ExamGecko
Search Search Login
Home Home / ISC / CISSP

ISC CISSP Practice Test - Questions Answers, Page 107

Question list
Search
Search

List of questions

Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

Which of the following are all elements of a disaster recovery plan (DRP)?
All of the following items should be included in a Business Impact Analysis (BIA) questionnaire EXCEPT questions that
Which of the following would BEST support effective testing of patch compatibility when patches are applied to an organization's systems?
An organization is preparing to achieve General Data Protection Regulation (GDPR) compliance. The Chief Information Security Officer (CISO) is reviewing data protection methods. Which of the following is the BEST data protection method?
In what phase of the System Development Life Cycle (SDLC) should security training for the development team begin?
What balance MUST be considered when web application developers determine how informative application error messages should be constructed?
Which part of an operating system (OS) is responsible for providing security interfaces among the hardware, OS, and other parts of the computing system?
Backup information that is critical to the organization is identified through a
Data remanence refers to which of the following?
With what frequency should monitoring of a control occur when implementing Information Security Continuous Monitoring (ISCM) solutions?

Question 1061

Report
Export
Collapse

Two computers, each with a single connection on the same physical 10 gigabit Ethernet network segment, need to communicate with each other. The first machine has a single Internet Protocol (IP) Classless Inter-Domain Routing (CIDR) address of 192.168.1.3/30 and the second machine has an IP/CIDR address 192.168.1.6/30. Which of the following is correct?

A.
Since each computer is on a different layer 3 network, traffic between the computers must be processed by a network bridge in order to communicate.
A.
Since each computer is on a different layer 3 network, traffic between the computers must be processed by a network bridge in order to communicate.
Answers
B.
Since each computer is on the same layer 3 network, traffic between the computers may be processed by a network bridge in order to communicate.
B.
Since each computer is on the same layer 3 network, traffic between the computers may be processed by a network bridge in order to communicate.
Answers
C.
Since each computer is on the same layer 3 network, traffic between the computers may be processed by a network router in order to communicate.
C.
Since each computer is on the same layer 3 network, traffic between the computers may be processed by a network router in order to communicate.
Answers
D.
Since each computer is on a different layer 3 network, traffic between the computers must be processed by a network router in order to communicate.
D.
Since each computer is on a different layer 3 network, traffic between the computers must be processed by a network router in order to communicate.
Answers
Suggested answer: B

Question 1062

Report
Export
Collapse

The security team is notified that a device on the network is infected with malware. Which of the following is MOST effective in enabling the device to be quickly located and remediated?

A.
Data loss protection (DLP)
A.
Data loss protection (DLP)
Answers
B.
Intrusion detection
B.
Intrusion detection
Answers
C.
Vulnerability scanner
C.
Vulnerability scanner
Answers
D.
Information Technology Asset Management (ITAM)
D.
Information Technology Asset Management (ITAM)
Answers
Suggested answer: D

Question 1063

Report
Export
Collapse

A corporation does not have a formal data destruction policy. During which phase of a criminal legal proceeding will this have the MOST impact?

A.
Arraignment
A.
Arraignment
Answers
B.
Trial
B.
Trial
Answers
C.
Sentencing
C.
Sentencing
Answers
D.
Discovery
D.
Discovery
Answers
Suggested answer: D

Question 1064

Report
Export
Collapse

Which of the following is the MOST common use of the Online Certificate Status Protocol (OCSP)?

A.
To obtain the expiration date of an X.509 digital certificate
A.
To obtain the expiration date of an X.509 digital certificate
Answers
B.
To obtain the revocation status of an X.509 digital certificate
B.
To obtain the revocation status of an X.509 digital certificate
Answers
C.
To obtain the author name of an X.509 digital certificate
C.
To obtain the author name of an X.509 digital certificate
Answers
D.
To verify the validity of an X.509 digital certificate
D.
To verify the validity of an X.509 digital certificate
Answers
Suggested answer: D

Question 1065

Report
Export
Collapse

Why would a system be structured to isolate different classes of information from one another and segregate them by user jurisdiction?

A.
The organization can avoid e-discovery processes in the event of litigation.
A.
The organization can avoid e-discovery processes in the event of litigation.
Answers
B.
The organization's infrastructure is clearly arranged and scope of responsibility is simplified.
B.
The organization's infrastructure is clearly arranged and scope of responsibility is simplified.
Answers
C.
The organization can vary its system policies to comply with conflicting national laws.
C.
The organization can vary its system policies to comply with conflicting national laws.
Answers
D.
The organization is required to provide different services to various third-party organizations.
D.
The organization is required to provide different services to various third-party organizations.
Answers
Suggested answer: C

Question 1066

Report
Export
Collapse

A security professional needs to find a secure and efficient method of encrypting data on an endpoint. Which solution includes a root key?

A.
Bitlocker
A.
Bitlocker
Answers
B.
Trusted Platform Module (TPM)
B.
Trusted Platform Module (TPM)
Answers
C.
Virtual storage array network (VSAN)
C.
Virtual storage array network (VSAN)
Answers
D.
Hardware security module (HSM)
D.
Hardware security module (HSM)
Answers
Suggested answer: D

Question 1067

Report
Export
Collapse

What method could be used to prevent passive attacks against secure voice communications between an organization and its vendor?

A.
Encryption in transit
A.
Encryption in transit
Answers
B.
Configure a virtual private network (VPN)
B.
Configure a virtual private network (VPN)
Answers
C.
Configure a dedicated connection
C.
Configure a dedicated connection
Answers
D.
Encryption at rest
D.
Encryption at rest
Answers
Suggested answer: A

Question 1068

Report
Export
Collapse

What is the MOST effective response to a hacker who has already gained access to a network and will attempt to pivot to other resources?

A.
Reset all passwords.
A.
Reset all passwords.
Answers
B.
Shut down the network.
B.
Shut down the network.
Answers
C.
Warn users of a breach.
C.
Warn users of a breach.
Answers
D.
Segment the network.
D.
Segment the network.
Answers
Suggested answer: D

Question 1069

Report
Export
Collapse

A Chief Information Officer (CIO) has delegated responsibility of their system security to the head of the information technology (IT) department. While corporate policy dictates that only the CIO can make decisions on the level of data protection required, technical implementation decisions are done by the head of the IT department. Which of the following BEST describes the security role filled by the head of the IT department?

A.
System analyst
A.
System analyst
Answers
B.
System security officer
B.
System security officer
Answers
C.
System processor
C.
System processor
Answers
D.
System custodian
D.
System custodian
Answers
Suggested answer: D

Question 1070

Report
Export
Collapse

Which of the following is a term used to describe maintaining ongoing awareness of information security, vulnerabilities, and threats to support organizational risk management decisions?

A.
Information Security Management System (ISMS)
A.
Information Security Management System (ISMS)
Answers
B.
Information Sharing & Analysis Centers (ISAC)
B.
Information Sharing & Analysis Centers (ISAC)
Answers
C.
Risk Management Framework (RMF)
C.
Risk Management Framework (RMF)
Answers
D.
Information Security Continuous Monitoring (ISCM)
D.
Information Security Continuous Monitoring (ISCM)
Answers
Suggested answer: D
Total 1.482 questions
Go to page: of 149
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms