ExamGecko
Search Search Login
Home Home / ISC / CISSP

ISC CISSP Practice Test - Questions Answers, Page 145

Question list
Search
Search

List of questions

Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

Which of the following are all elements of a disaster recovery plan (DRP)?
All of the following items should be included in a Business Impact Analysis (BIA) questionnaire EXCEPT questions that
Which of the following would BEST support effective testing of patch compatibility when patches are applied to an organization's systems?
In what phase of the System Development Life Cycle (SDLC) should security training for the development team begin?
Which part of an operating system (OS) is responsible for providing security interfaces among the hardware, OS, and other parts of the computing system?
What balance MUST be considered when web application developers determine how informative application error messages should be constructed?
Backup information that is critical to the organization is identified through a
An organization is preparing to achieve General Data Protection Regulation (GDPR) compliance. The Chief Information Security Officer (CISO) is reviewing data protection methods. Which of the following is the BEST data protection method?
Data remanence refers to which of the following?
With what frequency should monitoring of a control occur when implementing Information Security Continuous Monitoring (ISCM) solutions?

Question 1441

Report
Export
Collapse

A new employee formally reported suspicious behavior to the organization security team. The report claims that someone not affiliated with the organization was inquiring about the member's work location, length of employment, and building access controls. The employee's reporting is MOST likely the result of which of the following?

A.
Risk avoidance
A.
Risk avoidance
Answers
B.
Security engineering
B.
Security engineering
Answers
C.
security awareness
C.
security awareness
Answers
D.
Phishing
D.
Phishing
Answers
Suggested answer: C

Question 1442

Report
Export
Collapse

The MAIN purpose of placing a tamper seal on a computer system's case is to:

A.
raise security awareness.
A.
raise security awareness.
Answers
B.
detect efforts to open the case.
B.
detect efforts to open the case.
Answers
C.
expedite physical auditing.
C.
expedite physical auditing.
Answers
D.
make it difficult to steal internal components.
D.
make it difficult to steal internal components.
Answers
Suggested answer: A

Question 1443

Report
Export
Collapse

An organization is preparing to achieve General Data Protection Regulation (GDPR) compliance. The Chief Information Security Officer (CISO) is reviewing data protection methods.

Which of the following is the BEST data protection method?

A.
Encryption
A.
Encryption
Answers
B.
Backups
B.
Backups
Answers
C.
Data obfuscation
C.
Data obfuscation
Answers
D.
Strong authentication
D.
Strong authentication
Answers
Suggested answer: C

Question 1444

Report
Export
Collapse

Which of the following describes the order in which a digital forensic process is usually conducted?

A.
Ascertain legal authority, agree upon examination strategy, conduct examination, and report results
A.
Ascertain legal authority, agree upon examination strategy, conduct examination, and report results
Answers
B.
Ascertain legal authority, conduct investigation, report results, and agree upon examination strategy
B.
Ascertain legal authority, conduct investigation, report results, and agree upon examination strategy
Answers
C.
Agree upon examination strategy, ascertain legal authority, conduct examination, and report results
C.
Agree upon examination strategy, ascertain legal authority, conduct examination, and report results
Answers
D.
Agree upon examination strategy, ascertain legal authority, report results, and conduct examination
D.
Agree upon examination strategy, ascertain legal authority, report results, and conduct examination
Answers
Suggested answer: A

Question 1445

Report
Export
Collapse

Compared to a traditional network, which of the following is a security-related benefit that softwaredefined networking (SDN) provides?

A.
Centralized network provisioning
A.
Centralized network provisioning
Answers
B.
Centralized network administrator control
B.
Centralized network administrator control
Answers
C.
Reduced network latency when scaled
C.
Reduced network latency when scaled
Answers
D.
Reduced hardware footprint and cost
D.
Reduced hardware footprint and cost
Answers
Suggested answer: B

Question 1446

Report
Export
Collapse

Which of the following are mandatory canons for the (ISC)* Code of Ethics?

A.
Develop comprehensive security strategies for the organization.
A.
Develop comprehensive security strategies for the organization.
Answers
B.
Perform is, honestly, fairly, responsibly, and lawfully for the organization.
B.
Perform is, honestly, fairly, responsibly, and lawfully for the organization.
Answers
C.
Create secure data protection policies to principals.
C.
Create secure data protection policies to principals.
Answers
D.
Provide diligent and competent service to principals.
D.
Provide diligent and competent service to principals.
Answers
Suggested answer: D

Question 1447

Report
Export
Collapse

Which of the following is the MOST significant key management problem due to the number of keys created?

A.
Keys are more difficult to provision and
A.
Keys are more difficult to provision and
Answers
B.
Storage of the keys require increased security
B.
Storage of the keys require increased security
Answers
C.
Exponential growth when using asymmetric keys
C.
Exponential growth when using asymmetric keys
Answers
D.
Exponential growth when using symmetric keys
D.
Exponential growth when using symmetric keys
Answers
Suggested answer: B

Question 1448

Report
Export
Collapse

When conducting a third-party risk assessment of a new supplier, which of the following reports should be reviewed to confirm the operating effectiveness of the security, availability, confidentiality, and privacy trust principles?

A.
Service Organization Control (SOC) 1, Type 2
A.
Service Organization Control (SOC) 1, Type 2
Answers
B.
Service Organization Control (SOC) 2, Type 2
B.
Service Organization Control (SOC) 2, Type 2
Answers
C.
International Organization for Standardization (ISO) 27001
C.
International Organization for Standardization (ISO) 27001
Answers
D.
International Organization for Standardization (ISO) 27002
D.
International Organization for Standardization (ISO) 27002
Answers
Suggested answer: B

Question 1449

Report
Export
Collapse

Which of the following is the BEST method a security practitioner can use to ensure that systems and sub-system gracefully handle invalid input?

A.
Negative testing
A.
Negative testing
Answers
B.
Integration testing
B.
Integration testing
Answers
C.
Unit testing
C.
Unit testing
Answers
D.
Acceptance testing
D.
Acceptance testing
Answers
Suggested answer: B

Question 1450

Report
Export
Collapse

Which of the following determines how traffic should flow based on the status of the infrastructure true?

A.
Application plane
A.
Application plane
Answers
B.
Data plane
B.
Data plane
Answers
C.
Control plane
C.
Control plane
Answers
D.
Traffic plane
D.
Traffic plane
Answers
Suggested answer: D
Total 1.482 questions
Go to page: of 149
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms