Home / ISC / CISSP / List of questions

Ask Question

ISC CISSP Practice Test - Questions Answers, Page 15

Add to Whishlist

List of questions

Question 141

Passive Infrared Sensors (PIR) used in a non-climate controlled environment should

reduce the detected object temperature in relation to the background temperature.

increase the detected object temperature in relation to the background temperature.

automatically compensate for variance in background temperature.

detect objects of a specific temperature independent of the background temperature.

Show Answer Comment (0)

Question 142

The use of strong authentication, the encryption of Personally Identifiable Information (PII) on database servers, application security reviews, and the encryption of data transmitted across networks provide

data integrity.

defense in depth.

data availability.

non-repudiation.

Show Answer Comment (0)

Question 143

An organization is selecting a service provider to assist in the consolidation of multiple computing sites including development, implementation and ongoing support of various computer systems.

Which of the following MUST be verified by the Information Security Department?

The service provider's policies are consistent with ISO/IEC27001 and there is evidence that the service provider is following those policies.

The service provider will segregate the data within its systems and ensure that each region's policies are met.

The service provider will impose controls and protections that meet or exceed the current systems controls and produce audit logs as verification.

The service provider's policies can meet the requirements imposed by the new environment even if they differ from the organization's current policies.

Show Answer Comment (0)

Question 144

Which of the following is an appropriate source for test data?

Production data that is secured and maintained only in the production environment.

Test data that has no similarities to production datA.

Test data that is mirrored and kept up-to-date with production datA.

Production data that has been sanitized before loading into a test environment.

Show Answer Comment (0)

Question 145

What is the FIRST step in developing a security test and its evaluation?

Determine testing methods

Develop testing procedures

Identify all applicable security requirements

Identify people, processes, and products not in compliance

Show Answer Comment (0)

Question 146

How can a forensic specialist exclude from examination a large percentage of operating system files residing on a copy of the target system?

Take another backup of the media in question then delete all irrelevant operating system files.

Create a comparison database of cryptographic hashes of the files from a system with the same operating system and patch level.

Generate a message digest (MD) or secure hash on the drive image to detect tampering of the media being examined.

Discard harmless files for the operating system, and known installed programs.

Show Answer Comment (0)

Question 147

Which one of the following is a threat related to the use of web-based client side input validation?

Users would be able to alter the input after validation has occurred

The web server would not be able to validate the input after transmission

The client system could receive invalid input from the web server

The web server would not be able to receive invalid input from the client

Show Answer Comment (0)

Question 148

To prevent inadvertent disclosure of restricted information, which of the following would be the LEAST effective process for eliminating data prior to the media being discarded?

Multiple-pass overwriting

Degaussing

High-level formatting

Physical destruction

Show Answer Comment (0)

Question 149

Multi-threaded applications are more at risk than single-threaded applications to

race conditions.

virus infection.

packet sniffing.

database injection.

Show Answer Comment (0)

Question 150

Which of the following is a potential risk when a program runs in privileged mode?

It may serve to create unnecessary code complexity

It may not enforce job separation duties

It may create unnecessary application hardening

It may allow malicious code to be inserted

Show Answer Comment (0)

Question

Case Study

Drag and Drop

Zoom: 100%

Reset OK

Hot Area

Zoom: 100%

Reset OK

Question 141 (0)

Passive Infrared Sensors (PIR) used in a non-climate controlled environment should

Question 142 (0)

The use of strong authentication, the encryption of Personally Identifiable Information (PII) on database servers, application security reviews, and the encryption of data transmitted across network

Question 143 (0)

An organization is selecting a service provider to assist in the consolidation of multiple computing sites including development, implementation and ongoing support of various computer systems. Whi

Question 144 (0)

Which of the following is an appropriate source for test data?

Question 145 (0)

What is the FIRST step in developing a security test and its evaluation?

Question 146 (0)

How can a forensic specialist exclude from examination a large percentage of operating system files residing on a copy of the target system?

Question 147 (0)

Which one of the following is a threat related to the use of web-based client side input validation?

Question 148 (0)

To prevent inadvertent disclosure of restricted information, which of the following would be the LEAST effective process for eliminating data prior to the media being discarded?

Question 149 (0)

Multi-threaded applications are more at risk than single-threaded applications to

Question 150 (0)

Which of the following is a potential risk when a program runs in privileged mode?

Export

with questions and answers will be exported as:

VPLUS file

PDF file (Demo 30 questions)

Highest scored 'comment-votes'

Your question list is being generated. We'll email you once it’s ready.

If you didn't receive an email within 5 minutes, you should submit a support request to [email protected].