Exam:CISSPTitle:CertifiedInformationSystemsSecurityProfessionalVendor:ISCVersion:V17.35ITCertificationGuaranteed,TheEasyWay!1NO.1HowdoesEncapsulatingSecurityPayload(ESP)intransportmodeaffecttheInternetProtocol(IP)?A.EncryptsandoptionallyauthenticatestheIPheader,butnottheIPpayloadB.EncryptsandoptionallyauthenticatestheIPpayload,butnottheIPheaderC.AuthenticatestheIPpayloadandselectedportionsoftheIPheaderD.EncryptsandoptionallyauthenticatesthecompleteIPpacketAnswer:BNO.2Contingencyplanexercisesareintendedtodowhichofthefollowing?A.TrainpersonnelinrolesandresponsibilitiesB.ValidateservicelevelagreementsC.TrainmaintenancepersonnelD.ValidateoperationmetricsAnswer:ANO.3WhichofthefollowingisabenefitinimplementinganenterpriseIdentityandAccessManagement(IAM)solution?A.Passwordrequirementsaresimplified.B.Riskassociatedwithorphanaccountsisreduced.C.Segregationofdutiesisautomaticallyenforced.D.Dataconfidentialityisincreased.Answer:ANO.4AchemicalplanwantstoupgradetheIndustrialControlSystem(ICS)totransmitdatausingEthernetinsteadofRS422.Theprojectmanagerwantstosimplifyadministrationandmaintenancebyutilizingtheofficenetworkinfrastructureandstafftoimplementthisupgrade.WhichofthefollowingistheGREATESTimpactonsecurityforthenetwork?A.ThenetworkadministratorshavenoknowledgeofICSB.TheICSisnowaccessiblefromtheofficenetworkC.TheICSdoesnotsupporttheofficepasswordpolicyD.RS422ismorereliablethanEthernetAnswer:BNO.5WhenintheSoftwareDevelopmentLifeCycle(SDLC)MUSTsoftwaresecurityfunctionalrequirementsbedefined?A.AfterthesystempreliminarydesignhasbeendevelopedandthedatasecuritycategorizationhasbeenperformedB.AfterthevulnerabilityanalysishasbeenperformedandbeforethesystemdetaileddesignbeginsC.AfterthesystempreliminarydesignhasbeendevelopedandbeforethedatasecuritycategorizationbeginsD.AfterthebusinessfunctionalanalysisandthedatasecuritycategorizationhavebeenperformedAnswer:CITCertificationGuaranteed,TheEasyWay!2NO.6Acompanyseizesamobiledevicesuspectedofbeingusedincommittingfraud.WhatwouldbetheBEST...
