ExamGecko
Search Search Login
Home Home / ISC / CISSP

ISC CISSP Practice Test - Questions Answers, Page 135

Question list
Search
Search

List of questions

Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

Which of the following are all elements of a disaster recovery plan (DRP)?
All of the following items should be included in a Business Impact Analysis (BIA) questionnaire EXCEPT questions that
Which of the following would BEST support effective testing of patch compatibility when patches are applied to an organization's systems?
In what phase of the System Development Life Cycle (SDLC) should security training for the development team begin?
An organization is preparing to achieve General Data Protection Regulation (GDPR) compliance. The Chief Information Security Officer (CISO) is reviewing data protection methods. Which of the following is the BEST data protection method?
Which part of an operating system (OS) is responsible for providing security interfaces among the hardware, OS, and other parts of the computing system?
What balance MUST be considered when web application developers determine how informative application error messages should be constructed?
Backup information that is critical to the organization is identified through a
Data remanence refers to which of the following?
With what frequency should monitoring of a control occur when implementing Information Security Continuous Monitoring (ISCM) solutions?

Question 1341

Report
Export
Collapse

When telephones in a city are connected by a single exchange, the caller can only connect with the switchboard operator. The operator then manually connects the call.

This is an example of which type of network topology?

A.
Star
A.
Star
Answers
B.
Tree
B.
Tree
Answers
C.
Point-to-Point Protocol (PPP)
C.
Point-to-Point Protocol (PPP)
Answers
D.
Bus
D.
Bus
Answers
Suggested answer: A

Question 1342

Report
Export
Collapse

Which of the following departments initiates the request, approval, and provisioning business process?

A.
Operations
A.
Operations
Answers
B.
Human resources (HR)
B.
Human resources (HR)
Answers
C.
Information technology (IT)
C.
Information technology (IT)
Answers
D.
Security
D.
Security
Answers
Suggested answer: A

Question 1343

Report
Export
Collapse

Which of the following should be done at a disaster site before any item is removed, repaired, or replaced?

A.
Take photos of the damage
A.
Take photos of the damage
Answers
B.
Notify all of the Board of Directors
B.
Notify all of the Board of Directors
Answers
C.
Communicate with the press following the communications plan
C.
Communicate with the press following the communications plan
Answers
D.
Dispatch personnel to the disaster recovery (DR) site
D.
Dispatch personnel to the disaster recovery (DR) site
Answers
Suggested answer: A

Question 1344

Report
Export
Collapse

Which organizational department is ultimately responsible for information governance related to email and other e-records?

A.
Audit
A.
Audit
Answers
B.
Compliance
B.
Compliance
Answers
C.
Legal
C.
Legal
Answers
D.
Security
D.
Security
Answers
Suggested answer: C

Question 1345

Report
Export
Collapse

What is the FIRST step in risk management?

A.
Establish the expectations of stakeholder involvement.
A.
Establish the expectations of stakeholder involvement.
Answers
B.
Identify the factors that have potential to impact business.
B.
Identify the factors that have potential to impact business.
Answers
C.
Establish the scope and actions required.
C.
Establish the scope and actions required.
Answers
D.
Identify existing controls in the environment.
D.
Identify existing controls in the environment.
Answers
Suggested answer: C

Question 1346

Report
Export
Collapse

Which element of software supply chain management has the GREATEST security risk to organizations?

A.
New software development skills are hard to acquire.
A.
New software development skills are hard to acquire.
Answers
B.
Unsupported libraries are often used.
B.
Unsupported libraries are often used.
Answers
C.
Applications with multiple contributors are difficult to evaluate.
C.
Applications with multiple contributors are difficult to evaluate.
Answers
D.
Vulnerabilities are difficult to detect.
D.
Vulnerabilities are difficult to detect.
Answers
Suggested answer: B

Question 1347

Report
Export
Collapse

A colleague who recently left the organization asked a security professional for a copy of the organization's confidential incident management policy. Which of the following is the BEST response to this request?

A.
Email the policy to the colleague as they were already part of the organization and familiar with it.
A.
Email the policy to the colleague as they were already part of the organization and familiar with it.
Answers
B.
Do not acknowledge receiving the request from the former colleague and ignore them.
B.
Do not acknowledge receiving the request from the former colleague and ignore them.
Answers
C.
Access the policy on a company-issued device and let the former colleague view the screen.
C.
Access the policy on a company-issued device and let the former colleague view the screen.
Answers
D.
Submit the request using company official channels to ensure the policy is okay to distribute.
D.
Submit the request using company official channels to ensure the policy is okay to distribute.
Answers
Suggested answer: B

Question 1348

Report
Export
Collapse

Within a large organization, what business unit is BEST positioned to initiate provisioning and deprovisioning of user accounts?

A.
Training department
A.
Training department
Answers
B.
Internal audit
B.
Internal audit
Answers
C.
Human resources
C.
Human resources
Answers
D.
Information technology (IT)
D.
Information technology (IT)
Answers
Suggested answer: C

Question 1349

Report
Export
Collapse

An enterprise is developing a baseline cybersecurity standard its suppliers must meet before being awarded a contract. Which of the following statements is TRUE about the baseline cybersecurity standard?

A.
It should be expressed as general requirements.
A.
It should be expressed as general requirements.
Answers
B.
It should be expressed in legal terminology.
B.
It should be expressed in legal terminology.
Answers
C.
It should be expressed in business terminology.
C.
It should be expressed in business terminology.
Answers
D.
It should be expressed as technical requirements.
D.
It should be expressed as technical requirements.
Answers
Suggested answer: D

Question 1350

Report
Export
Collapse

Which of the following is the MOST effective strategy to prevent an attacker from disabling a network?

A.
Test business continuity and disaster recovery (DR) plans.
A.
Test business continuity and disaster recovery (DR) plans.
Answers
B.
Design networks with the ability to adapt, reconfigure, and fail over.
B.
Design networks with the ability to adapt, reconfigure, and fail over.
Answers
C.
Implement network segmentation to achieve robustness.
C.
Implement network segmentation to achieve robustness.
Answers
D.
Follow security guidelines to prevent unauthorized network access.
D.
Follow security guidelines to prevent unauthorized network access.
Answers
Suggested answer: D
Total 1.482 questions
Go to page: of 149
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms