ExamGecko
Search Search Login
Home Home / ISC / CISSP

ISC CISSP Practice Test - Questions Answers, Page 125

Question list
Search
Search

List of questions

Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

Which of the following are all elements of a disaster recovery plan (DRP)?
All of the following items should be included in a Business Impact Analysis (BIA) questionnaire EXCEPT questions that
Which of the following would BEST support effective testing of patch compatibility when patches are applied to an organization's systems?
An organization is preparing to achieve General Data Protection Regulation (GDPR) compliance. The Chief Information Security Officer (CISO) is reviewing data protection methods. Which of the following is the BEST data protection method?
In what phase of the System Development Life Cycle (SDLC) should security training for the development team begin?
Which part of an operating system (OS) is responsible for providing security interfaces among the hardware, OS, and other parts of the computing system?
What balance MUST be considered when web application developers determine how informative application error messages should be constructed?
Backup information that is critical to the organization is identified through a
Data remanence refers to which of the following?
With what frequency should monitoring of a control occur when implementing Information Security Continuous Monitoring (ISCM) solutions?

Question 1241

Report
Export
Collapse

What is the FIRST step in reducing the exposure of a network to Internet Control Message Protocol (ICMP) based attacks?

A.
Implement egress filtering at the organization's network boundary.
A.
Implement egress filtering at the organization's network boundary.
Answers
B.
Implement network access control lists (ACL).
B.
Implement network access control lists (ACL).
Answers
C.
Implement a web application firewall (WAF).
C.
Implement a web application firewall (WAF).
Answers
D.
Implement an intrusion prevention system (IPS).
D.
Implement an intrusion prevention system (IPS).
Answers
Suggested answer: B

Question 1242

Report
Export
Collapse

A system developer has a requirement for an application to check for a secure digital signature before the application is accessed on a user's laptop. Which security mechanism addresses this requirement?

A.
Hardware encryption
A.
Hardware encryption
Answers
B.
Certificate revocation list (CRL) policy
B.
Certificate revocation list (CRL) policy
Answers
C.
Trusted Platform Module (TPM)
C.
Trusted Platform Module (TPM)
Answers
D.
Key exchange
D.
Key exchange
Answers
Suggested answer: B

Question 1243

Report
Export
Collapse

The security organization is looking for a solution that could help them determine with a strong level of confidence that attackers have breached their network. Which solution is MOST effective at discovering a successful network breach?

A.
Deploying a honeypot
A.
Deploying a honeypot
Answers
B.
Developing a sandbox
B.
Developing a sandbox
Answers
C.
Installing an intrusion prevention system (IPS)
C.
Installing an intrusion prevention system (IPS)
Answers
D.
Installing an intrusion detection system (IDS)
D.
Installing an intrusion detection system (IDS)
Answers
Suggested answer: A

Question 1244

Report
Export
Collapse

A security architect is reviewing plans for an application with a Recovery Point Objective (RPO) of 15 minutes. The current design has all of the application infrastructure located within one co-location data center. Which security principle is the architect currently assessing?

A.
Availability
A.
Availability
Answers
B.
Disaster recovery (DR)
B.
Disaster recovery (DR)
Answers
C.
Redundancy
C.
Redundancy
Answers
D.
Business continuity (BC)
D.
Business continuity (BC)
Answers
Suggested answer: D

Question 1245

Report
Export
Collapse

Which of the following outsourcing agreement provisions has the HIGHEST priority from a security operations perspective?

A.
Conditions to prevent the use of subcontractors
A.
Conditions to prevent the use of subcontractors
Answers
B.
Terms for contract renegotiation in case of disaster
B.
Terms for contract renegotiation in case of disaster
Answers
C.
Escalation process for problem resolution during incidents
C.
Escalation process for problem resolution during incidents
Answers
D.
Root cause analysis for application performance issue
D.
Root cause analysis for application performance issue
Answers
Suggested answer: D

Question 1246

Report
Export
Collapse

When designing a Cyber-Physical System (CPS), which of the following should be a security practitioner's first consideration?

A.
Detection of sophisticated attackers
A.
Detection of sophisticated attackers
Answers
B.
Resiliency of the system
B.
Resiliency of the system
Answers
C.
Topology of the network used for the system
C.
Topology of the network used for the system
Answers
D.
Risk assessment of the system
D.
Risk assessment of the system
Answers
Suggested answer: B

Question 1247

Report
Export
Collapse

A security professional was tasked with rebuilding a company's wireless infrastructure. Which of the following are the MOST important factors to consider while making a decision on which wireless spectrum to deploy?

A.
Hybrid frequency band, service set identifier (SSID), and interpolation
A.
Hybrid frequency band, service set identifier (SSID), and interpolation
Answers
B.
Performance, geographic location, and radio signal interference
B.
Performance, geographic location, and radio signal interference
Answers
C.
Facility size, intermodulation, and direct satellite service
C.
Facility size, intermodulation, and direct satellite service
Answers
D.
Existing client devices, manufacturer reputation, and electrical interference
D.
Existing client devices, manufacturer reputation, and electrical interference
Answers
Suggested answer: D

Question 1248

Report
Export
Collapse

A subscription service which provides power, climate control, raised flooring, and telephone wiring but NOT the computer and peripheral equipment is BEST described as a:

A.
warm site.
A.
warm site.
Answers
B.
reciprocal site.
B.
reciprocal site.
Answers
C.
sicold site.
C.
sicold site.
Answers
D.
hot site.
D.
hot site.
Answers
Suggested answer: C

Question 1249

Report
Export
Collapse

Which of the following is the PRIMARY goal of logical access controls?

A.
Restrict access to an information asset.
A.
Restrict access to an information asset.
Answers
B.
Ensure integrity of an information asset.
B.
Ensure integrity of an information asset.
Answers
C.
Restrict physical access to an information asset.
C.
Restrict physical access to an information asset.
Answers
D.
Ensure availability of an information asset.
D.
Ensure availability of an information asset.
Answers
Suggested answer: C

Question 1250

Report
Export
Collapse

The ability to send malicious code, generally in the form of a client side script, to a different end user is categorized as which type of vulnerability?

A.
Session hijacking
A.
Session hijacking
Answers
B.
Cross-site request forgery (CSRF)
B.
Cross-site request forgery (CSRF)
Answers
C.
Cross-Site Scripting (XSS)
C.
Cross-Site Scripting (XSS)
Answers
D.
Command injection
D.
Command injection
Answers
Suggested answer: C
Total 1.482 questions
Go to page: of 149
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms