CISSP certified exam is a hot topic in the IT industry. SPOTO free update the ISC2 CISSP certified exam demos that cover all real exam answers and questions. We also provide various certified exam dumps. If you want to join us to learn, and you can contact us now!
Benefits of Choosing SPOTO CISSP Exam Dumps
The following is the Newest CISSP certified exam demos, and you can test your ability to learn:
Q1. A VPN can be established over which of the following?
A) Wireless LAN connection
B) Remote access dial-up connection
C) WAN link
D) All of these are correct
Answer: D
Explanation: A VPN link can be established over any other network communication connection. This could be a typical LAN cable connection, a wireless LAN connection, a remote access dialup connection, a WAN link, or even an Internet connection used by a client for access to the office LAN.
Q2. Which of the following is not an example of network segmentation?
A) Intranet
B) DMZ
C) Extranet
D) VPN
Answer: D
Explanation: A VPN is a secure tunnel used to establish connections across a potentially insecure intermediary network. Intranet, extranet and DMZ are examples of network segmentation.
Q3. Which of the following is a type of connection that can be described as a logical circuit that always exists and is waiting for the customer to send data?
A) ISDN
B) PVC
C) VPN
D) SVC
Answer: B
Explanation: A permanent virtual circuit (PVC) can be described as a logical circuit that always exists and is waiting for the customer to send data.
Q4. A significant benefit of security control is when it goes unnoticed by users. What is this called?
A) Invisibility
B) Transparency
C) Diversion
D) Hiding in plain sight
Answer: B
Explanation: When transparency is a characteristic of service, security control, or access mechanism it is unseen by users.
Q5. All of the following are needed for system accountability except for one. Which one is not needed?
A) Identification
B) Authentication
C) Auditing
D) Authorization
Answer: D
Explanation: Authorization is not needed for accountability. However, users must be identified and authenticated and their actions logged using some type of auditing to provide accountability.
Q6. Which of the following is true related to a subject?
A) A subject is always a user account.
B) The subject is always the entity that provides or hosts information or data.
C) The subject is always the entity that receives information about or data from the object.
D) A single entity can never change roles between subject and object.
Answer: B
Explanation: The subject is active and is always the entity that receives information about or data from the object. A subject can be a user, a program, a process, a file, a computer, a database, and so on. The object is always the entity that provides or hosts information or data. The roles of subject and object can switch while two entities communicate to accomplish a task.
Q7. A large table includes multiple subjects and objects. It identifies the specific access each subject has to different objects. What is this table called?
A) Access control list
B) Access control matrix
C) Federation
D) Creeping privilege
Answer: B
Explanation: An access control matrix includes multiple subjects and objects and lists subjects’ access to various objects. A single list of subjects for any specific object within an access control matrix is an access control list. A federation refers to a group of companies that share a federated identity management system for single sign-on. Creeping privileges refers to excessive privileges a subject gathers over time.
Q8. Which of the following is the best choice to support federated identity management systems?
A) Kerberos
B) Hypertext Markup Language (HTML)
C) Extensible Markup Language (XML)
D) Service Provisioning Markup Language (SPML)
Answer: D
Explanation: SPML is an XML-based framework used to exchange user information for single sign-on (SSO) between organizations within a federated identity management system. Kerberos supports SSO in a single organization, not a federation. HTML only describes how data is displayed. XML could be used, but it would require redefining tags already defined in SPML.
Q9. What would detect when a user has more privileges than necessary?
A) Account management
B) User entitlement audit
C) Logging
D) Reporting
Answer: B
Explanation: A user entitlement audit can detect when users have more privileges than necessary. Account management practices attempt to ensure that privileges are assigned correctly. The audit detects whether management practices are followed. Logging records activity, but the logs need to be reviewed to determine if practices are followed. Reporting is the result of an audit.
Q10. What type of attack uses email and attempts to trick high-level executives?
A) Phishing
B) Spear phishing
C) Whaling
D) Vishing
Answer: C
Explanation: Whaling is a form of phishing that targets high-level executives. Spear phishing targets a specific group of people but not necessarily high-level executives. Vishing is a form of phishing that commonly uses Voice over IP (VoIP).
Comments