ISC CISSP Practice Test - Questions Answers, Page 102
List of questions
Question 1011

Which of the following encryption technologies has the ability to function as a stream cipher?
Question 1012

An attack utilizing social engineering and a malicious Uniform Resource Locator (URL) link to take advantage of a victim's existing browser session with a web application is an example of which of the following types of attack?
Question 1013

Which of the following is the BEST method to identify security controls that should be implemented for a web-based application while in development?
Question 1014

A security professional has reviewed a recent site assessment and has noted that a server room on the second floor of a building has Heating, Ventilation, and Air Conditioning (HVAC) intakes on the ground level that have ultraviolet light filters installed, Aero-K Fire suppression in the server room, and pre-action fire suppression on floors above the server room. Which of the following changes can the security professional recommend to reduce risk associated with these conditions?
Question 1015

An organization is setting a security assessment scope with the goal of developing a Security Management Program (SMP). The next step is to select an approach for conducting the risk assessment. Which of the following approaches is
MOST effective for the SMP?
Question 1016

Which combination of cryptographic algorithms are compliant with Federal Information Processing Standard (FIPS) Publication 140-2 for non-legacy systems?
Question 1017

An international trading organization that holds an International Organization for Standardization (ISO) 27001 certification is seeking to outsource their security monitoring to a managed security service provider (MSSP), The trading organization's security officer is tasked with drafting the requirements that need to be included in the outsourcing contract.
Which of the following MUST be included in the contract?
Question 1018

Which of the following is the MOST effective measure for dealing with rootkit attacks?
Question 1019

While classifying credit card data related to Payment Card Industry Data Security Standards (PCI-DSS), which of the following is a PRIMARY security requirement?
Question 1020

Write Once, Read Many (WORM) data storage devices are designed to BEST support which of the following core security concepts?
Question