• Home
  • Blogs
  • 2022 Easy Success ISC CISSP Exam in First Try [Q103-Q123]

2022 Easy Success ISC CISSP Exam in First Try [Q103-Q123]

Share

2022 Easy Success ISC CISSP Exam in First Try

Best CISSP Exam Dumps for the Preparation of Latest Exam Questions

NEW QUESTION 103
In telephony different types of connections are being used. The connection from the phone company's branch office to local customers is referred to as which of the following choices?

  • A. indigenous loop
  • B. new loop
  • C. loopback
  • D. local loop

Answer: D

Explanation:
Transmission on fiber optic wire requires repeating at distance intervals. The glass fiber requires more protection within an outer cable than copper. For these reasons and because the installation of any new wiring is labor-intensive, few communities yet have fiber optic wires or cables from the phone company's branch office to local customers (local loop).
In telephony, a local loop is the wired connection from a telephone company's central office in a locality to its customers' telephones at homes and businesses. This connection is usually on a pair of copper wires called twisted pair. The system was originally designed for voice transmission only using analog transmission technology on a single voice channel.
Today, your computer's modem makes the conversion between analog signals and digital signals. With Integrated Services Digital Network (ISDN) or Digital Subscriber Line (DSL), the local loop can carry digital signals directly and at a much higher bandwidth than they do for voice only.
Local Loop diagram
Image from: http://www.thenetworkencyclopedia.com/entry/local-loop/
The following are incorrect answers:
New loop This is only a detractor and does not exist
Loopback In telephone systems, a loopback is a test signal sent to a network destination that is returned as received to the originator. The returned signal may help diagnose a problem.
Ingenious loop This is only a detractor and does not exist
Reference(s) used for this question:
http://searchnetworking.techtarget.com/definition/local-loop
and
STEINER, Kurt, Telecommunications and Network Security, Version 1, May 2002, CISSP
Open Study Group (Domain Leader: skottikus), Page 14.

 

NEW QUESTION 104
Which of the following firewall rules is less likely to be found on a firewall installed between an organization's internal network and internet?

  • A. Permit all inbound ssh traffic
  • B. Permit all syslog traffic to log-server.abc.org
  • C. Permit all inbound tcp connections
  • D. Permit all traffic to and from local host

Answer: C

 

NEW QUESTION 105
Which is the MAIN advantage of having an application gateway?

  • A. To log and control incoming and outgoing traffic.
  • B. To perform change control procedures for applications.
  • C. To audit and approve changes to applications.
  • D. To provide a means for applications to move into production.

Answer: A

Explanation:
"An application-level gateway firewall is also called a proxy firewall. A proxy is a mechanism that copies packets from one network into another; the copy process also changes the source and destination address to protect the identity of the internal or private network. An application-level gateway firewall filters traffic based on the Internet service (i.e., application) used
to transmit or receive the data." - Shon Harris All-in-one CISSP Certification Guide pg 92

 

NEW QUESTION 106
Related to information security, confidentiality is the opposite of which of the following?

  • A. disaster
  • B. closure
  • C. disposal
  • D. disclosure

Answer: D

Explanation:
Confidentiality is the opposite of disclosure.
Source: KRUTZ, Ronald L. & VINES, Russel D., The CISSP Prep Guide: Mastering the Ten
Domains of Computer Security, 2001, John Wiley & Sons, Page 59.

 

NEW QUESTION 107
Which choice below is the BEST description of an Annualized Loss
Expectancy (ALE)?

  • A. An estimate of how often a given threat event may occur annually
  • B. The percentile of the value of the asset expected to be lost, used to calculate the SLE
  • C. The expected risk factor of an annual threat event, derived by multiplying the SLE by its ARO
  • D. A value determined by multiplying the value of the asset by its exposure factor

Answer: C

Explanation:
Answer "An estimate of how often a given threat event may occur annually" describes the Annualized Rate of Occurrence (ARO). Answer "The percentile of the value of the asset expected to be lost, used to calculate the SLE" describes the Exposure Factor (EF). Answer "A value determined by multiplying the value of the asset by its exposure factor" describes the algorithm to determine the Single Loss Expectancy (SLE) of a threat.

 

NEW QUESTION 108
LOMAC uses what Access Control method to protect the integrity of processes and data?

  • A. High Water-Mark Mandatory Access Control.
  • B. Linux based NFS.
  • C. Linux based EFS.
  • D. Low Water-Mark Mandatory Access Control.

Answer: D

Explanation:
LOMAC is a security enhancement for Linux that uses Low Water-Mark Mandatory Access Control to protect the integrity of processes and data from viruses, Trojan horses, malicious remote users and compromised root daemons. LOMAC is implemented as a loadable kernel module - no kernel recompilations or changes to existing applications are required. Although not all the planned features are currently implemented, it presently provides sufficient protection to thwart script-kiddies, and is stable enough for everyday use.

 

NEW QUESTION 109
Which of the following is not a weakness of symmetric cryptography?

  • A. Speed
  • B. Limited security
  • C. Scalability
  • D. Key distribution

Answer: A

Explanation:
In secret key cryptography, a single key is used for both encryption and decryption. The sender uses the key (or some set of rules) to encrypt the plaintext and sends the cipher text to the receiver. The receiver applies the same key (or rule set) to decrypt the message and recover the plaintext. Because a single key is used for both functions, secret key cryptography is also called symmetric encryption.
With this form of cryptography, it is obvious that the key must be known to both the sender and the receiver; that, in fact, is the secret. The biggest difficulty with this approach, of course, is the distribution of the key.
Symmetric encryption is around 1000 times faster than Asymmetric encryption, the second is commonly used just to encrypt the keys for Symmetric Cryptography.

 

NEW QUESTION 110
Related to information security, the guarantee that the message sent is the message received with the assurance that the message was not intentionally or unintentionally altered is an example of which of the following?

  • A. integrity
  • B. confidentiality
  • C. availability
  • D. identity

Answer: A

Explanation:
Integrity is the guarantee that the message sent is the message received, and that the message was not intentionally or unintentionally altered. Source: KRUTZ, Ronald L. & VINES, Russel D., The CISSP Prep Guide: Mastering the Ten Domains of Computer Security, 2001, John Wiley & Sons, Page 60.

 

NEW QUESTION 111
Which of the following is the most secure form of triple-DES encryption?

  • A. DES-EDE3
  • B. DES-EDE2
  • C. DES-EEE4
  • D. DES-EDE1

Answer: A

Explanation:
Triple DES with three distinct keys is the most secure form of triple-DES encryption. It can either be DES-EEE3 (encrypt-encrypt-encrypt) or DES-EDE3 (encrypt- decrypt-encrypt). DES-EDE1 is not defined and would mean using a single key to encrypt, decrypt and encrypt again, equivalent to single DES. DES-EEE4 is not defined and DES-
EDE2 uses only 2 keys (encrypt with first key, decrypt with second key, encrypt with first key again).
Source: DUPUIS, Cl?ment, CISSP Open Study Guide on domain 5, cryptography, April
1999.

 

NEW QUESTION 112
Separation of duties is valuable in deterring:

  • A. fraud
  • B. external intruder
  • C. DoS
  • D. trojan house

Answer: A

Explanation:
Separation of duties is considered valuable in deterring fraud since fraud can occur if an opportunity exists for collaboration between various jobs related capabilities. Separation of duty requires that for particular sets of transactions, no single individual be allowed to execute all transactions within the set. The most commonly used examples are the separate transactions needed to initiate a payment and to authorize a payment. No single individual should be capable of executing both transactions.

 

NEW QUESTION 113
Which of the following represents the rows of the table in a relational database?

  • A. record retention
  • B. records or tuples
  • C. relation
  • D. attributes

Answer: B

Explanation:
Explanation/Reference:
Explanation:
The rows of the table represent records or tuples.
Incorrect Answers:
A: The columns of the table represent the attributes.
C: Record retention refers to the usually legal requirement to retain data that are no longer of value to the business for a period of time. This ensures compliance with legal requirements.
D: The relation represents the link between data entities, usually from different tables in the database.
References:
Harris, Shon, All In One CISSP Exam Guide, 6th Edition, McGraw-Hill, New York, 2013, pp. 1171, 1174 Miller, David R., CISSP Training Kit, O'Reilly Media, Sebastopol, 2013, pp. 687-688

 

NEW QUESTION 114
Which of the following is a symmetric encryption algorithm?

  • A. RSA
  • B. Elliptic Curve
  • C. RC5
  • D. El Gamal

Answer: C

Explanation:
Explanation/Reference:
Explanation:
RC5 is a symmetric-key block cipher notable for its simplicity. Designed by Ronald Rivest in 1994, RC stands for "Rivest Cipher", or alternatively, "Ron's Code". The Advanced Encryption Standard (AES) candidate RC6 was based on RC5.
RC5 has a variety of parameters it can use for block size, key size, and the number of rounds used. It was created by Ron Rivest and analyzed by RSA Data Security, Inc. The block sizes used in this algorithm are
32, 64, or 128 bits, and the key size goes up to 2,048 bits. The number of rounds used for encryption and decryption is also variable. The number of rounds can go up to 255.
Incorrect Answers:
A: RSA is an asymmetric key algorithm.
B: Elliptic Curve Cryptosystem (ECC) is an asymmetric key algorithm.
D: El Gamal is an asymmetric key algorithm.
References:
https://en.wikipedia.org/wiki/RC5
Harris, Shon, All In One CISSP Exam Guide, 6th Edition, McGraw-Hill, 2013, p. 810

 

NEW QUESTION 115
Which one of the following is the PRIMARY objective of penetration testing?

  • A. Correction
  • B. Detection
  • C. Protection
  • D. Assessment

Answer: B

Explanation:
Its goal is to measure an organization's resistance to an attack and to uncover any weakness within the environment...The result of a penetration test is a report given to management describing the list of vulnerabilities that were identified and the severity of those vulnerabilities. -Shon Harris All-in-one CISSP Certification Guide pg 837-839
Not A: Assessment would imply management deciding whether they can live with a given vulnerability.

 

NEW QUESTION 116
Which statement below is NOT correct about safeguard selection in the
risk analysis process?

  • A. The best possible safeguard should always be implemented, regardless of cost.
  • B. Maintenance costs need to be included in determining the total cost of the safeguard.
  • C. The most commonly considered criteria is the cost effectiveness of the safeguard.
  • D. Many elements need to be considered in determining the total cost of the safeguard.

Answer: A

Explanation:
The correct answer is "The best possible safeguard should always be implemented, regardless of cost.". Performing a cost-benefit analysis of the proposed safeguard before implementation is vital. The level of security afforded could easily outweigh the value of a proposed safeguard. Other factors need to be considered in the safeguard selection process, such as accountability, auditability, and the level of manual
operations needed to maintain or operate the safeguard.

 

NEW QUESTION 117
Which of the following does not address Database Management Systems (DBMS) Security?

  • A. Perturbation
  • B. Cell suppression
  • C. Padded cells
  • D. Partitioning

Answer: C

Explanation:
Padded cells complement Intrusion Detection Systems (IDSs) and are not related to DBMS security. Padded cells are simulated environments to which IDSs seamlessly transfer detected attackers and are designed to convince an attacker that the attack is going according to the plan. Cell suppression is a technique used against inference attacks by not revealing information in the case where a statistical query produces a very small result set. Perturbation also addresses inference attacks but involves making minor modifications to the results to a query. Partitioning involves splitting a database into two or more physical or logical parts; especially relevant for multilevel secure databases. Source: LaROSA, Jeanette (domain leader), Application and System Development Security CISSP Open Study Guide, version 3.0, January 2002.

 

NEW QUESTION 118
A channel within a computer system or network that is designed for the authorized transfer of information is identified as a(n)?

  • A. Covert channel
  • B. Closed channel
  • C. Overt channel
  • D. Opened channel

Answer: C

Explanation:
"An overt channel is a channel of communication that was developed specifically for communication purposes. Processes should be communicating through overt channels, not covert channels." Pg 237 Shon Harris: All-In-One CISSP Certification Guide.

 

NEW QUESTION 119
What does "System Integrity" mean?

  • A. Users can't tamper with processes they do not own
  • B. Hardware and firmware have undergone periodic testing to verify that they are functioning properly
  • C. Design specifications have been verified against the formal top-level specification
  • D. The software of the system has been implemented as designed.

Answer: B

 

NEW QUESTION 120
What algorithm was DES derived from?

  • A. Brooks-Aldeman.
  • B. Lucifer.
  • C. Skipjack.
  • D. Twofish.

Answer: B

Explanation:
Explanation/Reference:
Explanation:
Lucifer was adopted and modified by the U.S. National Security Agency (NSA) to establish the U.S. Data Encryption Standard (DES) in 1976.
Incorrect Answers:
A: Twofish is a symmetric block cipher, which was a candidate for being the basis of the Advanced Encryption Standard (AES).
B: Skipjack is an algorithm that was used by Clipper Chip, which was used in the Escrowed Encryption Standard (EES).
C: Brooks-Aldeman is not a valid algorithm.
References:
Harris, Shon, All In One CISSP Exam Guide, 6th Edition, McGraw-Hill, 2013, pp. 764, 809 Conrad, Eric, Seth Misenar, Joshua Feldman, CISSP Study Guide, 2nd Edition, Syngress, Waltham, 2012, p. 250

 

NEW QUESTION 121
The primary purpose for using one-way encryption of user passwords within a system is which of the following?

  • A. It minimizes the amount of storage required for user passwords
  • B. It prevents an unauthorized person from trying multiple passwords in one logon attempt
  • C. It prevents an unauthorized person from reading or modifying the password list
  • D. It minimizes the amount of processing time used for encrypting password

Answer: C

 

NEW QUESTION 122
A security practitioner has just been assigned to address an ongoing Denial of Service (DoS) attack against the company's network, which includes an e-commerce web site. The strategy has to include defenses for any size of attack without rendering the company network unusable. Which of the following should be a PRIMARY concern when addressing this issue?

  • A. Allow legitimate connections while blocking malicious connections.
  • B. Ensure the web sites are properly backed up on a daily basis.
  • C. Deal with end user education and training.
  • D. Pay more for a dedicated path to the Internet.

Answer: A

Explanation:
Section: Mixed questions

 

NEW QUESTION 123
......

CISSP Study Material, Preparation Guide and PDF Download: https://www.topexamcollection.com/CISSP-vce-collection.html

CISSP Actual Questions 100% Same Braindumps with Actual Exam: https://drive.google.com/open?id=1spJQHC7EDniovUKbiJfi4bbPdcW5Flaa

Related Blogs

more
ISC CISSP Certification Practice Exam

TopExamCollection is a professional website offering the top pass-rate Exam Collection materials so that most of candidates feel our exam materials are helpful and help them pass exam casually in first time. If you want to study and prepare efficiently our Exam Collection should be your best products.

Latest Update

Useful Links

Contact Us

Our Working Time: ( GMT 0:00-15:00 )
From Monday to Saturday

Support: Contact now 

If you have any question please leave me your email address, we will reply and send email to you in 12 hours.

Copyright © 2026 TOPEXAMCOLLECTION.COM. Privacy Policy

Disclaimer:
TopExamCollection material do not contain actual Business Architecture Guild Exam Questions or materials. TopExamCollection doesn't offer Real Amazon Exam Questions.
CFA Institute does not endorse, promote or warrant the accuracy or quality of these questions. CFA® and Chartered Financial Analyst® are registered trademarks owned by CFA Institute.
TopExamCollection does not offer exam dumps or questions from actual exams. We offer learning material and practice tests created by subject matter experts to assist and help learners prepare for those exams. All certification brands used on the website are owned by the respective brand owners. TopExamCollection does not own or claim any ownership on any of the brands.