Free Access to ISC.SSCP.v2022-07-27.q281 with Valid Practice Test (Page 36)

Request Exam Contact

Home
View All Exams
New QA's
Upload

PRACTICE EXAMS:

Oracle
Fortinet
Juniper
Microsoft
Cisco
Citrix
CompTIA
VMware
ISC
SAP
EMC
PMI
HP
Salesforce
Other

Oracle
Fortinet
Juniper
Microsoft
Cisco
Citrix
CompTIA
VMware
ISC
SAP
EMC
PMI
HP
Salesforce

Home
ISC Certification
SSCP Exam
ISC.SSCP.v2022-07-27.q281 Dumps

««
«
…
31
32
33
34
35
36
37
38
39
40
…
»
»»

Question 171

What can best be described as an abstract machine which must mediate all access to subjects to objects?

A.A security domain
B.The reference monitor
C.The security kernel
D.The security perimeter

Correct Answer: B

Section: Security Operation Adimnistration
Explanation/Reference:
The reference monitor is an abstract machine which must mediate all access to subjects to objects, be protected from modification, be verifiable as correct, and is always invoked. The security kernel is the hardware, firmware and software elements of a trusted computing base that implement the reference monitor concept. The security perimeter includes the security kernel as well as other security-related system functions that are within the boundary of the trusted computing base. System elements that are outside of the security perimeter need not be trusted. A security domain is a domain of trust that shares a single security policy and single management.
Source: TIPTON, Hal, (ISC)2, Introduction to the CISSP Exam presentation.

Comment: *

Name: *

Email: *

Verification: *

insert code

Question 172

Which type of control is concerned with avoiding occurrences of risks?

A.Deterrent controls
B.Detective controls
C.Preventive controls
D.Compensating controls

Correct Answer: C

Section: Access Control
Explanation/Reference:
Preventive controls are concerned with avoiding occurrences of risks while deterrent controls are concerned with discouraging violations. Detecting controls identify occurrences and compensating controls are alternative controls, used to compensate weaknesses in other controls. Supervision is an example of compensating control.
Source: TIPTON, Hal, (ISC)2, Introduction to the CISSP Exam presentation.

Comment: *

Name: *

Email: *

Verification: *

insert code

Question 173

What physical characteristic does a retinal scan biometric device measure?

A.The amount of light reaching the retina
B.The amount of light reflected by the retina
C.The pattern of light receptors at the back of the eye
D.The pattern of blood vessels at the back of the eye

Correct Answer: D

Section: Access Control
Explanation/Reference:
The retina, a thin nerve (1/50th of an inch) on the back of the eye, is the part of the eye which senses light and transmits impulses through the optic nerve to the brain - the equivalent of film in a camera. Blood vessels used for biometric identification are located along the neural retina, the outermost of retina's four cell layers.
The following answers are incorrect:
The amount of light reaching the retina The amount of light reaching the retina is not used in the biometric scan of the retina.
The amount of light reflected by the retina The amount of light reflected by the retina is not used in the biometric scan of the retina.
The pattern of light receptors at the back of the eye This is a distractor The following reference(s) were/was used to create this question:
Reference: Retina Scan Technology.
ISC2 Official Guide to the CBK, 2007 (Page 161)

Comment: *

Name: *

Email: *

Verification: *

insert code

Question 174

What is the goal of the Maintenance phase in a common development process of a security policy?

A.to review the document on the specified review date
B.publication within the organization
C.to write a proposal to management that states the objectives of the policy
D.to present the document to an approving body

Correct Answer: A

Explanation/Reference:
"publication within the organization" is the goal of the Publication Phase "write a proposal to management that states the objectives of the policy" is part of Initial and Evaluation Phase "Present the document to an approving body" is part of Approval Phase.
Reference: TIPTON, Harold F. & KRAUSE, MICKI, Information Security Management Handbook, 4th Edition, Volume 3, 2002, Auerbach Publications.
Also: KRUTZ, Ronald L. & VINES, Russel D., The CISSP Prep Guide: Mastering the Ten Domains of Computer Security, John Wiley & Sons, 2001, Chapter 8: Business Continuity Planning and Disaster Recovery Planning (page 286).

Comment: *

Name: *

Email: *

Verification: *

insert code

Question 175

Who is responsible for initiating corrective measures and capabilities used when there are security violations?

A.Information systems auditor
B.Security administrator
C.Management
D.Data owners

Correct Answer: C

Management is responsible for protecting all assets that are directly or
indirectly under their control.
They must ensure that employees understand their obligations to protect the company's
assets, and implement security in accordance with the company policy. Finally,
management is responsible for initiating corrective actions when there are security
violations.
Source: HARE, Chris, Security management Practices CISSP Open Study Guide, version
1.0, april 1999.

Comment: *

Name: *

Email: *

Verification: *

insert code

««
«
…
31
32
33
34
35
36
37
38
39
40
…
»
»»

[×]

Download PDF File

Enter your email address to download ISC.SSCP.v2022-07-27.q281 Dumps

Email:

Our website provides the Largest and the most Latest vendors Certification Exam materials around the world.

Using dumps we provide to Pass the Exam, we has the Valid Dumps with passing guranteed just which you need.

DMCA
About
Contact Us
Privacy Policy
Terms & Conditions

©2026 FreeQAs

www.freeqas.com materials do not contain actual questions and answers from Cisco's certification exams.

Web Analytics Made Easy - Statcounter