ISC CISSP Practice Test - Questions Answers, Page 131

Which of the following is fundamentally required to address potential security issues when initiating software development?

Which of the following is the BEST method a security practitioner can use to ensure that systems and sub-systems gracefully handle invalid input?

An information security administrator wishes to block peer-to-peer (P2P) traffic over Hypertext Transfer Protocol (HTTP) tunnels. Which of the following layers of the Open Systems Interconnection (OSI) model requires inspection?

An organization has requested storage area network (SAN) disks for a new project. What Redundant Array of Independent Disks (RAID) level provides the BEST redundancy and fault tolerance?

An organization has implemented a password complexity and an account lockout policy enforcing five incorrect logins tries within ten minutes. Network users have reported significantly increased account lockouts. Which of the following security principles is this company affecting?

In the last 15 years a company has experienced three electrical failures. The cost associated with each failure is listed below.

Which of the following would be a reasonable annual loss expectation?

Which of the following addresses requirements of security assessments during software acquisition?

Which of the following BEST obtains an objective audit of security controls?

Which of the following is established to collect information Se eee ee ee nation readily available in part through implemented security controls?