New Year Special 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: save70

ISC 2 Credentials CISSP Syllabus Exam Questions Answers

Page: 35 / 45
Total 1486 questions

Certified Information Systems Security Professional (CISSP) Questions and Answers

Question 137

A user is allowed to access the file labeled “Financial Forecast,” but only between 9:00 a.m. and 5:00 p.m., Monday through Friday. Which type of access mechanism should be used to accomplish this?

Options:

A.

Minimum access control

B.

Rule-based access control

C.

Limited role-based access control (RBAC)

D.

Access control list (ACL)

Question 138

An organization has developed a way for customers to share information from their wearable devices with each other. Unfortunately, the users were not informed as to what information collected would be shared. What technical controls should be put in place to remedy the privacy issue while still trying to accomplish the organization's business goals?

Options:

A.

Default the user to not share any information.

B.

Inform the user of the sharing feature changes after implemented.

C.

Share only what the organization decides is best.

D.

Stop sharing data with the other users.

Question 139

An attacker is able to remain indefinitely logged into a exploiting to remain on the web service?

Options:

A.

Alert management

B.

Password management

C.

Session management

D.

Identity management (IM)

Question 140

A large corporation is locking for a solution to automate access based on where on request is coming from, who the user is, what device they are connecting with, and what time of day they are attempting this access. What type of solution would suit their needs?

Options:

A.

Discretionary Access Control (DAC)

B.

Role Based Access Control (RBAC)

C.

Mandater Access Control (MAC)

D.

Network Access Control (NAC)

Page: 35 / 45
Total 1486 questions