SPOTO free update the ISC2 CISSP certified exam demos that cover real exam answers and questions. We have helped millions of candidates pass their exam in the first try. SPOTO is a leader in training courses.
SPOTO provides various certified exam dumps, and we have strong tutors teams. If you want to take your CISSP exam, SPOTO is the best choice.
Advantages of SPOTO CISSP Exam Dumps
Q1. All of the following are needed for system accountability except for one. Which one is not needed?
Explanation: Authorization is not needed for accountability. However, users must be identified and authenticated and their actions logged using some type of auditing to provide accountability.
Q2. Which of the following is true related to a subject?
A) A subject is always a user account.
B) The subject is always the entity that provides or hosts information or data.
C) The subject is always the entity that receives information about or data from the object.
D) A single entity can never change roles between subject and object.
Explanation: The subject is active and is always the entity that receives information about or data from the object. A subject can be a user, a program, a process, a file, a computer, a database, and so on. The object is always the entity that provides or hosts information or data. The roles of subject and object can switch while two entities communicate to accomplish a task.
Q3. A large table includes multiple subjects and objects. It identifies the specific access each subject has to different objects. What is this table called?
A) Access control list
B) Access control matrix
D) Creeping privilege
Explanation: An access control matrix includes multiple subjects and objects and lists subjects’ access to various objects. A single list of subjects for any specific object within an access control matrix is an access control list. A federation refers to a group of companies that share a federated identity management system for single sign-on. Creeping privileges refers to excessive privileges a subject gathers over time.
Q4. Which of the following is the best choice to support federated identity management systems?
B) Hypertext Markup Language (HTML)
C) Extensible Markup Language (XML)
D) Service Provisioning Markup Language (SPML)
Explanation: SPML is an XML-based framework used to exchange user information for single sign-on (SSO) between organizations within a federated identity management system. Kerberos supports SSO in a single organization, not a federation. HTML only describes how data is displayed. XML could be used, but it would require redefining tags already defined in SPML.
Q5. Which of the following authentication, authorization, and accounting (AAA) protocols is based on RADIUS and supports Mobile IP and Voice over IP?
A) Distributed access control
Explanation: Diameter is based on RADIUS and it supports Mobile IP and Voice over IP. Distributed access control systems such as a federated identity management system are not a specific protocol, and they don’t necessarily provide authentication, authorization, and accounting. TACACS and TACACS+ are AAA protocols, but they are alternatives to RADIUS, not based on RADIUS.
Q6. What would detect when a user has more privileges than necessary?
A) Account management
B) User entitlement audit
Explanation: A user entitlement audit can detect when users have more privileges than necessary. Account management practices attempt to ensure that privileges are assigned correctly. The audit detects whether management practices are followed. Logging records activity, but the logs need to be reviewed to determine if practices are followed. Reporting is the result of an audit.
Q7. What type of attack uses email and attempts to trick high-level executives?
B) Spear phishing
Explanation: Whaling is a form of phishing that targets high-level executives. Spear phishing targets a specific group of people but not necessarily high-level executives. Vishing is a form of phishing that commonly uses Voice over IP (VoIP).
Q8. Which of the following types of access control uses fences, security policies, security awareness training, and antivirus software to stop an unwanted or unauthorized activity from occurring?
Explanation: A preventive access control is deployed to stop an unwanted or unauthorized activity from occurring. Detective controls discover the activity after it has occurred, and corrective controls attempt to reverse any problems caused by the activity. Access controls are not categorized as authoritative.
Q9. Which of the following is considered a primary goal of access control?
A) Preserve the confidentiality, integrity, and availability of systems.
B) Ensure that only valid objects can authenticate on a system.
C) Prevent unauthorized access to subjects.
D) Ensure that all subjects are authenticated.
Explanation: Access control mechanisms help to prevent losses, including any loss of confidentiality, loss of availability, or loss of integrity. Subjects authenticate on a system and objects are accessed. The first step in access control is the identification and authentication of subjects, but access control also includes authorization and accountability.
Q10. Which of the following is an example of a Type 2 authentication factor?
A) “Something you have,” such as a smart card, ATM card, token device, and memory card
B) “Something you are,” such as fingerprints, voice print, retina pattern, iris pattern, face shape, palm topology, and hand geometry
C) “Something you do,” such as typing a passphrase or signing your name
D) “Something you know,” such as a password, personal identification number (PIN), lock combination, passphrase, mother’s maiden name, and favorite color
“Something you have,” such as a smart card, ATM card, token device, and memory card
A Type 2 authentication factor is “something you have,” including a smart card, token device, or memory card. Type 3 authentication is “something you are,” and some behavioral biometrics include “something you do.” Type 1 authentication is “something you know.”
Note: if you want to get more exam demos, and you can enquire about us. we have 100% real exam answers and questions and guarantee you can pass the exam in the first try!