ExamGecko
Search Search Login
Home Home / ISC / CISSP

ISC CISSP Practice Test - Questions Answers, Page 137

Question list
Search
Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

Which of the following are all elements of a disaster recovery plan (DRP)?
All of the following items should be included in a Business Impact Analysis (BIA) questionnaire EXCEPT questions that
Which of the following would BEST support effective testing of patch compatibility when patches are applied to an organization's systems?
In what phase of the System Development Life Cycle (SDLC) should security training for the development team begin?
An organization is preparing to achieve General Data Protection Regulation (GDPR) compliance. The Chief Information Security Officer (CISO) is reviewing data protection methods. Which of the following is the BEST data protection method?
Which part of an operating system (OS) is responsible for providing security interfaces among the hardware, OS, and other parts of the computing system?
What balance MUST be considered when web application developers determine how informative application error messages should be constructed?
Backup information that is critical to the organization is identified through a
Data remanence refers to which of the following?
With what frequency should monitoring of a control occur when implementing Information Security Continuous Monitoring (ISCM) solutions?

Question 1361

Report
Export
Collapse

When auditing the Software Development Life Cycle (SDLC) which of the following is one of the highlevel audit phases?

A.
Requirements
A.
Requirements
Answers
B.
Risk assessment
B.
Risk assessment
Answers
C.
Due diligence
C.
Due diligence
Answers
D.
Planning
D.
Planning
Answers
Suggested answer: B

Question 1362

Report
Export
Collapse

Which of the following BEST describes the purpose of Border Gateway Protocol (BGP)?

A.
Maintain a list of network paths between internet routers.
A.
Maintain a list of network paths between internet routers.
Answers
B.
Provide Routing Information Protocol (RIP) version 2 advertisements to neighboring layer 3 devices.
B.
Provide Routing Information Protocol (RIP) version 2 advertisements to neighboring layer 3 devices.
Answers
C.
Provide firewall services to cloud-enabled applications.
C.
Provide firewall services to cloud-enabled applications.
Answers
D.
Maintain a list of efficient network paths between autonomous systems.
D.
Maintain a list of efficient network paths between autonomous systems.
Answers
Suggested answer: B

Question 1363

Report
Export
Collapse

Which of the following is the PRIMARY purpose of installing a mantrap within a facility?

A.
Control traffic
A.
Control traffic
Answers
B.
Prevent rapid movement
B.
Prevent rapid movement
Answers
C.
Prevent plggybacking
C.
Prevent plggybacking
Answers
D.
Control air flow
D.
Control air flow
Answers
Suggested answer: C

Question 1364

Report
Export
Collapse

A security professional can BEST mitigate the risk of using a Commercial Off-The-Shelf (COTS) solution by deploying the application with which of the following controls in ?

A.
Whitelisting application
A.
Whitelisting application
Answers
B.
Network segmentation
B.
Network segmentation
Answers
C.
Hardened configuration
C.
Hardened configuration
Answers
D.
Blacklisting application
D.
Blacklisting application
Answers
Suggested answer: A

Question 1365

Report
Export
Collapse

Which of the following would an information security professional use to recognize changes to content, particularly unauthorized changes?

A.
File Integrity Checker
A.
File Integrity Checker
Answers
B.
Security information and event management (SIEM) system
B.
Security information and event management (SIEM) system
Answers
C.
Audit Logs
C.
Audit Logs
Answers
D.
Intrusion detection system (IDS)
D.
Intrusion detection system (IDS)
Answers
Suggested answer: A

Question 1366

Report
Export
Collapse

An organization with divisions in the United States (US) and the United Kingdom (UK) processes data comprised of personal information belonging to subjects living in the European Union (EU) and in the US. Which data MUST be handled according to the privacy protections of General Data Protection Regulation (GDPR)?

A.
Only the EU citizens' data
A.
Only the EU citizens' data
Answers
B.
Only the EU residents' data
B.
Only the EU residents' data
Answers
C.
Only the UK citizens' data
C.
Only the UK citizens' data
Answers
D.
Only data processed in the UK
D.
Only data processed in the UK
Answers
Suggested answer: A

Question 1367

Report
Export
Collapse

Which of the following has the responsibility of information technology (IT) governance?

A.
Chief Information Officer (CIO)
A.
Chief Information Officer (CIO)
Answers
B.
Senior IT Management
B.
Senior IT Management
Answers
C.
Board of Directors
C.
Board of Directors
Answers
D.
Chief Information Security Officer (CISO)
D.
Chief Information Security Officer (CISO)
Answers
Suggested answer: A

Question 1368

Report
Export
Collapse

Dumpster diving is a technique used in which stage of penetration testing methodology?

A.
Attack
A.
Attack
Answers
B.
Discovery
B.
Discovery
Answers
C.
Reporting
C.
Reporting
Answers
D.
Planning
D.
Planning
Answers
Suggested answer: B

Question 1369

Report
Export
Collapse

What is the MOST common cause of Remote Desktop Protocol (RDP) compromise?

A.
Port scan
A.
Port scan
Answers
B.
Brute force attack
B.
Brute force attack
Answers
C.
Remote exploit
C.
Remote exploit
Answers
D.
Social engineering
D.
Social engineering
Answers
Suggested answer: B

Question 1370

Report
Export
Collapse

An organization is looking to include mobile devices in its asset management system for better tracking. In which system tier of the reference architecture would mobile devices be tracked?

A.
0
A.
0
Answers
B.
1
B.
1
Answers
C.
2
C.
2
Answers
D.
3
D.
3
Answers
Suggested answer: A
Total 1.482 questions
Go to page: of 149
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms