's reaction to incorrect or illegal inputs or unexpected operational errors and situations. Match the functional testing techniques on the left with the correct input parameters on.the right. 


Q214. When in the Software Development Life Cycle (SDLC) MUST software security functional requirements be defined? 

A. After the system preliminary design has been developed and.the data security categorization has been performed 

B. After the business functional analysis and the data security categorization have been performed 

C. After the vulnerability analysis has been performed and before the system detailed design begins 

D. After the system preliminary design has been developed and security categorization begins 


Q215. Which of the following disaster recovery test plans will be MOST effective while providing minimal risk? 

A. Read-through 

B. Parallel 

C. Full interruption 

D. Simulation 


Renewal CISSP latest exam:

Q216. Who is ultimately responsible to ensure that information assets are categorized and adequate measures are taken to protect them? 

A. Data Custodian 

B. Executive Management 

C. Chief Information Security Officer 

D. Data/Information/Business Owners 


Q217. the information below to answer the question. 

In a Multilevel Security (MLS) system, the following sensitivity labels are used in increasing levels of sensitivity: restricted, confidential, secret, top secret. Table A lists the clearance levels for four users, while Table B lists the security classes of four different files. 

In a Bell-LaPadula system, which user cannot write to File 3? 

A. User A 

B. User B 

C. User C 

D. User D 


Q218. Which of the following is the BEST mitigation from phishing attacks? 

A. Network activity monitoring 

B. Security awareness training 

C. Corporate policy and procedures 

D. Strong file and directory permissions 



Drag the following Security Engineering terms on the left to the BEST definition on the right. 


Q220. What is the MOST critical factor to achieve the goals of a security program? 

A. Capabilities of security resources 

B. Executive management support 

C. Effectiveness of security management 

D. Budget approved for security resources