New Year Special 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: save70

CISSP Reviews Questions

Page: 28 / 45
Total 1486 questions

Certified Information Systems Security Professional (CISSP) Questions and Answers

Question 109

A company-wide penetration test result shows customers could access and read files through a web browser. Which of the following can be used to mitigate this vulnerability?

Options:

A.

Enforce the chmod of files to 755.

B.

Enforce the control of file directory listings.

C.

Implement access control on the web server.

D.

Implement Secure Sockets Layer (SSL) certificates throughout the web server.

Question 110

A software development company has a short timeline in which to deliver a software product. The software development team decides to use open-source software libraries to reduce the development time. What concept should software developers consider when using open-source software libraries?

Options:

A.

Open source libraries contain known vulnerabilities, and adversaries regularly exploit those vulnerabilities in the wild.

B.

Open source libraries can be used by everyone, and there is a common understanding that the vulnerabilities in these libraries will not be exploited.

C.

Open source libraries are constantly updated, making it unlikely that a vulnerability exists for an adversary to exploit.

D.

Open source libraries contain unknown vulnerabilities, so they should not be used.

Question 111

Which of the following is the MOST comprehensive Business Continuity (BC) test?

Options:

A.

Full functional drill

B.

Full table top

C.

Full simulation

D.

Full interruption

Question 112

Which of the following management processes allots ONLY those services required for users to accomplish their tasks, change default user passwords, and set servers to retrieve antivirus updates?

Options:

A.

Compliance

B.

Configuration

C.

Identity

D.

Patch

Page: 28 / 45
Total 1486 questions