You are evaluating security controls to enforce wireless security. Which of the following is least effective? (Wentz QOTD)
A. Add white noise
B. Diminish near-end crosstalk (NEXT)
C. Enable 802.1X to authenticate connection requests
D. Implement a fine metallic mesh that covers the workspace
Monthly Archives: October 2021
CISSP PRACTICE QUESTIONS – 20211030
As a security professional, you are responsible for protecting information assets. Which of the following should be conducted first to enforce information security? (Wentz QOTD)
A. Assess risk against assets
B. Classify assets based on business values
C. Assign asset owners
D. Select controls to protect assets
CISSP PRACTICE QUESTIONS – 20211029
System functions and related data structures are typically isolated into well-defined logical units. Which of the following allows the relationships of these units to be better understood, so that dependencies are clear and undesired complexity can be avoided.? (Wentz QOTD)
A. Layering
B. Modularity
C. Abstraction
D. Encapsulation
CISSP PRACTICE QUESTIONS – 20211028
You are developing a distributed software system. Which of the following is least likely a constituent system element? (Wentz QOTD)
A. Application programming interface (API)
B. Software development kit (SDK)
C. Interface description language (IDL)
D. Dependent processes using static libraries
CISSP PRACTICE QUESTIONS – 20211027
It’s commonly agreed that 2015 is the year of threat intelligence sharing. The ecosystem of specifications and standards for threat intelligence sharing is getting mature. Which of the following classifies threat intelligence that might be shared and controls the scope of sharing? (Wentz QOTD)
A. Traffic Light Protocol (TLP)
B. Trusted Automated eXchange of Indicator Information (TAXII)
C. Structured Threat Information eXpression (STIX)
D. Security Content Automation Protocol (SCAP)
CISSP PRACTICE QUESTIONS – 20211026
You are implementing an authorization mechanism based on the state machine model to prevent privilege propagation and control information flow for confidentiality. Which of the following is the best mechanism to meet the security requirements? (Wentz QOTD)
A. Identity-based access control
B. Attribute-based access control
C. Role-based access control
D. Lattice-based access control
CISSP PRACTICE QUESTIONS – 20211025
You are implementing VPN solutions to connect remote users to the office. Which of the following is the best authentication protocol that authenticates clients to the VPN server? (Wentz QOTD)
A. RADIUS
B. Extensible Authentication Protocol (EAP)
C. 802.1X
D. Protected Extensible Authentication Protocol (PEAP)
CISSP PRACTICE QUESTIONS – 20211024
Which of the following is least likely included as part of the software integration test? (Wentz QOTD)
A. Misuse case testing
B. Unit testing
C. API testing
D. Fuzz testing
CISSP PRACTICE QUESTIONS – 20211023
You are doing pair programming with a peer developer. Which of the following is the most challenging issue to discover? (Wentz QOTD)
A. SQL injection
B. Naming convention
C. Logic bomb
D. Deadlock
CISSP PRACTICE QUESTIONS – 20211022
Your organization is a well-known software development organization aiming to improve development processes and deliver quality software. Which of the following is the best instrument to benchmark how well your organization performs against other organizations in terms of security? (Wentz QOTD)
A. Capability Maturity Model Integration (CMMI)
B. Cybersecurity Maturity Model Certification (CMMC)
C. Building Security In Maturity Model (BSIMM)
D. Software Assurance Maturity Model (SAMM)