New Year Special 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: save70

CISSP Exam Questions Tutorials

Page: 34 / 45
Total 1486 questions

Certified Information Systems Security Professional (CISSP) Questions and Answers

Question 133

Which of the following is the BEST way to protect against structured Query language (SQL) injection?

Options:

A.

Enforce boundary checking.

B.

Restrict use of SELECT command.

C.

Restrict Hyper Text Markup Language (HTNL) source code access.

D.

Use stored procedures.

Question 134

In a quarterly system access review, an active privileged account was discovered that did not exist in the prior review on the production system. The account was created one hour after the previous access review. Which of the following is the BEST option to reduce overall risk in addition to quarterly access reviews?

Options:

A.

Increase logging levels.

B.

Implement bi-annual reviews.

C.

Create policies for system access.

D.

Implement and review risk-based alerts.

Question 135

At what stage of the Software Development Life Cycle (SDLC) does software vulnerability remediation MOST likely cost the least to implement?

Options:

A.

Development

B.

Testing

C.

Deployme

D.

Design

Question 136

When reviewing vendor certifications for handling and processing of company data, which of the following is the BEST Service Organization Controls (SOC) certification for the vendor to possess?

Options:

A.

SOC 1 Type 1

B.

SOC 2 Type 1

C.

SOC 2 Type 2

D.

SOC 3

Page: 34 / 45
Total 1486 questions