ExamGecko
Login
Home / ISC / CISSP / List of questions
Ask Question

ISC CISSP Practice Test - Questions Answers, Page 11

List of questions

Question 101

Report Export Collapse

Which one of the following describes granularity?

Maximum number of entries available in an Access Control List (ACL)
Maximum number of entries available in an Access Control List (ACL)
Fineness to which a trusted system can authenticate users
Fineness to which a trusted system can authenticate users
Number of violations divided by the number of total accesses
Number of violations divided by the number of total accesses
Fineness to which an access control system can be adjusted
Fineness to which an access control system can be adjusted
Suggested answer: D
asked 18/09/2024
Stian Godoe
47 questions

Question 102

Report Export Collapse

In a basic SYN flood attack, what is the attacker attempting to achieve?

Exceed the threshold limit of the connection queue for a given service
Exceed the threshold limit of the connection queue for a given service
Set the threshold to zero for a given service
Set the threshold to zero for a given service
Cause the buffer to overflow, allowing root access
Cause the buffer to overflow, allowing root access
Flush the register stack, allowing hijacking of the root account
Flush the register stack, allowing hijacking of the root account
Suggested answer: A
asked 18/09/2024
Khaled Mohamed Abdraboh Metwalli
36 questions

Question 103

Report Export Collapse

The FIRST step in building a firewall is to

assign the roles and responsibilities of the firewall administrators.
assign the roles and responsibilities of the firewall administrators.
define the intended audience who will read the firewall policy.
define the intended audience who will read the firewall policy.
identify mechanisms to encourage compliance with the policy.
identify mechanisms to encourage compliance with the policy.
perform a risk analysis to identify issues to be addressed.
perform a risk analysis to identify issues to be addressed.
Suggested answer: D
asked 18/09/2024
Danilo Paolucci
46 questions

Question 104

Report Export Collapse

A system has been scanned for vulnerabilities and has been found to contain a number of communication ports that have been opened without authority. To which of the following might this system have been subjected?

Trojan horse
Trojan horse
Denial of Service (DoS)
Denial of Service (DoS)
Spoofing
Spoofing
Man-in-the-Middle (MITM)
Man-in-the-Middle (MITM)
Suggested answer: A
asked 18/09/2024
Robert McConnell
37 questions

Question 105

Report Export Collapse

Which type of control recognizes that a transaction amount is excessive in accordance with corporate policy?

Detection
Detection
Prevention
Prevention
Investigation
Investigation
Correction
Correction
Suggested answer: A
asked 18/09/2024
Akash Patel
41 questions

Question 106

Report Export Collapse

Which of the following defines the key exchange for Internet Protocol Security (IPSec)?

Secure Sockets Layer (SSL) key exchange
Secure Sockets Layer (SSL) key exchange
Internet Key Exchange (IKE)
Internet Key Exchange (IKE)
Security Key Exchange (SKE)
Security Key Exchange (SKE)
Internet Control Message Protocol (ICMP)
Internet Control Message Protocol (ICMP)
Suggested answer: B
asked 18/09/2024
Ramon Vieira da Rocha
41 questions

Question 107

Report Export Collapse

The overall goal of a penetration test is to determine a system's

ability to withstand an attack.
ability to withstand an attack.
capacity management.
capacity management.
error recovery capabilities.
error recovery capabilities.
reliability under stress.
reliability under stress.
Suggested answer: A
asked 18/09/2024
Charl Grove
40 questions

Question 108

Report Export Collapse

When constructing an Information Protection Policy (IPP), it is important that the stated rules are necessary, adequate, and

flexible.
flexible.
confidential.
confidential.
focused.
focused.
achievable.
achievable.
Suggested answer: D
asked 18/09/2024
Kiswendsida ZONGO
39 questions

Question 109

Report Export Collapse

Which of the following is a security limitation of File Transfer Protocol (FTP)?

Passive FTP is not compatible with web browsers.
Passive FTP is not compatible with web browsers.
Anonymous access is allowed.
Anonymous access is allowed.
FTP uses Transmission Control Protocol (TCP) ports 20 and 21.
FTP uses Transmission Control Protocol (TCP) ports 20 and 21.
Authentication is not encrypted.
Authentication is not encrypted.
Suggested answer: D
asked 18/09/2024
Erik-Jan Brul
39 questions

Question 110

Report Export Collapse

In Business Continuity Planning (BCP), what is the importance of documenting business processes?

Provides senior management with decision-making tools
Provides senior management with decision-making tools
Establishes and adopts ongoing testing and maintenance strategies
Establishes and adopts ongoing testing and maintenance strategies
Defines who will perform which functions during a disaster or emergency
Defines who will perform which functions during a disaster or emergency
Provides an understanding of the organization's interdependencies
Provides an understanding of the organization's interdependencies
Suggested answer: D
asked 18/09/2024
sicnarep sicnarep
56 questions
Total 1.482 questions
Go to page: of 149
Open VPLUS File
Convert VPLUS to PDF

Related questions

Which Open Systems Interconnection (OSI) layer(s) BEST corresponds to the network access layer in the Transmission Control Protocol/Internet Protocol (TCP/IP) model?
All of the following items should be included in a Business Impact Analysis (BIA) questionnaire EXCEPT questions that
An organization is preparing to achieve General Data Protection Regulation (GDPR) compliance. The Chief Information Security Officer (CISO) is reviewing data protection methods. Which of the following is the BEST data protection method?
Which one of the following would cause an immediate review and possible change to the security policies of an organization?
Which of the following are all elements of a disaster recovery plan (DRP)?
What is the MAIN reason for testing a Disaster Recovery Plan (DRP)?
Which of the following BEST describes the objectives of the Business Impact Analysis (BIA)?
Which of the following would BEST support effective testing of patch compatibility when patches are applied to an organization's systems?
Which part of an operating system (OS) is responsible for providing security interfaces among the hardware, OS, and other parts of the computing system?
In what phase of the System Development Life Cycle (SDLC) should security training for the development team begin?