Question 1

What is the BEST approach for maintaining ethics when a security professional is

unfamiliar with the culture of a country and is asked to perform a questionable task?

Options :

A : Exercise due diligence when deciding to circumvent host government requests.

B : Become familiar with the means in which the code of ethics is applied and considered.

C : Complete the assignment based on the customer-s wishes.

D : Execute according to the professional-s comfort level with the code of ethics.

Answer: B

Question 2

Which of the following is the weakest form of protection for an application that handles Personally Identifiable Information (PII)?

Options :

A : Transport Layer Security (TLS)

B : Ron Rivest Cipher 4 (RC4) encryption

C : Security Assertion Markup Language (SAML)

D : Multifactor authentication

Answer: B

Question 3

Which of the following is the PRIMARY risk with using open source software in a commercial software construction?

Options :

A : Lack of software documentation

B : License agreements requiring release of modified code

C : Expiration of the license agreement

D : Costs associated with support of the software

Answer: D

Question 4

Which of the following media is LEAST problematic with data remanence?

Options :

A : Dynamic Random Access Memory (DRAM)

B : Electrically Erasable Programming Read-Only Memory (BPRCM)

C : Flash memory

D : Magnetic disk

Answer: A

Question 5

Which technique helps system designers consider potential security concerns of their systems and applications?

Options :

A : Penetration testing

B : Threat modeling

C : Manual inspections and reviews

D : Source code review

Answer: B

Higher Test Marks with Free Online CISSP Exam Practice