CISSP PRACTICE QUESTIONS – 20210707

Effective CISSP Questions

As a security professional, you are promoting security awareness, helping HR staff review recruiting processes, and implementing Intrusion detection systems to respond to security incidents and biometric-based access control. Which of the following best describes what you are doing? (Wentz QOTD)
A. Defense-in-depth
B. Complete mediation
C. Top-down security strategy
D. Risk-based access control

Continue reading

CISSP PRACTICE QUESTIONS – 20210705

Effective CISSP Questions

As a software developer, you are signing the code using a certificate to protect it from being tampered with and authenticate your identity to users. Which of the following is the best implementation?
A. Hash the code and encrypt the result using your private key
B. Digest the code using your public key as the digital signature
C. Encrypt the fingerprint of the code using your public key
D. Encrypt the code and its fingerprint using your private key

Continue reading

CISSP PRACTICE QUESTIONS – 20210702

Effective CISSP Questions

As an information system owner, you are responsible for the overall procurement, development, integration, modification, operation, and maintenance of the information system. Which of the following is the first document you should develop to gain the authorization to operate for the information system? (Wentz QOTD)
A. Authorization package.
B. Security and privacy plans.
C. Plans of action and milestones.
D. Security and privacy assessment reports.

Continue reading