- Home
- ISC
- Certified Information Systems Security Professional (CISSP)
- ISC.CISSP.v2021-09-21.q353
- Question 77
Valid CISSP Dumps shared by EduDump.com for Helping Passing CISSP Exam! EduDump.com now offer the newest CISSP exam dumps, the EduDump.com CISSP exam questions have been updated and answers have been corrected get the newest EduDump.com CISSP dumps with Test Engine here:
Access CISSP Dumps Premium Version
(1533 Q&As Dumps, 35%OFF Special Discount Code: freecram)
<< Prev Question Next Question >>
Question 77/353
What is the PRIMARY goal for using Domain Name System Security Extensions (DNSSEC) to sign records?
Correct Answer: C
- Question List (353q)
- Question 1: Which of the following is an essential element of a privileg...
- Question 2: Refer to the information below to answer the question. In a ...
- Question 3: At a MINIMUM, a formal review of any Disaster Recovery Plan ...
- Question 4: Limiting the processor, memory, and Input/output (I/O) capab...
- Question 5: While impersonating an Information Security Officer (ISO), a...
- Question 6: Refer to the information below to answer the question. An or...
- Question 7: When would an organization review a Business Continuity Mana...
- Question 8: Which of the following is the PRIMARY reason for employing p...
- Question 9: Which of the following is the MOST important action regardin...
- Question 10: What should be the FIRST action for a security administrator...
- Question 11: What is the MAIN feature that onion routing networks offer?...
- Question 12: Who determines the required level of independence for securi...
- Question 13: A chemical plan wants to upgrade the Industrial Control Syst...
- Question 14: Which of the following roles has the obligation to ensure th...
- Question 15: What is the BEST approach for maintaining ethics when a secu...
- Question 16: Which of the following was developed to support multiple pro...
- Question 17: Drag the following Security Engineering terms on the left to...
- Question 18: Which of the following entails identification of data end li...
- Question 19: In the area of disaster planning and recovery, what strategy...
- Question 20: Which of the following is the PRIMARY concern when using an ...
- Question 21: As one component of a physical security system, an Electroni...
- Question 22: The PRIMARY security concern for handheld devices is the...
- Question 23: Transport Layer Security (TLS) provides which of the followi...
- Question 24: Information security metrics provide the GREATEST value tp m...
- Question 25: Which of the following is the MOST difficult to enforce when...
- Question 26: An organization has discovered that users are visiting unaut...
- Question 27: The core component of Role Based Access control (RBAC) must ...
- Question 28: In Business Continuity Planning (BCP), what is the importanc...
- Question 29: A Business Continuity Plan (BCP) is based on...
- Question 30: When conducting a security assessment of access controls , W...
- Question 31: Which of the following management process allows ONLY those ...
- Question 32: In a large company, a system administrator needs to assign u...
- Question 33: Which of the following BEST describes Recovery Time Objectiv...
- Question 34: A security professional has been asked to evaluate the optio...
- Question 35: Even though a particular digital watermark is difficult to d...
- Question 36: Which is the second phase of public key Infrastructure (pk1)...
- Question 37: An organization operates a legacy Industrial Control System ...
- Question 38: Who must approve modifications to an organization's producti...
- Question 39: A Denial of Service (DoS) attack on a syslog server exploits...
- Question 40: The core component of Role Based Access Control (RBAC) must ...
- Question 41: To protect auditable information, which of the following MUS...
- Question 42: Reciprocal backup site agreements are considered to be...
- Question 43: What is the BEST way to correlate large volumes of disparate...
- Question 44: Which of the following is the PRIMARY reason a sniffer opera...
- Question 45: Which one of the following is a common risk with network con...
- Question 46: Configuring a Wireless Access Point (WAP) with the same Serv...
- Question 47: Including a Trusted Platform Module (TPM) in the design of a...
- Question 48: Proven application security principles include which of the ...
- Question 49: What is the MAIN reason for testing a Disaster Recovery Plan...
- Question 50: When evaluating third-party applications, which of the follo...
- Question 51: A criminal organization is planning an attack on a governmen...
- Question 52: After acquiring the latest security updates, what must be do...
- Question 53: Which of the following features is MOST effective in mitigat...
- Question 54: Which of the following steps should be performed FIRST when ...
- Question 55: Which of the following could elicit a Denial of Service (DoS...
- Question 56: Which of the following is a critical factor for implementing...
- Question 57: What balance MUST be considered when web application develop...
- Question 58: Why are packet filtering routers used in low-risk environmen...
- Question 59: Which of the following violates identity and access manageme...
- Question 60: What is the MOST critical factor to achieve the goals of a s...
- Question 61: Between which pair of Open System Interconnection (OSI) Refe...
- Question 62: Refer to the information below to answer the question. Deskt...
- Question 63: How does identity as a service (IDaaS) provide an easy mecha...
- Question 64: Which of the following is the BEST way to determine if a par...
- Question 65: Contingency plan exercises are intended to do which of the f...
- Question 66: Which of the following disaster recovery test plans will be ...
- Question 67: An organization has decided to contract with a cloud-based s...
- Question 68: Which of the following secures web transactions at the Trans...
- Question 69: An Information Technology (IT) professional attends a cybers...
- Question 70: Place in order, from BEST (1) to WORST (4), the following me...
- Question 71: Which technique can be used to make an encryption scheme mor...
- Question 72: Multi-Factor Authentication (MFA) is necessary in many syste...
- Question 73: Which of the following is an authentication protocol in whic...
- Question 74: Which of the following is a benefit in implementing an enter...
- Question 75: Which of the following is an effective method for avoiding m...
- Question 76: The implementation of which features of an identity manageme...
- Question 77: What is the PRIMARY goal for using Domain Name System Securi...
- Question 78: The BEST method to mitigate the risk of a dictionary attack ...
- Question 79: Which of the following is a strategy of grouping requirement...
- Question 80: Which of the following analyses is performed to protect info...
- Question 81: Which of the following techniques is MOST useful when dealin...
- Question 82: The use of proximity card to gain access to a building is an...
- Question 83: Who would be the BEST person to approve an organizations inf...
- Question 84: When designing a vulnerability test, which one of the follow...
- Question 85: How can a security engineer maintain network separation from...
- Question 86: Which of the following initiates the systems recovery phase ...
- Question 87: Which of the following is used to support the concept of def...
- Question 88: Which of the following is true of Service Organization Contr...
- Question 89: Which of the following will help identify the source interne...
- Question 90: Which of the following will accomplish Multi-Factor Authenti...
- Question 91: As a security manger which of the following is the MOST effe...
- Question 92: Which of the following is the BEST network defense against u...
- Question 93: Assessing a third party's risk by counting bugs in the code ...
- Question 94: Which of the following is the PRIMARY issue when collecting ...
- Question 95: Which of the following is a network intrusion detection tech...
- Question 96: Recovery strategies of a Disaster Recovery planning (DRIP) M...
- Question 97: Which of the following is the weakest form of protection for...
- Question 98: When using third-party software developers, which of the fol...
- Question 99: During an audit of system management, auditors find that the...
- Question 100: Refer to the information below to answer the question. An or...
- Question 101: Which of the following statements is TRUE regarding state-ba...
- Question 102: Which media sanitization methods should be used for data wit...
- Question 103: Which of the following MUST a security professional do in or...
- Question 104: Which of the following is needed to securely distribute symm...
- Question 105: The three PRIMARY requirements for a penetration test are...
- Question 106: A company receives an email threat informing of an Imminent ...
- Question 107: Which of the following BEST represents the concept of least ...
- Question 108: Which of the following is the MAIN reason that system re-cer...
- Question 109: Functional security testing is MOST critical during which ph...
- Question 110: When implementing controls in a heterogeneous end-point netw...
- Question 111: Which of the following in the BEST way to reduce the impact ...
- Question 112: The adoption of an enterprise-wide Business Continuity (BC) ...
- Question 113: Which of the following is the primary advantage of segmentin...
- Question 114: "Stateful" differs from "Static" packet filtering firewalls ...
- Question 115: Which of the following MOST influences the design of the org...
- Question 116: Which of the following is considered the last line defense i...
- Question 117: Which of the following methods MOST efficiently manages user...
- Question 118: Which of the following is the MOST important consideration w...
- Question 119: Which of the following MUST system and database administrato...
- Question 120: Which of the following is a characteristic of the initializa...
- Question 121: A software security engineer is developing a black box-based...
- Question 122: Which of the following media is LEAST problematic with data ...
- Question 123: Which of the following value comparisons MOST accurately ref...
- Question 124: An international medical organization with headquarters in t...
- Question 125: Which of the following authorization standards is built to h...
- Question 126: Discretionary Access Control (DAC) is based on which of the ...
- Question 127: What is one way to mitigate the risk of security flaws in cu...
- Question 128: In a change-controlled environment, which of the following i...
- Question 129: Which of the following BEST provides for non-repudiation od ...
- Question 130: At a MINIMUM, audits of permissions to individual or group a...
- Question 131: What would be the PRIMARY concern when designing and coordin...
- Question 132: A database administrator is asked by a high-ranking member o...
- Question 133: In a High Availability (HA) environment, what is the PRIMARY...
- Question 134: Internet Protocol (IP) source address spoofing is used to de...
- Question 135: During an investigation of database theft from an organizati...
- Question 136: By allowing storage communications to run on top of Transmis...
- Question 137: Attack trees are MOST useful for which of the following?...
- Question 138: In Disaster Recovery (DR) and Business Continuity (DC) train...
- Question 139: The 802.1x standard provides a framework for what?...
- Question 140: Which factors MUST be considered when classifying informatio...
- Question 141: Which of the following MOST applies to session initiation pr...
- Question 142: How should the retention period for an organization's social...
- Question 143: Which of the following is the MOST important reason for time...
- Question 144: A practice that permits the owner of a data object to grant ...
- Question 145: An organization lacks a data retention policy. Of the follow...
- Question 146: Individuals have been identified and determined as having a ...
- Question 147: Which of the following is the BEST method to reduce the effe...
- Question 148: Which of the following is the MOST crucial for a successful ...
- Question 149: The goal of software assurance in application development is...
- Question 150: What testing technique enables the designer to develop mitig...
- Question 151: All of the following items should be included in a Business ...
- Question 152: When constructing an Information Protection Policy (IPP), it...
- Question 153: Which one of the following describes granularity?...
- Question 154: Which of the following is the PRIMARY benefit of implementin...
- Question 155: Which of the following is the PRIMARY benefit of a formalize...
- Question 156: Which of the following is an advantage of on-premise Credent...
- Question 157: Which of the following is a MAJOR concern when there is a ne...
- Question 158: Who is responsible for the protection of information when it...
- Question 159: Which of the following types of business continuity tests in...
- Question 160: Which of the following presents the PRIMARY concern to an or...
- Question 161: Which of the following is the BEST metric to obtain when gai...
- Question 162: In a financial institution, who has the responsibility for a...
- Question 163: Which of the following is considered a secure coding practic...
- Question 164: From a cryptographic perspective, the service of non-repudia...
- Question 165: Which of the following is the BEST way to mitigate circumven...
- Question 166: Which one of the following is a threat related to the use of...
- Question 167: When conducting a security assessment of access controls, wh...
- Question 168: Which of the following is the MOST likely cause of a non-mal...
- Question 169: Of the following, which BEST provides non-repudiation with r...
- Question 170: Which one of the following security mechanisms provides the ...
- Question 171: An organization's information security strategic plan MUST b...
- Question 172: Functional security testing is MOST critical during which ph...
- Question 173: Which of the following BEST describes the standard used to e...
- Question 174: Which of the following is used to detect steganography?...
- Question 175: Which of the following is a document that identifies each it...
- Question 176: Which one of the following is a fundamental objective in han...
- Question 177: According to the Capability Maturity Model Integration (CMMI...
- Question 178: Which Web Services Security (WS-Security) specification main...
- Question 179: Refer to the information below to answer the question. A lar...
- Question 180: Which of the following approaches is the MOST effective way ...
- Question 181: Which of the following is the BEST approach to take in order...
- Question 182: Which security approach will BEST minimize Personally Identi...
- Question 183: Which of the following is a PRIMARY advantage of using a thi...
- Question 184: How can a forensic specialist exclude from examination a lar...
- Question 185: It is MOST important to perform which of the following to mi...
- Question 186: Unused space in a disk cluster is important in media analysi...
- Question 187: Which Identity and Access Management (IAM) process can be us...
- Question 188: A security architect is responsible for the protection of a ...
- Question 189: Which of the following statements is TRUE for point-to-point...
- Question 190: When can a security program be considered effective?...
- Question 191: Which of the following will help prevent improper session ha...
- Question 192: A security practitioner has been tasked with establishing or...
- Question 193: Which of the following is TRUE regarding equivalence class t...
- Question 194: Which layer of the Open Systems Interconnections (OSI) model...
- Question 195: A financial company has decided to move its main business ap...
- Question 196: Continuity of operations is BEST supported by which of the f...
- Question 197: The threat modeling identifies a man-in-the-middle (MITM) ex...
- Question 198: Which of the following is a recommended alternative to an in...
- Question 199: Which of the following is the MOST important security goal w...
- Question 200: Which of the following would BEST support effective testing ...
- Question 201: Which of the following phases involves researching a target'...
- Question 202: Application of which of the following Institute of Electrica...
- Question 203: Which of the following command line tools can be used in the...
- Question 204: Which of the following MUST be scalable to address security ...
- Question 205: An important principle of defense in depth is that achieving...
- Question 206: In a Transmission Control Protocol/Internet Protocol (TCP/IP...
- Question 207: Which of the following media is least problematic with data ...
- Question 208: Which of the following is the BEST method to prevent malware...
- Question 209: What is the PRIMARY goal of fault tolerance?...
- Question 210: Refer to the information below to answer the question. In a ...
- Question 211: copyright provides protection for which of the following?...
- Question 212: In general, servers that are facing the Internet should be p...
- Question 213: Which one of the following data integrity models assumes a l...
- Question 214: Why is lexical obfuscation in software development discourag...
- Question 215: Which of the following is the PRIMARY issue when analyzing d...
- Question 216: When transmitting information over public networks, the deci...
- Question 217: Which would result in the GREATEST import following a breach...
- Question 218: A global organization wants to implement hardware tokens as ...
- Question 219: What is the BEST approach for controlling access to highly s...
- Question 220: What should be used immediately after a Business Continuity ...
- Question 221: Determining outage costs caused by a disaster can BEST be me...
- Question 222: The Hardware Abstraction Layer (HAL) is implemented in the...
- Question 223: Place the following information classification steps in sequ...
- Question 224: Which of the following is a common feature of an Identity as...
- Question 225: Which layer of the Open systems Interconnection (OSI) model ...
- Question 226: Which of the following is the MAIN goal of a data retention ...
- Question 227: When selecting a disk encryption technology, which of the fo...
- Question 228: Which type of control recognizes that a transaction amount i...
- Question 229: What is the BEST location in a network to place Virtual Priv...
- Question 230: Who is accountable for the information within an Information...
- Question 231: Which of the following restricts the ability of an individua...
- Question 232: When developing solutions for mobile devices, in which phase...
- Question 233: Which of the following are important criteria when designing...
- Question 234: Which of the following is a remote access protocol that uses...
- Question 235: Which of the following is a characteristic of convert securi...
- Question 236: What are the roles within a scrum methodoligy?...
- Question 237: Without proper signal protection, embedded systems may be pr...
- Question 238: What does electronic vaulting accomplish?...
- Question 239: Which of the following BEST describes the responsibilities o...
- Question 240: Which of the following is the BEST way to verify the integri...
- Question 241: Copyright provides protection for which of the following?...
- Question 242: Which inherent password weakness does a One Time Password (O...
- Question 243: Which of the following is mobile device remote fingerprintin...
- Question 244: Assume that a computer was powered off when an information s...
- Question 245: In order to assure authenticity, which of the following are ...
- Question 246: Which of the following is a common measure within a Local Ar...
- Question 247: An organization's data policy MUST include a data retention ...
- Question 248: Individual access to a network is BEST determined based on...
- Question 249: Which of the following is MOST important when assigning owne...
- Question 250: When determining who can accept the risk associated with a v...
- Question 251: After following the processes defined within the change mana...
- Question 252: A Simple Power Analysis (SPA) attack against a device direct...
- Question 253: Additional padding may be added to the Encapsulating securit...
- Question 254: An organization is required to comply with the Payment Card ...
- Question 255: Which of the following trust services principles refers to t...
- Question 256: Which of the following is the MOST important activity an org...
- Question 257: Which of the following protocols would allow an organization...
- Question 258: A security professional has been requested by the Board of D...
- Question 259: An organization allows ping traffic into and out of their ne...
- Question 260: Which of the following are core categories of malicious atta...
- Question 261: An organization adopts a new firewall hardening standard. Ho...
- Question 262: When designing a networked Information System (IS) where the...
- Question 263: An engineer in a software company has created a virus creati...
- Question 264: Refer to the information below to answer the question. An or...
- Question 265: Users require access rights that allow them to view the aver...
- Question 266: When implementing a data classification program, why is it i...
- Question 267: Which of the following BEST mitigates a replay attack agains...
- Question 268: An external attacker has compromised an organization's netwo...
- Question 269: Logical access control programs are MOST effective when they...
- Question 270: Which of the following types of technologies would be the MO...
- Question 271: Which of the following command line tools can be used in the...
- Question 272: Identify the component that MOST likely lacks digital accoun...
- Question 273: A large corporation is locking for a solution to automate ac...
- Question 274: Which one of the following is an advantage of an effective r...
- Question 275: What is the MOST significant benefit of an application upgra...
- Question 276: What is the PRIMARY purpose for an organization to conduct a...
- Question 277: A mobile device application that restricts the storage of us...
- Question 278: A security professional determines that a number of outsourc...
- Question 279: A system is developed so that its business users can perform...
- Question 280: A development operations team would like to start building n...
- Question 281: The PRIMARY outcome of a certification process is that it pr...
- Question 282: Which one of the following would cause an immediate review a...
- Question 283: An organization has hired a security services firm to conduc...
- Question 284: Which of the following MUST be done when promoting a securit...
- Question 285: A software scanner identifies a region within a binary image...
- Question 286: Which of the following is the MOST important activity an org...
- Question 287: What is the MAIN goal of information security awareness and ...
- Question 288: While investigating a malicious event, only six days of audi...
- Question 289: For an organization considering two-factor authentication fo...
- Question 290: Which of the following is ensured when hashing files during ...
- Question 291: Which of the following is the PRIMARY security concern assoc...
- Question 292: By carefully aligning the pins in the lock, which of the fol...
- Question 293: Match the name of access control model with its associated r...
- Question 294: Which of the following MUST be considered when developing bu...
- Question 295: Which of the following is the BEST solution to provide redun...
- Question 296: What is the most effective form of media sanitization to ens...
- Question 297: What Is the FIRST step for a digital investigator to perform...
- Question 298: What is the GREATEST challenge of an agent-based patch manag...
- Question 299: Which of the following access management procedures would mi...
- Question 300: Alternate encoding such as hexadecimal representations is MO...
- Question 301: Which of the following four iterative steps are conducted on...
- Question 302: Which one of the following operates at the session, transpor...
- Question 303: Which of the following is BEST suited for exchanging authent...
- Question 304: According to best practice, which of the following is requir...
- Question 305: Which of the following is the MOST secure protocol for remot...
- Question 306: Once the types of information have been identified, who shou...
- Question 307: Which of the following secure startup mechanisms are PRIMARI...
- Question 308: Which of the following MUST be in place to recognize a syste...
- Question 309: What is the MOST efficient way to secure a production progra...
- Question 310: In which identity management process is the subject's identi...
- Question 311: Which one of the following can be used to detect an anomaly ...
- Question 312: The use of private and public encryption keys is fundamental...
- Question 313: If a content management system (CMC) is implemented, which o...
- Question 314: Which of the following is the MOST common method of memory p...
- Question 315: Which of the following job functions MUST be separated to ma...
- Question 316: Which layer handle packet fragmentation and reassembly in th...
- Question 317: Although code using a specific program language may not be s...
- Question 318: Which of the following has the GREATEST impact on an organiz...
- Question 319: Which of the following access control models is MOST restric...
- Question 320: Match the functional roles in an external audit to their res...
- Question 321: What MUST each information owner do when a system contains d...
- Question 322: Which of the following is a reason to use manual patch insta...
- Question 323: Which of the following is a characteristic of a challenge/re...
- Question 324: An audit of an application reveals that the current configur...
- Question 325: An organization's security policy delegates to the data owne...
- Question 326: Which of the following wraps the decryption key of a full di...
- Question 327: What capability would typically be included in a commerciall...
- Question 328: A security professional is assessing the risk in an applicat...
- Question 329: What does a Synchronous (SYN) flood attack do?...
- Question 330: Which of the following attributes could be used to describe ...
- Question 331: The MAIN reason an organization conducts a security authoriz...
- Question 332: Refer to the information below to answer the question. Durin...
- Question 333: Which of the following is a characteristic of the independen...
- Question 334: Which of the following techniques BEST prevents buffer overf...
- Question 335: Which of the following elements MUST a compliant EU-US Safe ...
- Question 336: Which area of embedded devices are most commonly attacked?...
- Question 337: A security architect plans to reference a Mandatory Access C...
- Question 338: Which one of the following effectively obscures network addr...
- Question 339: What does the term "100-year floodplain" mean to emergency p...
- Question 340: In configuration management, what baseline configuration inf...
- Question 341: Which of the following is a PRIMARY challenge when running a...
- Question 342: Which of the following models uses unique groups contained i...
- Question 343: Which of the following is the MOST important consideration t...
- Question 344: Disaster Recovery Plan (DRP) training material should be...
- Question 345: A risk assessment report recommends upgrading all perimeter ...
- Question 346: Match the access control type to the example of the control ...
- Question 347: Which of the following BEST describes an access control meth...
- Question 348: Which of the following management processes allots ONLY thos...
- Question 349: Which of the following is a method of attacking internet pro...
- Question 350: Which of the following steps should be conducted during the ...
- Question 351: What is the MOST important element when considering the effe...
- Question 352: The MAIN task of promoting security for Personal Computers (...
- Question 353: A business has implemented Payment Card Industry Data Securi...
