ISC CISSP Practice Test - Questions Answers, Page 139

An organization would like to ensure that all new users have a predefined departmental access template applied upon creation. The organization would also like additional access for users to be granted on a per-project basis. What type of user access administration is BEST suited to meet the organization's needs?

A firm within the defense industry has been directed to comply with contractual requirements for encryption of a government client's Controlled Unclassified Information (CUI). What encryption strategy represents how to protect data at rest in the MOST efficient and cost-effective manner?

A software developer installs a game on their organization-provided smartphone. Upon installing the game, the software developer is prompted to allow the game access to call logs, Short Message Service (SMS) messaging, and Global

Positioning System (GPS) location dat a. What has the game MOST likely introduced to the smartphone?

A developer is creating an application that requires secure logging of all user activity. What is the BEST permission the developer should assign to the log file to ensure requirements are met?

What industry-recognized document could be used as a baseline reference that is related to data security and business operations for conducting a security assessment?

A scan report returned multiple vulnerabilities affecting several production servers that are mission critical. Attempts to apply the patches in the development environment have caused the servers to crash. What is the BEST course of action?

Which of the following would be the BEST guideline to follow when attempting to avoid the exposure of sensitive data?

Which application type is considered high risk and provides a common way for malware and viruses to enter a network?

In a disaster recovery (DR) test, which of the following would be a trait of crisis management?