New Year Special 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: Board70

ISC 2 Credentials CISSP Book

Page: 31 / 45
Question 124

Which of the following techniques evaluates the secure design principles of network OF software architectures?

Options:

A.

Risk modeling

B.

Threat modeling

C.

Fuzzing

D.

Waterfall method

Question 125

What type of access control determines the authorization to resource based on pre-defined job titles within an organization?

Options:

A.

Role-Based Access Control (RBAC)

B.

Role-based access control

C.

Non-discretionary access control

D.

Discretionary Access Control (DAC)

Question 126

An application is used for funds transfer between an organization and a third-party. During a security audit, an issue with the business continuity/disaster recovery policy and procedures for this application. Which of the following reports should the audit file with the organization?

Options:

A.

Service Organization Control (SOC) 1

B.

Statement on Auditing Standards (SAS) 70

C.

Service Organization Control (SOC) 2

D.

Statement on Auditing Standards (SAS) 70-1

Question 127

What is the PRIMARY objective for conducting an internal security audit?

Options:

A.

Verify that all systems and Standard Operating Procedures (SOP) are properly documented.

B.

Verify that all personnel supporting a system are knowledgeable of their responsibilities.

C.

Verify that security controls are established following best practices.

D.

Verify that applicable security controls are implemented and effective.

Page: 31 / 45
Exam Code: CISSP
Exam Name: Certified Information Systems Security Professional (CISSP)
Last Update: Dec 22, 2024
Questions: 1486
CISSP pdf

CISSP PDF

$119.7  $399
CISSP Engine

CISSP Testing Engine

$134.7  $449
CISSP PDF + Engine

CISSP PDF + Testing Engine

$179.7  $599