New Year Special 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: Board70

Pass CISSP Exam Guide

Page: 15 / 45
Question 60

Refer to the information below to answer the question.

A large organization uses unique identifiers and requires them at the start of every system session. Application access is based on job classification. The organization is subject to periodic independent reviews of access controls and violations. The organization uses wired and wireless networks and remote access. The organization also uses secure connections to branch offices and secure backup and recovery strategies for selected information and processes.

Which of the following BEST describes the access control methodology used?

Options:

A.

Least privilege

B.

Lattice Based Access Control (LBAC)

C.

Role Based Access Control (RBAC)

D.

Lightweight Directory Access Control (LDAP)

Question 61

Which of the following BEST mitigates a replay attack against a system using identity federation and Security Assertion Markup Language (SAML) implementation?

Options:

A.

Two-factor authentication

B.

Digital certificates and hardware tokens

C.

Timed sessions and Secure Socket Layer (SSL)

D.

Passwords with alpha-numeric and special characters

Question 62

Which of the following provides the MOST protection against data theft of sensitive information when a laptop is stolen?

Options:

A.

Set up a BIOS and operating system password

B.

Encrypt the virtual drive where confidential files can be stored

C.

Implement a mandatory policy in which sensitive data cannot be stored on laptops, but only on the corporate network

D.

Encrypt the entire disk and delete contents after a set number of failed access attempts

Question 63

Refer to the information below to answer the question.

An organization experiencing a negative financial impact is forced to reduce budgets and the number of Information Technology (IT) operations staff performing basic logical access security administration functions. Security processes have been tightly integrated into normal IT operations and are not separate and distinct roles.

Which of the following will indicate where the IT budget is BEST allocated during this time?

Options:

A.

Policies

B.

Frameworks

C.

Metrics

D.

Guidelines

Page: 15 / 45
Exam Code: CISSP
Exam Name: Certified Information Systems Security Professional (CISSP)
Last Update: Dec 22, 2024
Questions: 1486
CISSP pdf

CISSP PDF

$119.7  $399
CISSP Engine

CISSP Testing Engine

$134.7  $449
CISSP PDF + Engine

CISSP PDF + Testing Engine

$179.7  $599