ISC

ISC CISSP Certified Information Systems Security Professional Exam Dumps and Practice Test Questions Set 2 Q21-40

Visit here for our full ISC CISSP exam dumps and practice test questions. Question 21: A multinational enterprise decides to implement a unified access control system for all subsidiaries. Each subsidiary has its own directory service and uses different security policies. Which access control approach under Domain 5 (Identity & Access Management) best supports centralised authentication while allowing local authorisation policies? A) Mandatory Access Control (MAC) B) Role-Based Access Control (RBAC) C) Federated Identity Management (FIM) D) Discretionary Access Control (DAC) Answer: C) Federated Identity Management (FIM). Explanation: Federated Identity Management allows…

ISC CISSP Certified Information Systems Security Professional Exam Dumps and Practice Test Questions Set 1 Q1-20

Visit here for our full ISC CISSP exam dumps and practice test questions. Question: During a business impact analysis (BIA), the security team identifies that the exposure of confidential customer data would have severe reputational damage and possible regulatory fines. Which of the following is the best next step under the domain of Risk Management and Governance? A) Immediately purchase cyber-insurance to transfer the risk B) Classify the data asset, identify the threat sources and vulnerabilities, and quantify the risk before deciding on treatment C) Shut down all systems that…