Which of the following does the security design process ensure within the System Development Life Cycle (SDLC)?

Proper security controls, security objectives, and security goals are properly initiated.
Security objectives, security goals, and system test are properly conducted.
Proper security controls, security goals, and fault mitigation are properly conducted.
Security goals, proper security controls, and validation are properly initiated.

Answer(s): A

Which of the following is MOST important to follow when developing information security controls for an organization?

Use industry standard best practices for security controls in the organization.
Exercise due diligence with regard to all risk management information to tailor appropriate controls.
Review all local and international standards and choose the most stringent based on location.
Perform a risk assessment and choose a standard that addresses existing gaps.

Answer(s): B

When recovering from an outage, what is the Recovery Point Objective (RPO), in terms of data recovery?

The RPO is the minimum amount of data that needs to be recovered.
The RPO is the amount of time it takes to recover an acceptable percentage of data lost.
The RPO is a goal to recover a targeted percentage of data lost.
The RPO is the maximum amount of time for which loss of data is acceptable.

Answer(s): D

Which of the following attacks, if successful, could give an intruder complete control of a software-defined networking (SDN) architecture?

A brute force password attack on the Secure Shell (SSH) port of the controller
Sending control messages to open a flow that does not pass a firewall from a compromised host within the network
Remote Authentication Dial-In User Service (RADIUS) token replay attack
Sniffing the traffic of a compromised host inside the network

Answer(s): B

Free ISC2 CISSP Exam Braindumps (page: 11)