Question 25

- (Exam Topic 11)
What does an organization FIRST review to assure compliance with privacy requirements?

Correct Answer:C

Question 26

- (Exam Topic 10)
Host-Based Intrusion Protection (HIPS) systems are often deployed in monitoring or learning mode during their initial implementation. What is the objective of starting in this mode?

Correct Answer:D

Question 27

- (Exam Topic 11)
The MAIN reason an organization conducts a security authorization process is to

Correct Answer:A

Question 28

- (Exam Topic 10)
Refer to the information below to answer the question.
A large organization uses unique identifiers and requires them at the start of every system session. Application access is based on job classification. The organization is subject to periodic independent reviews of access controls and violations. The organization uses wired and wireless networks and remote access. The organization also uses secure connections to branch offices and secure backup and recovery strategies for selected information and processes.
Which of the following BEST describes the access control methodology used?

Correct Answer:C

Question 29

- (Exam Topic 13)
When developing solutions for mobile devices, in which phase of the Software Development Life Cycle (SDLC) should technical limitations related to devices be specified?

Correct Answer:A

Question 30

- (Exam Topic 9)
The PRIMARY purpose of a security awareness program is to

Correct Answer:A

START CISSP EXAM