ExamGecko
Search Search Login
Home Home / ISC / CISSP

ISC CISSP Practice Test - Questions Answers, Page 126

Question list
Search
Search

List of questions

Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

Which of the following are all elements of a disaster recovery plan (DRP)?
All of the following items should be included in a Business Impact Analysis (BIA) questionnaire EXCEPT questions that
Which of the following would BEST support effective testing of patch compatibility when patches are applied to an organization's systems?
An organization is preparing to achieve General Data Protection Regulation (GDPR) compliance. The Chief Information Security Officer (CISO) is reviewing data protection methods. Which of the following is the BEST data protection method?
In what phase of the System Development Life Cycle (SDLC) should security training for the development team begin?
Which part of an operating system (OS) is responsible for providing security interfaces among the hardware, OS, and other parts of the computing system?
What balance MUST be considered when web application developers determine how informative application error messages should be constructed?
Backup information that is critical to the organization is identified through a
Data remanence refers to which of the following?
With what frequency should monitoring of a control occur when implementing Information Security Continuous Monitoring (ISCM) solutions?

Question 1251

Report
Export
Collapse

The security architect has been mandated to assess the security of various brands of mobile devices.

At what phase of the product lifecycle would this be MOST likely to occur?

A.
Disposal
A.
Disposal
Answers
B.
Implementation
B.
Implementation
Answers
C.
Development
C.
Development
Answers
D.
Operations and maintenance
D.
Operations and maintenance
Answers
Suggested answer: C

Question 1252

Report
Export
Collapse

A hacker can use a lockout capability to start which of the following attacks?

A.
Denial of service (DoS)
A.
Denial of service (DoS)
Answers
B.
Dictionary
B.
Dictionary
Answers
C.
Ping flood
C.
Ping flood
Answers
D.
Man-in-the-middle (MITM)
D.
Man-in-the-middle (MITM)
Answers
Suggested answer: A

Question 1253

Report
Export
Collapse

An Internet media company produces and broadcasts highly popular television shows. The company is suffering a huge revenue loss due to piracy. What technique should be used to track the distribution of content?

A.
Install the latest data loss prevention (DLP) software at every server used to distribute content.
A.
Install the latest data loss prevention (DLP) software at every server used to distribute content.
Answers
B.
Log user access to servers. Every day those log records are going to be audited by a team of specialized investigators.
B.
Log user access to servers. Every day those log records are going to be audited by a team of specialized investigators.
Answers
C.
Hire several investigators to identify sources of pirated content and report people sharing the content.
C.
Hire several investigators to identify sources of pirated content and report people sharing the content.
Answers
D.
Use watermarking to hide a signature into the digital media such that it can be used to find who is using the company's content.
D.
Use watermarking to hide a signature into the digital media such that it can be used to find who is using the company's content.
Answers
Suggested answer: D

Question 1254

Report
Export
Collapse

Using the cipher text and resultant clear text message to derive the non-alphabetic cipher key is an example of which method of cryptanalytic attack?

A.
Frequency analysis
A.
Frequency analysis
Answers
B.
Ciphertext-only attack
B.
Ciphertext-only attack
Answers
C.
Probable-plaintext attack
C.
Probable-plaintext attack
Answers
D.
Known-plaintext attack
D.
Known-plaintext attack
Answers
Suggested answer: D

Question 1255

Report
Export
Collapse

All hosts on the network are sending logs via syslog-ng to the log collector. The log collector is behind its own firewall, The security professional wants to make sure not to put extra load on the firewall due to the amount of traffic that is passing through it. Which of the following types of filtering would MOST likely be used?

A.
Uniform Resource Locator (URL) Filtering
A.
Uniform Resource Locator (URL) Filtering
Answers
B.
Web Traffic Filtering
B.
Web Traffic Filtering
Answers
C.
Dynamic Packet Filtering
C.
Dynamic Packet Filtering
Answers
D.
Static Packet Filtering
D.
Static Packet Filtering
Answers
Suggested answer: C

Question 1256

Report
Export
Collapse

An organization has been collecting a large amount of redundant and unusable data and filling up the storage area network (SAN). Management has requested the identification of a solution that will address ongoing storage problems.

Which is the BEST technical solution?

A.
Deduplication
A.
Deduplication
Answers
B.
Compression
B.
Compression
Answers
C.
Replication
C.
Replication
Answers
D.
Caching
D.
Caching
Answers
Suggested answer: B

Question 1257

Report
Export
Collapse

A security practitioner has been asked to model best practices for disaster recovery (DR) and business continuity. The practitioner has decided that a formal committee is needed to establish a business continuity policy. Which of the following BEST describes this stage of business continuity development?

A.
Project Initiation and Management
A.
Project Initiation and Management
Answers
B.
Risk Evaluation and Control
B.
Risk Evaluation and Control
Answers
C.
Developing and Implementing business continuity plans (BCP)
C.
Developing and Implementing business continuity plans (BCP)
Answers
D.
Business impact analysis (BIA)
D.
Business impact analysis (BIA)
Answers
Suggested answer: D

Question 1258

Report
Export
Collapse

What is the MOST appropriate hierarchy of documents when implementing a security program?

A.
Organization principle, policy, standard, guideline
A.
Organization principle, policy, standard, guideline
Answers
B.
Policy, organization principle, standard, guideline
B.
Policy, organization principle, standard, guideline
Answers
C.
Standard, policy, organization principle, guideline
C.
Standard, policy, organization principle, guideline
Answers
D.
Organization principle, guideline, policy, standard
D.
Organization principle, guideline, policy, standard
Answers
Suggested answer: C

Question 1259

Report
Export
Collapse

Which of the following is the MOST common cause of system or security failures?

A.
Lack of system documentation
A.
Lack of system documentation
Answers
B.
Lack of physical security controls
B.
Lack of physical security controls
Answers
C.
Lack of change control
C.
Lack of change control
Answers
D.
Lack of logging and monitoring
D.
Lack of logging and monitoring
Answers
Suggested answer: D

Question 1260

Report
Export
Collapse

Which access control method is based on users issuing access requests on system resources, features assigned to those resources, the operational or situational context, and a set of policies specified in terms of those features and context?

A.
Mandatory Access Control (MAC)
A.
Mandatory Access Control (MAC)
Answers
B.
Role Based Access Control (RBAC)
B.
Role Based Access Control (RBAC)
Answers
C.
Discretionary Access Control (DAC)
C.
Discretionary Access Control (DAC)
Answers
D.
Attribute Based Access Control (ABAC)
D.
Attribute Based Access Control (ABAC)
Answers
Suggested answer: B
Total 1.482 questions
Go to page: of 149
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms