ExamGecko
Login
Home / ISC / CISSP / List of questions
Ask Question

ISC CISSP Practice Test - Questions Answers, Page 12

List of questions

Question 111

Report Export Collapse

The Structured Query Language (SQL) implements Discretionary Access Controls (DAC) using

INSERT and DELETE.
INSERT and DELETE.
GRANT and REVOKE.
GRANT and REVOKE.
PUBLIC and PRIVATE.
PUBLIC and PRIVATE.
ROLLBACK and TERMINATE.
ROLLBACK and TERMINATE.
Suggested answer: B
asked 18/09/2024
C/1094 WOLOGUEDE COTONOU – BENIN NDENDE
39 questions

Question 112

Report Export Collapse

Which layer of the Open Systems Interconnections (OSI) model implementation adds information concerning the logical connection between the sender and receiver?

Physical
Physical
Session
Session
Transport
Transport
Data-Link
Data-Link
Suggested answer: C
asked 18/09/2024
Marco Morsiani
47 questions

Question 113

Report Export Collapse

Which of the following is a network intrusion detection technique?

Statistical anomaly
Statistical anomaly
Perimeter intrusion
Perimeter intrusion
Port scanning
Port scanning
Network spoofing
Network spoofing
Suggested answer: C
asked 18/09/2024
Amidou Florian TOURE
34 questions

Question 114

Report Export Collapse

Internet Protocol (IP) source address spoofing is used to defeat

address-based authentication.
address-based authentication.
Address Resolution Protocol (ARP).
Address Resolution Protocol (ARP).
Reverse Address Resolution Protocol (RARP).
Reverse Address Resolution Protocol (RARP).
Transmission Control Protocol (TCP) hijacking.
Transmission Control Protocol (TCP) hijacking.
Suggested answer: A
asked 18/09/2024
Carlos Roberto
55 questions

Question 115

Report Export Collapse

Which of the following is an authentication protocol in which a new random number is generated uniquely for each login session?

Challenge Handshake Authentication Protocol (CHAP)
Challenge Handshake Authentication Protocol (CHAP)
Point-to-Point Protocol (PPP)
Point-to-Point Protocol (PPP)
Extensible Authentication Protocol (EAP)
Extensible Authentication Protocol (EAP)
Password Authentication Protocol (PAP)
Password Authentication Protocol (PAP)
Suggested answer: A
asked 18/09/2024
Teste Teste
42 questions

Question 116

Report Export Collapse

What security management control is MOST often broken by collusion?

Job rotation
Job rotation
Separation of duties
Separation of duties
Least privilege model
Least privilege model
Increased monitoring
Increased monitoring
Suggested answer: B
asked 18/09/2024
Akash Makkar
42 questions

Question 117

Report Export Collapse

An Intrusion Detection System (IDS) is generating alarms that a user account has over 100 failed login attempts per minute. A sniffer is placed on the network, and a variety of passwords for that user are noted. Which of the following is

MOST likely occurring?

A dictionary attack
A dictionary attack
A Denial of Service (DoS) attack
A Denial of Service (DoS) attack
A spoofing attack
A spoofing attack
A backdoor installation
A backdoor installation
Suggested answer: A
asked 18/09/2024
Vishal Vitthal Pawar
45 questions

Question 118

Report Export Collapse

An engineer in a software company has created a virus creation tool. The tool can generate thousands of polymorphic viruses. The engineer is planning to use the tool in a controlled environment to test the company's next generation virus scanning software. Which would BEST describe the behavior of the engineer and why?

The behavior is ethical because the tool will be used to create a better virus scanner.
The behavior is ethical because the tool will be used to create a better virus scanner.
The behavior is ethical because any experienced programmer could create such a tool.
The behavior is ethical because any experienced programmer could create such a tool.
The behavior is not ethical because creating any kind of virus is bad.
The behavior is not ethical because creating any kind of virus is bad.
The behavior is not ethical because such a tool could be leaked on the Internet.
The behavior is not ethical because such a tool could be leaked on the Internet.
Suggested answer: A
asked 18/09/2024
Mitesh Patel
36 questions

Question 119

Report Export Collapse

Which of the following Disaster Recovery (DR) sites is the MOST difficult to test?

Hot site
Hot site
Cold site
Cold site
Warm site
Warm site
Mobile site
Mobile site
Suggested answer: B
asked 18/09/2024
Ahmad Zaher Al Ojaili
40 questions

Question 120

Report Export Collapse

Which of the following statements is TRUE for point-to-point microwave transmissions?

They are not subject to interception due to encryption.
They are not subject to interception due to encryption.
Interception only depends on signal strength.
Interception only depends on signal strength.
They are too highly multiplexed for meaningful interception.
They are too highly multiplexed for meaningful interception.
They are subject to interception by an antenna within proximity.
They are subject to interception by an antenna within proximity.
Suggested answer: D
asked 18/09/2024
Ihab ALkasrawi
37 questions
Total 1.482 questions
Go to page: of 149
Open VPLUS File
Convert VPLUS to PDF

Related questions

Which Open Systems Interconnection (OSI) layer(s) BEST corresponds to the network access layer in the Transmission Control Protocol/Internet Protocol (TCP/IP) model?
All of the following items should be included in a Business Impact Analysis (BIA) questionnaire EXCEPT questions that
An organization is preparing to achieve General Data Protection Regulation (GDPR) compliance. The Chief Information Security Officer (CISO) is reviewing data protection methods. Which of the following is the BEST data protection method?
Which one of the following would cause an immediate review and possible change to the security policies of an organization?
Which of the following are all elements of a disaster recovery plan (DRP)?
What is the MAIN reason for testing a Disaster Recovery Plan (DRP)?
Which of the following BEST describes the objectives of the Business Impact Analysis (BIA)?
Which of the following would BEST support effective testing of patch compatibility when patches are applied to an organization's systems?
Which part of an operating system (OS) is responsible for providing security interfaces among the hardware, OS, and other parts of the computing system?
In what phase of the System Development Life Cycle (SDLC) should security training for the development team begin?