CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. ISC2
  5. CSSLP

Free CSSLP Exam Braindumps

The NIST Information Security and Privacy Advisory Board (ISPAB) paper "Perspectives on Cloud Computing and Standards" specifies potential advantages and disdvantages of virtualization. Which of the following disadvantages does it include? Each correct answer represents a complete solution. Choose all that apply.

  1. It increases capabilities for fault tolerant computing using rollback and snapshot features.
  2. It increases intrusion detection through introspection.
  3. It initiates the risk that malicious software is targeting the VM environment.
  4. It increases overall security risk shared resources.
  5. It creates the possibility that remote attestation may not work.
  6. It involves new protection mechanisms for preventing VM escape, VM detection, and VM-VM interference.
  7. It increases configuration effort because of complexity and composite system.

Answer(s): C,D,E,F,G

Explanation:

The potential security disadvantages of virtualization are as follows: It increases configuration effort because of complexity and composite system. It initiates the problem of how to prevent overlap while mapping VM storage onto host files. It introduces the problem of virtualizing the TPM. It creates the possibility that remote attestation may not work. It initiates the problem of detecting VM covert channels. It involves new protection mechanisms for preventing VM escape, VM detection, and VM-VM interference. It initiates the possibility of virtual networking configuration errors. It initiates the risk that malicious software is targeting the VM environment.
It increases overall security risk shared resources, such as networks, clipboards, clocks, printers, desktop management, and folders.
Answers A and B are incorrect. These are not the disadvantages of virtualization, as described in the NIST Information Security and Privacy Advisory Board (ISPAB) paper "Perspectives on Cloud Computing and Standards".



Which of the following are the types of access controls? Each correct answer represents a complete solution. Choose three.

  1. Physical
  2. Technical
  3. Administrative
  4. Automatic

Answer(s): A,B,C

Explanation:

Security guards, locks on the gates, and alarms come under physical access control. Policies and procedures implemented by an organization come under administrative access control. IDS systems, encryption, network segmentation, and antivirus controls come under technical access control. Answer D is incorrect. There is no such type of access control as automatic control.



What are the subordinate tasks of the Initiate and Plan IA C&A phase of the DIACAP process? Each correct answer represents a complete solution. Choose all that apply.

  1. Initiate IA implementation plan
  2. Develop DIACAP strategy
  3. Assign IA controls.
  4. Assemble DIACAP team
  5. Register system with DoD Component IA Program.
  6. Conduct validation activity.

Answer(s): A,B,C,D,E

Explanation:

The Department of Defense Information Assurance Certification and Accreditation Process (DIACAP) is a process defined by the United States Department of Defense (DoD) for managing risk.
The subordinate tasks of the Initiate and Plan IA C&A phase are as follows: Register system with DoD Component IA Program. Assign IA controls. Assemble DIACAP team. Develop DIACAP strategy. Initiate IA implementation plan. Answer F is incorrect. Validation activities are conducted in the second phase of the DIACAP process, i.e., Implement and Validate Assigned IA Controls.



Which of the following attacks causes software to fail and prevents the intended users from accessing software?

  1. Enabling attack
  2. Reconnaissance attack
  3. Sabotage attack
  4. Disclosure attack

Answer(s): C

Explanation:

A sabotage attack is an attack that causes software to fail. It also prevents the intended users from accessing software. A sabotage attack is referred to as a denial of service (DoS) or compromise of availability. Answer B is incorrect. The reconnaissance attack enables an attacker to collect information about software and operating environment. Answer D is incorrect. The disclosure attack exposes the revealed data to an attacker. Answer A is incorrect. The enabling attack delivers an easy path for other attacks.






Post your Comments and Discuss ISC2 CSSLP exam with other Community members:

Mini-Pritz commented on November 18, 2024
AI is the way to go these days and this certification exam which I passed today should help my with some carrier boost.
UNITED STATES
upvote

Harish commented on November 18, 2024
It is very helpful to understand the GCP
Anonymous
upvote

Gopikrishna commented on November 17, 2024
Its Going Good
INDIA
upvote

yoga commented on November 17, 2024
goood i cann guys
Anonymous
upvote

Peace commented on November 17, 2024
questions are helpful
Anonymous
upvote

Ahmed Mansour commented on November 17, 2024
Good mind set
Anonymous
upvote

Pretty commented on November 17, 2024
This have been really helpful thank you so much
Anonymous
upvote

pretty commented on November 17, 2024
Helpful thanx
Anonymous
upvote

Morad commented on November 17, 2024
So many new questions in this version. Thank you for providing the updated version.
Turkey
upvote

Md. Jakir Hossain commented on November 17, 2024
pls help me given total question
BANGLADESH
upvote

Feroz commented on November 17, 2024
These questions are very similar to the exam question. Thank you for this great test dumps!
Anonymous
upvote

Mohamed commented on November 17, 2024
No Comments
Anonymous
upvote

shakila commented on November 16, 2024
how to start i m begginer
Anonymous
upvote

peter commented on November 16, 2024
I'm finding these question helpful
Anonymous
upvote

Kris commented on November 16, 2024
Nice Questions
Anonymous
upvote

Folarin commented on November 15, 2024
Nice content, hope to take my exam soonest
Anonymous
upvote

Dag Alytus commented on November 15, 2024
This is helpful
UNITED STATES
upvote

Priscilla commented on November 15, 2024
I'm waiting for more questions
Anonymous
upvote

togdheer commented on November 15, 2024
good revision resource
UNITED STATES
upvote

Mohammed commented on November 15, 2024
After checking these questions and reviewing all the answers and Explanations I realized that I would not have been able to pass the exam based on my current knowledge. This is completely changed my approach in how I am going to prepare now.
UNITED STATES
upvote

Makhmoor commented on November 15, 2024
please make it free
EUROPEAN UNION
upvote

Ardi commented on November 14, 2024
its a great platform to upskilling your knowledge about blockchain
Anonymous
upvote

Quentin commented on November 14, 2024
I noticed that some comments were related to answers not being 100% correct. But for me as long as questions are real and same as the actual exam I was okay.
Mexico
upvote

kagelelo commented on November 14, 2024
how do you pass the ged science test
Anonymous
upvote

Chris Nalla commented on November 14, 2024
Very insightful piece.
Anonymous
upvote

baba commented on November 14, 2024
want to learn
Anonymous
upvote

Anand commented on November 14, 2024
Not bad at all. It covers all the exam topics and it provides some insight to the types of questions that you are going to see in real exam.
INDIA
upvote

Godlover commented on November 14, 2024
Very up to date. I passed my exams. I studied very well though. But the past questions was exceedingly helpful too. Just practice the questions as much as you can. As for me I practiced all, and repracticed about 350 questions again before the exams day.
Anonymous
upvote

LasNumber commented on November 14, 2024
This Are Very Useful Q's and A's. on exam some Questions wont come as they are but mostly will come as the are. Study to Know
Anonymous
upvote

Yeshwanth commented on November 14, 2024
Nice Questions and helpful for exam preparation.
Anonymous
upvote

Jenil Gandhi commented on November 14, 2024
Hi everyone could sone share the certification voucher for PD2.
INDIA
upvote

Nicole commented on November 13, 2024
I am working towards my exam. Finding these prep to be very useful
CANADA
upvote

Nicole commented on November 13, 2024
Very helpful
CANADA
upvote

Bianca commented on November 13, 2024
Consistent questions
Anonymous
upvote