Free Access to ISC.CISSP.v2024-01-19.q999 with Valid Practice Test (Page 181)

Request Exam Contact

Home
View All Exams
New QA's
Upload

PRACTICE EXAMS:

Oracle
Fortinet
Juniper
Microsoft
Cisco
Citrix
CompTIA
VMware
ISC
SAP
EMC
PMI
HP
Salesforce
Other

Oracle
Fortinet
Juniper
Microsoft
Cisco
Citrix
CompTIA
VMware
ISC
SAP
EMC
PMI
HP
Salesforce

Home
ISC Certification
CISSP Exam
ISC.CISSP.v2024-01-19.q999 Dumps

««
«
…
176
177
178
179
180
181
182
183
184
185
…
»
»»

Question 896

Pin, Password, Passphrases, Tokens, smart cards, and biometric devices are all items that can be used for Authentication. When one of these item listed above in conjunction with a second factor to validate authentication, it provides robust authentication of the individual by practicing which of the following?

A.Multi-party authentication
B.Two-factor authentication
C.Mandatory authentication
D.Discretionary authentication

Correct Answer: B

Once an identity is established it must be authenticated. There exist numerous
technologies and implementation of authentication methods however they almost all fall under
three major areas.
There are three fundamental types of authentication:
Authentication by knowledge-something a person knows
Authentication by possession-something a person has
Authentication by characteristic-something a person is
Logical controls related to these types are called "factors."
Something you know can be a password or PIN, something you have can be a token fob or smart
card, and something you are is usually some form of biometrics.
Single-factor authentication is the employment of one of these factors, two-factor authentication is
using two of the three factors, and three-factor authentication is the combination of all three
factors.
The general term for the use of more than one factor during authentication is multifactor
authentication or strong authentication.
Reference(s) used for this question:
Hernandez CISSP, Steven (2012-12-21). Official (ISC)2 Guide to the CISSP CBK, Third Edition
((ISC)2 Press) (Kindle Locations 2367-2379). Auerbach Publications. Kindle Edition.

Comment: *

Name: *

Email: *

Verification: *

insert code

Question 897

Which of the following is used to monitor network traffic or to monitor host audit logs in real time to determine violations of system security policy that have taken place?

A.Intrusion Detection System
B.Compliance Validation System
C.Intrusion Management System (IMS)
D.Compliance Monitoring System

Correct Answer: A

An Intrusion Detection System (IDS) is a system that is used to monitor network traffic or to monitor host audit logs in order to determine if any violations of an organization's system security policy have taken place.
Source: KRUTZ, Ronald L. & VINES, Russel D., The CISSP Prep Guide: Mastering the Ten Domains of Computer Security, 2001, John Wiley & Sons, Page 48

Comment: *

Name: *

Email: *

Verification: *

insert code

Question 898

Common Criteria has assurance level from EAL 1 to EAL 7 regarding the depth of design and testing. Which of following assure the Target of Evaluation (or TOE) is methodically designed, tested and reviewed?

A.EAL 3
B.EAL 4
C.EAL 5
D.EAL 6

Correct Answer: B

EAL 1 : functionally tested EAL 2 : structurally tested EAL 3 : methodically tested and checked EAL 4 : methodically designed, tested and reviewed EAL 5 : semifomally designed and tested
EAL 6 : semifomally verified design and tested
EAL 7 : fomally verified design and tested.
Source: Common Criteria Version 2.1, Part 2 page 53 through 67.
Additional source:
HARRIS, Shon, All-In-One CISSP Certification Exam Guide, 3rd Edition, McGraw-Hill/Osborne,
2005, page 312.

Comment: *

Name: *

Email: *

Verification: *

insert code

Question 899

Which of the following types of business continuity tests includes assessment of resilience to internal and external risks without endangering live operations?

A.Walkthrough
B.Simulation
C.Parallel
D.White box

Correct Answer: B

Explanation/Reference:
Reference: https://assets.publishing.service.gov.uk/government/uploads/system/uploads/attachment_data/ file/61029/Chapter-6-Business-Continuity-Management_amends_04042012.pdf

Comment: *

Name: *

Email: *

Verification: *

insert code

Question 900

During an investigation of database theft from an organization's web site, it was determined that the Structured Query Language (SQL) injection technique was used despite input validation with client-side scripting. Which of the following provides the GREATEST protection against the same attack occurring again?

A.Encrypt communications between the servers
B.Filter outgoing traffic at the perimeter firewall
C.Implement server-side filtering
D.Encrypt the web server traffic

Correct Answer: C

Comment: *

Name: *

Email: *

Verification: *

insert code

««
«
…
176
177
178
179
180
181
182
183
184
185
…
»
»»

[×]

Download PDF File

Enter your email address to download ISC.CISSP.v2024-01-19.q999 Dumps

Email:

Our website provides the Largest and the most Latest vendors Certification Exam materials around the world.

Using dumps we provide to Pass the Exam, we has the Valid Dumps with passing guranteed just which you need.

DMCA
About
Contact Us
Privacy Policy
Terms & Conditions

©2026 FreeQAs

www.freeqas.com materials do not contain actual questions and answers from Cisco's certification exams.

Web Analytics Made Easy - Statcounter