ExamGecko
Search Search Login
Home Home / ISC / CISSP

ISC CISSP Practice Test - Questions Answers, Page 117

Question list
Search
Search

List of questions

Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

Which of the following are all elements of a disaster recovery plan (DRP)?
All of the following items should be included in a Business Impact Analysis (BIA) questionnaire EXCEPT questions that
Which of the following would BEST support effective testing of patch compatibility when patches are applied to an organization's systems?
An organization is preparing to achieve General Data Protection Regulation (GDPR) compliance. The Chief Information Security Officer (CISO) is reviewing data protection methods. Which of the following is the BEST data protection method?
In what phase of the System Development Life Cycle (SDLC) should security training for the development team begin?
Which part of an operating system (OS) is responsible for providing security interfaces among the hardware, OS, and other parts of the computing system?
What balance MUST be considered when web application developers determine how informative application error messages should be constructed?
Backup information that is critical to the organization is identified through a
Data remanence refers to which of the following?
With what frequency should monitoring of a control occur when implementing Information Security Continuous Monitoring (ISCM) solutions?

Question 1161

Report
Export
Collapse

A large human resources organization wants to integrate their identity management with a trusted partner organization. The human resources organization wants to maintain the creation and management of the identities and may want to share with other partners in the future. Which of the following options BEST serves their needs?

A.
Federated identity
A.
Federated identity
Answers
B.
Cloud Active Directory (AD)
B.
Cloud Active Directory (AD)
Answers
C.
Security Assertion Markup Language (SAML)
C.
Security Assertion Markup Language (SAML)
Answers
D.
Single sign-on (SSO)
D.
Single sign-on (SSO)
Answers
Suggested answer: A

Question 1162

Report
Export
Collapse

Which of the following is the PRIMARY type of cryptography required to support non-repudiation of a digitally signed document?

A.
Message digest (MD)
A.
Message digest (MD)
Answers
B.
Asymmetric
B.
Asymmetric
Answers
C.
Symmetric
C.
Symmetric
Answers
D.
Hashing
D.
Hashing
Answers
Suggested answer: A

Question 1163

Report
Export
Collapse

The quality assurance (QA) department is short-staffed and is unable to test all modules before the anticipated release date of an application. What security control is MOST likely to be violated?

A.
Separation of environments
A.
Separation of environments
Answers
B.
Program management
B.
Program management
Answers
C.
Mobile code controls
C.
Mobile code controls
Answers
D.
Change management
D.
Change management
Answers
Suggested answer: D

Question 1164

Report
Export
Collapse

Which is the PRIMARY mechanism for providing the workforce with the information needed to protect an agency's vital information resources?

A.
Incorporating security awareness and training as part of the overall information security program
A.
Incorporating security awareness and training as part of the overall information security program
Answers
B.
An information technology (IT) security policy to preserve the confidentiality, integrity, and availability of systems
B.
An information technology (IT) security policy to preserve the confidentiality, integrity, and availability of systems
Answers
C.
Implementation of access provisioning process for coordinating the creation of user accounts
C.
Implementation of access provisioning process for coordinating the creation of user accounts
Answers
D.
Execution of periodic security and privacy assessments to the organization
D.
Execution of periodic security and privacy assessments to the organization
Answers
Suggested answer: A

Question 1165

Report
Export
Collapse

What is the FIRST step when developing an Information Security Continuous Monitoring (ISCM) program?

A.
Establish an ISCM technical architecture.
A.
Establish an ISCM technical architecture.
Answers
B.
Collect the security-related information required for metrics, assessments, and reporting.
B.
Collect the security-related information required for metrics, assessments, and reporting.
Answers
C.
Establish an ISCM program determining metrics, status monitoring frequencies, and control assessment frequencies.
C.
Establish an ISCM program determining metrics, status monitoring frequencies, and control assessment frequencies.
Answers
D.
Define an ISCM strategy based on risk tolerance.
D.
Define an ISCM strategy based on risk tolerance.
Answers
Suggested answer: D

Question 1166

Report
Export
Collapse

Which of the following minimizes damage to information technology (IT) equipment stored in a data center when a false fire alarm event occurs?

A.
A pre-action system is installed.
A.
A pre-action system is installed.
Answers
B.
An open system is installed.
B.
An open system is installed.
Answers
C.
A dry system is installed.
C.
A dry system is installed.
Answers
D.
A wet system is installed.
D.
A wet system is installed.
Answers
Suggested answer: C

Question 1167

Report
Export
Collapse

Which of the following is the MOST effective corrective control to minimize the effects of a physical intrusion?

A.
Automatic videotaping of a possible intrusion
A.
Automatic videotaping of a possible intrusion
Answers
B.
Rapid response by guards or police to apprehend a possible intruder
B.
Rapid response by guards or police to apprehend a possible intruder
Answers
C.
Activating bright lighting to frighten away a possible intruder
C.
Activating bright lighting to frighten away a possible intruder
Answers
D.
Sounding a loud alarm to frighten away a possible intruder
D.
Sounding a loud alarm to frighten away a possible intruder
Answers
Suggested answer: C

Question 1168

Report
Export
Collapse

Which type of access control includes a system that allows only users that are type=managers and department=sales to access employee records?

A.
Discretionary access control (DAC)
A.
Discretionary access control (DAC)
Answers
B.
Mandatory access control (MAC)
B.
Mandatory access control (MAC)
Answers
C.
Role-based access control (RBAC)
C.
Role-based access control (RBAC)
Answers
D.
Attribute-based access control (ABAC)
D.
Attribute-based access control (ABAC)
Answers
Suggested answer: C

Question 1169

Report
Export
Collapse

Which of the following describes the BEST method of maintaining the inventory of software and hardware within the organization?

A.
Maintaining the inventory through a combination of desktop configuration, administration management, and procurement management tools
A.
Maintaining the inventory through a combination of desktop configuration, administration management, and procurement management tools
Answers
B.
Maintaining the inventory through a combination of asset owner interviews, open-source system management, and open-source management tools
B.
Maintaining the inventory through a combination of asset owner interviews, open-source system management, and open-source management tools
Answers
C.
Maintaining the inventory through a combination of on-premise storage configuration, cloud management, and partner management tools
C.
Maintaining the inventory through a combination of on-premise storage configuration, cloud management, and partner management tools
Answers
D.
Maintaining the inventory through a combination of system configuration, network management, and license management tools
D.
Maintaining the inventory through a combination of system configuration, network management, and license management tools
Answers
Suggested answer: C

Question 1170

Report
Export
Collapse

Which of the following is a correct feature of a virtual local area network (VLAN)?

A.
A VLAN segregates network traffic therefore information security is enhanced significantly.
A.
A VLAN segregates network traffic therefore information security is enhanced significantly.
Answers
B.
Layer 3 routing is required to allow traffic from one VLAN to another.
B.
Layer 3 routing is required to allow traffic from one VLAN to another.
Answers
C.
VLAN has certain security features such as where the devices are physically connected.
C.
VLAN has certain security features such as where the devices are physically connected.
Answers
D.
There is no broadcast allowed within a single VLAN due to network segregation.
D.
There is no broadcast allowed within a single VLAN due to network segregation.
Answers
Suggested answer: A
Total 1.482 questions
Go to page: of 149
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms