ExamGecko
Search Search Login
Home Home / ISC / CISSP

ISC CISSP Practice Test - Questions Answers, Page 12

Question list
Search
Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

Which of the following are all elements of a disaster recovery plan (DRP)?
All of the following items should be included in a Business Impact Analysis (BIA) questionnaire EXCEPT questions that
Which of the following would BEST support effective testing of patch compatibility when patches are applied to an organization's systems?
In what phase of the System Development Life Cycle (SDLC) should security training for the development team begin?
An organization is preparing to achieve General Data Protection Regulation (GDPR) compliance. The Chief Information Security Officer (CISO) is reviewing data protection methods. Which of the following is the BEST data protection method?
Which part of an operating system (OS) is responsible for providing security interfaces among the hardware, OS, and other parts of the computing system?
What balance MUST be considered when web application developers determine how informative application error messages should be constructed?
Backup information that is critical to the organization is identified through a
Data remanence refers to which of the following?
With what frequency should monitoring of a control occur when implementing Information Security Continuous Monitoring (ISCM) solutions?

Question 111

Report
Export
Collapse

The Structured Query Language (SQL) implements Discretionary Access Controls (DAC) using

A.
INSERT and DELETE.
A.
INSERT and DELETE.
Answers
B.
GRANT and REVOKE.
B.
GRANT and REVOKE.
Answers
C.
PUBLIC and PRIVATE.
C.
PUBLIC and PRIVATE.
Answers
D.
ROLLBACK and TERMINATE.
D.
ROLLBACK and TERMINATE.
Answers
Suggested answer: B

Question 112

Report
Export
Collapse

Which layer of the Open Systems Interconnections (OSI) model implementation adds information concerning the logical connection between the sender and receiver?

A.
Physical
A.
Physical
Answers
B.
Session
B.
Session
Answers
C.
Transport
C.
Transport
Answers
D.
Data-Link
D.
Data-Link
Answers
Suggested answer: C

Question 113

Report
Export
Collapse

Which of the following is a network intrusion detection technique?

A.
Statistical anomaly
A.
Statistical anomaly
Answers
B.
Perimeter intrusion
B.
Perimeter intrusion
Answers
C.
Port scanning
C.
Port scanning
Answers
D.
Network spoofing
D.
Network spoofing
Answers
Suggested answer: C

Question 114

Report
Export
Collapse

Internet Protocol (IP) source address spoofing is used to defeat

A.
address-based authentication.
A.
address-based authentication.
Answers
B.
Address Resolution Protocol (ARP).
B.
Address Resolution Protocol (ARP).
Answers
C.
Reverse Address Resolution Protocol (RARP).
C.
Reverse Address Resolution Protocol (RARP).
Answers
D.
Transmission Control Protocol (TCP) hijacking.
D.
Transmission Control Protocol (TCP) hijacking.
Answers
Suggested answer: A

Question 115

Report
Export
Collapse

Which of the following is an authentication protocol in which a new random number is generated uniquely for each login session?

A.
Challenge Handshake Authentication Protocol (CHAP)
A.
Challenge Handshake Authentication Protocol (CHAP)
Answers
B.
Point-to-Point Protocol (PPP)
B.
Point-to-Point Protocol (PPP)
Answers
C.
Extensible Authentication Protocol (EAP)
C.
Extensible Authentication Protocol (EAP)
Answers
D.
Password Authentication Protocol (PAP)
D.
Password Authentication Protocol (PAP)
Answers
Suggested answer: A

Question 116

Report
Export
Collapse

What security management control is MOST often broken by collusion?

A.
Job rotation
A.
Job rotation
Answers
B.
Separation of duties
B.
Separation of duties
Answers
C.
Least privilege model
C.
Least privilege model
Answers
D.
Increased monitoring
D.
Increased monitoring
Answers
Suggested answer: B

Question 117

Report
Export
Collapse

An Intrusion Detection System (IDS) is generating alarms that a user account has over 100 failed login attempts per minute. A sniffer is placed on the network, and a variety of passwords for that user are noted. Which of the following is

MOST likely occurring?

A.
A dictionary attack
A.
A dictionary attack
Answers
B.
A Denial of Service (DoS) attack
B.
A Denial of Service (DoS) attack
Answers
C.
A spoofing attack
C.
A spoofing attack
Answers
D.
A backdoor installation
D.
A backdoor installation
Answers
Suggested answer: A

Question 118

Report
Export
Collapse

An engineer in a software company has created a virus creation tool. The tool can generate thousands of polymorphic viruses. The engineer is planning to use the tool in a controlled environment to test the company's next generation virus scanning software. Which would BEST describe the behavior of the engineer and why?

A.
The behavior is ethical because the tool will be used to create a better virus scanner.
A.
The behavior is ethical because the tool will be used to create a better virus scanner.
Answers
B.
The behavior is ethical because any experienced programmer could create such a tool.
B.
The behavior is ethical because any experienced programmer could create such a tool.
Answers
C.
The behavior is not ethical because creating any kind of virus is bad.
C.
The behavior is not ethical because creating any kind of virus is bad.
Answers
D.
The behavior is not ethical because such a tool could be leaked on the Internet.
D.
The behavior is not ethical because such a tool could be leaked on the Internet.
Answers
Suggested answer: A

Question 119

Report
Export
Collapse

Which of the following Disaster Recovery (DR) sites is the MOST difficult to test?

A.
Hot site
A.
Hot site
Answers
B.
Cold site
B.
Cold site
Answers
C.
Warm site
C.
Warm site
Answers
D.
Mobile site
D.
Mobile site
Answers
Suggested answer: B

Question 120

Report
Export
Collapse

Which of the following statements is TRUE for point-to-point microwave transmissions?

A.
They are not subject to interception due to encryption.
A.
They are not subject to interception due to encryption.
Answers
B.
Interception only depends on signal strength.
B.
Interception only depends on signal strength.
Answers
C.
They are too highly multiplexed for meaningful interception.
C.
They are too highly multiplexed for meaningful interception.
Answers
D.
They are subject to interception by an antenna within proximity.
D.
They are subject to interception by an antenna within proximity.
Answers
Suggested answer: D
Total 1.482 questions
Go to page: of 149
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms