CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. ISC2
  5. CISSP

Free CISSP Exam Braindumps (page: 9)

Page 9 of 122
PDF with 484 Questions

An organization recently suffered from a web-application attack that resulted in stolen user session cookie information. The attacker was able to obtain the information when a user's browser executed a script upon visiting a compromised website. What type of attack MOST likely occurred?

  1. SQL injection (SQLi)
  2. Extensible Markup Language (XML) external entities
  3. Cross-Site Scripting (XSS)
  4. Cross-Site Request Forgery (CSRF)

Answer(s): C



An attack utilizing social engineering and a malicious Uniform Resource Locator (URL) link to take advantage of a victim's existing browser session with a web application is an example of which of the following types of attack?

  1. Clickjacking
  2. Cross-site request forgery (CSRF)
  3. Cross-Site Scripting (XSS)
  4. Injection

Answer(s): B



Which of the following encryption technologies has the ability to function as a stream cipher?

  1. Cipher Block Chaining (CBC) with error propagation
  2. Electronic Code Book (ECB)
  3. Cipher Feedback (CFB)
  4. Feistel cipher

Answer(s): C



In a disaster recovery (DR) test, which of the following would be a trait of crisis management?

  1. Process
  2. Anticipate
  3. Strategic
  4. Wide focus

Answer(s): A






Post your Comments and Discuss ISC2 CISSP exam with other Community members:

CISSP Exam Discussions & Posts