ExamGecko
Search Search Login
Home Home / ISC / CISSP

ISC CISSP Practice Test - Questions Answers, Page 11

Question list
Search
Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

Which of the following are all elements of a disaster recovery plan (DRP)?
All of the following items should be included in a Business Impact Analysis (BIA) questionnaire EXCEPT questions that
Which of the following would BEST support effective testing of patch compatibility when patches are applied to an organization's systems?
In what phase of the System Development Life Cycle (SDLC) should security training for the development team begin?
Which part of an operating system (OS) is responsible for providing security interfaces among the hardware, OS, and other parts of the computing system?
What balance MUST be considered when web application developers determine how informative application error messages should be constructed?
Backup information that is critical to the organization is identified through a
An organization is preparing to achieve General Data Protection Regulation (GDPR) compliance. The Chief Information Security Officer (CISO) is reviewing data protection methods. Which of the following is the BEST data protection method?
Data remanence refers to which of the following?
With what frequency should monitoring of a control occur when implementing Information Security Continuous Monitoring (ISCM) solutions?

Question 101

Report
Export
Collapse

Which one of the following describes granularity?

A.
Maximum number of entries available in an Access Control List (ACL)
A.
Maximum number of entries available in an Access Control List (ACL)
Answers
B.
Fineness to which a trusted system can authenticate users
B.
Fineness to which a trusted system can authenticate users
Answers
C.
Number of violations divided by the number of total accesses
C.
Number of violations divided by the number of total accesses
Answers
D.
Fineness to which an access control system can be adjusted
D.
Fineness to which an access control system can be adjusted
Answers
Suggested answer: D

Question 102

Report
Export
Collapse

In a basic SYN flood attack, what is the attacker attempting to achieve?

A.
Exceed the threshold limit of the connection queue for a given service
A.
Exceed the threshold limit of the connection queue for a given service
Answers
B.
Set the threshold to zero for a given service
B.
Set the threshold to zero for a given service
Answers
C.
Cause the buffer to overflow, allowing root access
C.
Cause the buffer to overflow, allowing root access
Answers
D.
Flush the register stack, allowing hijacking of the root account
D.
Flush the register stack, allowing hijacking of the root account
Answers
Suggested answer: A

Question 103

Report
Export
Collapse

The FIRST step in building a firewall is to

A.
assign the roles and responsibilities of the firewall administrators.
A.
assign the roles and responsibilities of the firewall administrators.
Answers
B.
define the intended audience who will read the firewall policy.
B.
define the intended audience who will read the firewall policy.
Answers
C.
identify mechanisms to encourage compliance with the policy.
C.
identify mechanisms to encourage compliance with the policy.
Answers
D.
perform a risk analysis to identify issues to be addressed.
D.
perform a risk analysis to identify issues to be addressed.
Answers
Suggested answer: D

Question 104

Report
Export
Collapse

A system has been scanned for vulnerabilities and has been found to contain a number of communication ports that have been opened without authority. To which of the following might this system have been subjected?

A.
Trojan horse
A.
Trojan horse
Answers
B.
Denial of Service (DoS)
B.
Denial of Service (DoS)
Answers
C.
Spoofing
C.
Spoofing
Answers
D.
Man-in-the-Middle (MITM)
D.
Man-in-the-Middle (MITM)
Answers
Suggested answer: A

Question 105

Report
Export
Collapse

Which type of control recognizes that a transaction amount is excessive in accordance with corporate policy?

A.
Detection
A.
Detection
Answers
B.
Prevention
B.
Prevention
Answers
C.
Investigation
C.
Investigation
Answers
D.
Correction
D.
Correction
Answers
Suggested answer: A

Question 106

Report
Export
Collapse

Which of the following defines the key exchange for Internet Protocol Security (IPSec)?

A.
Secure Sockets Layer (SSL) key exchange
A.
Secure Sockets Layer (SSL) key exchange
Answers
B.
Internet Key Exchange (IKE)
B.
Internet Key Exchange (IKE)
Answers
C.
Security Key Exchange (SKE)
C.
Security Key Exchange (SKE)
Answers
D.
Internet Control Message Protocol (ICMP)
D.
Internet Control Message Protocol (ICMP)
Answers
Suggested answer: B

Question 107

Report
Export
Collapse

The overall goal of a penetration test is to determine a system's

A.
ability to withstand an attack.
A.
ability to withstand an attack.
Answers
B.
capacity management.
B.
capacity management.
Answers
C.
error recovery capabilities.
C.
error recovery capabilities.
Answers
D.
reliability under stress.
D.
reliability under stress.
Answers
Suggested answer: A

Question 108

Report
Export
Collapse

When constructing an Information Protection Policy (IPP), it is important that the stated rules are necessary, adequate, and

A.
flexible.
A.
flexible.
Answers
B.
confidential.
B.
confidential.
Answers
C.
focused.
C.
focused.
Answers
D.
achievable.
D.
achievable.
Answers
Suggested answer: D

Question 109

Report
Export
Collapse

Which of the following is a security limitation of File Transfer Protocol (FTP)?

A.
Passive FTP is not compatible with web browsers.
A.
Passive FTP is not compatible with web browsers.
Answers
B.
Anonymous access is allowed.
B.
Anonymous access is allowed.
Answers
C.
FTP uses Transmission Control Protocol (TCP) ports 20 and 21.
C.
FTP uses Transmission Control Protocol (TCP) ports 20 and 21.
Answers
D.
Authentication is not encrypted.
D.
Authentication is not encrypted.
Answers
Suggested answer: D

Question 110

Report
Export
Collapse

In Business Continuity Planning (BCP), what is the importance of documenting business processes?

A.
Provides senior management with decision-making tools
A.
Provides senior management with decision-making tools
Answers
B.
Establishes and adopts ongoing testing and maintenance strategies
B.
Establishes and adopts ongoing testing and maintenance strategies
Answers
C.
Defines who will perform which functions during a disaster or emergency
C.
Defines who will perform which functions during a disaster or emergency
Answers
D.
Provides an understanding of the organization's interdependencies
D.
Provides an understanding of the organization's interdependencies
Answers
Suggested answer: D
Total 1.482 questions
Go to page: of 149
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms