ExamGecko
Search Search Login
Home Home / ISC / CISSP

ISC CISSP Practice Test - Questions Answers, Page 13

Question list
Search
Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

Which of the following are all elements of a disaster recovery plan (DRP)?
All of the following items should be included in a Business Impact Analysis (BIA) questionnaire EXCEPT questions that
Which of the following would BEST support effective testing of patch compatibility when patches are applied to an organization's systems?
In what phase of the System Development Life Cycle (SDLC) should security training for the development team begin?
An organization is preparing to achieve General Data Protection Regulation (GDPR) compliance. The Chief Information Security Officer (CISO) is reviewing data protection methods. Which of the following is the BEST data protection method?
Which part of an operating system (OS) is responsible for providing security interfaces among the hardware, OS, and other parts of the computing system?
What balance MUST be considered when web application developers determine how informative application error messages should be constructed?
Backup information that is critical to the organization is identified through a
Data remanence refers to which of the following?
With what frequency should monitoring of a control occur when implementing Information Security Continuous Monitoring (ISCM) solutions?

Question 121

Report
Export
Collapse

The key benefits of a signed and encrypted e-mail include

A.
confidentiality, authentication, and authorization.
A.
confidentiality, authentication, and authorization.
Answers
B.
confidentiality, non-repudiation, and authentication.
B.
confidentiality, non-repudiation, and authentication.
Answers
C.
non-repudiation, authorization, and authentication.
C.
non-repudiation, authorization, and authentication.
Answers
D.
non-repudiation, confidentiality, and authorization.
D.
non-repudiation, confidentiality, and authorization.
Answers
Suggested answer: B

Question 122

Report
Export
Collapse

Copyright provides protection for which of the following?

A.
Ideas expressed in literary works
A.
Ideas expressed in literary works
Answers
B.
A particular expression of an idea
B.
A particular expression of an idea
Answers
C.
New and non-obvious inventions
C.
New and non-obvious inventions
Answers
D.
Discoveries of natural phenomena
D.
Discoveries of natural phenomena
Answers
Suggested answer: B

Question 123

Report
Export
Collapse

Which of the following is TRUE about Disaster Recovery Plan (DRP) testing?

A.
Operational networks are usually shut down during testing.
A.
Operational networks are usually shut down during testing.
Answers
B.
Testing should continue even if components of the test fail.
B.
Testing should continue even if components of the test fail.
Answers
C.
The company is fully prepared for a disaster if all tests pass.
C.
The company is fully prepared for a disaster if all tests pass.
Answers
D.
Testing should not be done until the entire disaster plan can be tested.
D.
Testing should not be done until the entire disaster plan can be tested.
Answers
Suggested answer: B

Question 124

Report
Export
Collapse

Which of the following is the FIRST step of a penetration test plan?

A.
Analyzing a network diagram of the target network
A.
Analyzing a network diagram of the target network
Answers
B.
Notifying the company's customers
B.
Notifying the company's customers
Answers
C.
Obtaining the approval of the company's management
C.
Obtaining the approval of the company's management
Answers
D.
Scheduling the penetration test during a period of least impact
D.
Scheduling the penetration test during a period of least impact
Answers
Suggested answer: C

Question 125

Report
Export
Collapse

Which of the following actions should be performed when implementing a change to a database schema in a production system?

A.
Test in development, determine dates, notify users, and implement in production
A.
Test in development, determine dates, notify users, and implement in production
Answers
B.
Apply change to production, run in parallel, finalize change in production, and develop a back-out strategy
B.
Apply change to production, run in parallel, finalize change in production, and develop a back-out strategy
Answers
C.
Perform user acceptance testing in production, have users sign off, and finalize change
C.
Perform user acceptance testing in production, have users sign off, and finalize change
Answers
D.
Change in development, perform user acceptance testing, develop a back-out strategy, and implement change
D.
Change in development, perform user acceptance testing, develop a back-out strategy, and implement change
Answers
Suggested answer: D

Question 126

Report
Export
Collapse

Which of the following is a method used to prevent Structured Query Language (SQL) injection attacks?

A.
Data compression
A.
Data compression
Answers
B.
Data classification
B.
Data classification
Answers
C.
Data warehousing
C.
Data warehousing
Answers
D.
Data validation
D.
Data validation
Answers
Suggested answer: D

Question 127

Report
Export
Collapse

The BEST method of demonstrating a company's security level to potential customers is

A.
a report from an external auditor.
A.
a report from an external auditor.
Answers
B.
responding to a customer's security questionnaire.
B.
responding to a customer's security questionnaire.
Answers
C.
a formal report from an internal auditor.
C.
a formal report from an internal auditor.
Answers
D.
a site visit by a customer's security team.
D.
a site visit by a customer's security team.
Answers
Suggested answer: A

Question 128

Report
Export
Collapse

Which of the following does Temporal Key Integrity Protocol (TKIP) support?

A.
Multicast and broadcast messages
A.
Multicast and broadcast messages
Answers
B.
Coordination of IEEE 802.11 protocols
B.
Coordination of IEEE 802.11 protocols
Answers
C.
Wired Equivalent Privacy (WEP) systems
C.
Wired Equivalent Privacy (WEP) systems
Answers
D.
Synchronization of multiple devices
D.
Synchronization of multiple devices
Answers
Suggested answer: C

Question 129

Report
Export
Collapse

The stringency of an Information Technology (IT) security assessment will be determined by the

A.
system's past security record.
A.
system's past security record.
Answers
B.
size of the system's database.
B.
size of the system's database.
Answers
C.
sensitivity of the system's datA.
C.
sensitivity of the system's datA.
Answers
D.
age of the system.
D.
age of the system.
Answers
Suggested answer: C

Question 130

Report
Export
Collapse

What should be the INITIAL response to Intrusion Detection System/Intrusion Prevention System (IDS/IPS) alerts?

A.
Ensure that the Incident Response Plan is available and current.
A.
Ensure that the Incident Response Plan is available and current.
Answers
B.
Determine the traffic's initial source and block the appropriate port.
B.
Determine the traffic's initial source and block the appropriate port.
Answers
C.
Disable or disconnect suspected target and source systems.
C.
Disable or disconnect suspected target and source systems.
Answers
D.
Verify the threat and determine the scope of the attack.
D.
Verify the threat and determine the scope of the attack.
Answers
Suggested answer: D
Total 1.482 questions
Go to page: of 149
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms