ISC CISSP Practice Test - Questions Answers, Page 124

Which of the following is the BEST method to validate secure coding techniques against injection and overflow attacks?

A Distributed Denial of Service (DDoS) attack was carried out using malware called Mirai to create a large-scale command and control system to launch a botnet. Which of the following devices were the PRIMARY sources used to generate the attack traffic?

An establish information technology (IT) consulting firm is considering acquiring a successful local startup. To gain a comprehensive understanding of the startup's security posture' which type of assessment provides the BEST information?

As a design principle, which one of the following actors is responsible for identifying and approving data security requirements in a cloud ecosystem?

A company is enrolled in a hard drive reuse program where decommissioned equipment is sold back to the vendor when it is no longer needed. The vendor pays more money for functioning drives than equipment that is no longer operational. Which method of data sanitization would provide the most secure means of preventing unauthorized data loss, while also receiving the most money from the vendor?

In supervisory control and data acquisition (SCADA) systems, which of the following controls can be used to reduce device exposure to malware?

What is considered a compensating control for not having electrical surge protectors installed?

What is considered the BEST when determining whether to provide remote network access to a third-party security service?

When network management is outsourced to third parties, which of the following is the MOST effective method of protecting critical data assets?