CISSP Study guides, Class notes & Summaries

1. Angela is an information security architect at a bank and has been assigned to ensure that transactions are secure as they traverse the network. She recommends that all transactions use TLS. What threat is she most likely attempting to stop, and what method is she using to protect against it? A. Man-in-the-middle, VPN B. Packet injection, encryption C. Sniffing, encryption D. Sniffing, TEMPEST - Answer- C. Encryption is often used to protect traffic like bank transactions from sniffing....

CISSP Official ISC2 practice tests (All domains) questions with correct answers

CISSP Exam Questions & Answers 2023/2024 CIA Triangle - ANSWER-Cornerstone of infosec. Confidentiality, Integrity, Availability Confidentiality (CIA Triangle) - ANSWER-prevention of unauthorized disclosure of information; prevention of unauthorized read access to data Integrity (CIA Triangle) - ANSWER-prevention of unauthorized modification of data; prevention of unauthorized write access to data Availability (CIA Triangle) - ANSWER-ensures data is available when needed to authoriz...

CISSP - Exam Practice/Study Questions What is the most effective defense against cross-site scripting attacks? a) Limiting account privileges b)User Authentication c) Input validation d)encryption c) Input validation prevents cross-site scripting attacks by limiting user input to a predefined range. This prevents the attacker from including the HTML ˂SCRIPT˃ tag in the input. What phase of the Electronic Discovery Reference Model puts evidence in a format that may be shared with o...

ISC^2 CISSP Practice Tests 3e - Chapter 1 questions with correct answers

Policy - ANSWER A high-level document that dictates management intentions toward security. Trademark - ANSWER A symbol, word, name, sound or thing that identifies the origin of a product or service in a particular trade. Patent - ANSWER Documents a process or synthesis and grants the owner a legally enforceable right to exclude others from using it Copyright - ANSWER A legal device that provides creator the right to control how the work is used. For Life plus 70 years Data Mining - A...

CISSP PRACTICE TESTS Chapter 1▪Security & Risk Management (Domain 1) QUESTIONS WITH CORRECT ANSWERS!!

Official (ISC)² CISSP - Domain 1: Security and Risk Management - my study guide questions with correct answers

CISSP 2020 SYBEX TEST PREP 475 QUESTIONS AND ANSWERS 2023 COMPLETE

Identification (Ans- Is the process by which a subject professes an identity and accountability is initiated. Authentication (Ans- The process of verifying or testing that the claimed identify is valid is authentication. Authorization (Ans- The process of authorization ensures that the requested activity or access to an object is possible given the rights and privileges assigned to the authenticated. Auditing (Ans- Auditing, or monitoring, is the programmatic means by which a subject's actio...