ExamGecko
Search Search Login
Home Home / ISC / CISSP

ISC CISSP Practice Test - Questions Answers, Page 15

Question list
Search
Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

Which of the following are all elements of a disaster recovery plan (DRP)?
All of the following items should be included in a Business Impact Analysis (BIA) questionnaire EXCEPT questions that
Which of the following would BEST support effective testing of patch compatibility when patches are applied to an organization's systems?
In what phase of the System Development Life Cycle (SDLC) should security training for the development team begin?
An organization is preparing to achieve General Data Protection Regulation (GDPR) compliance. The Chief Information Security Officer (CISO) is reviewing data protection methods. Which of the following is the BEST data protection method?
Which part of an operating system (OS) is responsible for providing security interfaces among the hardware, OS, and other parts of the computing system?
What balance MUST be considered when web application developers determine how informative application error messages should be constructed?
Backup information that is critical to the organization is identified through a
Data remanence refers to which of the following?
With what frequency should monitoring of a control occur when implementing Information Security Continuous Monitoring (ISCM) solutions?

Question 141

Report
Export
Collapse

Passive Infrared Sensors (PIR) used in a non-climate controlled environment should

A.
reduce the detected object temperature in relation to the background temperature.
A.
reduce the detected object temperature in relation to the background temperature.
Answers
B.
increase the detected object temperature in relation to the background temperature.
B.
increase the detected object temperature in relation to the background temperature.
Answers
C.
automatically compensate for variance in background temperature.
C.
automatically compensate for variance in background temperature.
Answers
D.
detect objects of a specific temperature independent of the background temperature.
D.
detect objects of a specific temperature independent of the background temperature.
Answers
Suggested answer: C

Question 142

Report
Export
Collapse

The use of strong authentication, the encryption of Personally Identifiable Information (PII) on database servers, application security reviews, and the encryption of data transmitted across networks provide

A.
data integrity.
A.
data integrity.
Answers
B.
defense in depth.
B.
defense in depth.
Answers
C.
data availability.
C.
data availability.
Answers
D.
non-repudiation.
D.
non-repudiation.
Answers
Suggested answer: B

Question 143

Report
Export
Collapse

An organization is selecting a service provider to assist in the consolidation of multiple computing sites including development, implementation and ongoing support of various computer systems.

Which of the following MUST be verified by the Information Security Department?

A.
The service provider's policies are consistent with ISO/IEC27001 and there is evidence that the service provider is following those policies.
A.
The service provider's policies are consistent with ISO/IEC27001 and there is evidence that the service provider is following those policies.
Answers
B.
The service provider will segregate the data within its systems and ensure that each region's policies are met.
B.
The service provider will segregate the data within its systems and ensure that each region's policies are met.
Answers
C.
The service provider will impose controls and protections that meet or exceed the current systems controls and produce audit logs as verification.
C.
The service provider will impose controls and protections that meet or exceed the current systems controls and produce audit logs as verification.
Answers
D.
The service provider's policies can meet the requirements imposed by the new environment even if they differ from the organization's current policies.
D.
The service provider's policies can meet the requirements imposed by the new environment even if they differ from the organization's current policies.
Answers
Suggested answer: D

Question 144

Report
Export
Collapse

Which of the following is an appropriate source for test data?

A.
Production data that is secured and maintained only in the production environment.
A.
Production data that is secured and maintained only in the production environment.
Answers
B.
Test data that has no similarities to production datA.
B.
Test data that has no similarities to production datA.
Answers
C.
Test data that is mirrored and kept up-to-date with production datA.
C.
Test data that is mirrored and kept up-to-date with production datA.
Answers
D.
Production data that has been sanitized before loading into a test environment.
D.
Production data that has been sanitized before loading into a test environment.
Answers
Suggested answer: D

Question 145

Report
Export
Collapse

What is the FIRST step in developing a security test and its evaluation?

A.
Determine testing methods
A.
Determine testing methods
Answers
B.
Develop testing procedures
B.
Develop testing procedures
Answers
C.
Identify all applicable security requirements
C.
Identify all applicable security requirements
Answers
D.
Identify people, processes, and products not in compliance
D.
Identify people, processes, and products not in compliance
Answers
Suggested answer: C

Question 146

Report
Export
Collapse

How can a forensic specialist exclude from examination a large percentage of operating system files residing on a copy of the target system?

A.
Take another backup of the media in question then delete all irrelevant operating system files.
A.
Take another backup of the media in question then delete all irrelevant operating system files.
Answers
B.
Create a comparison database of cryptographic hashes of the files from a system with the same operating system and patch level.
B.
Create a comparison database of cryptographic hashes of the files from a system with the same operating system and patch level.
Answers
C.
Generate a message digest (MD) or secure hash on the drive image to detect tampering of the media being examined.
C.
Generate a message digest (MD) or secure hash on the drive image to detect tampering of the media being examined.
Answers
D.
Discard harmless files for the operating system, and known installed programs.
D.
Discard harmless files for the operating system, and known installed programs.
Answers
Suggested answer: B

Question 147

Report
Export
Collapse

Which one of the following is a threat related to the use of web-based client side input validation?

A.
Users would be able to alter the input after validation has occurred
A.
Users would be able to alter the input after validation has occurred
Answers
B.
The web server would not be able to validate the input after transmission
B.
The web server would not be able to validate the input after transmission
Answers
C.
The client system could receive invalid input from the web server
C.
The client system could receive invalid input from the web server
Answers
D.
The web server would not be able to receive invalid input from the client
D.
The web server would not be able to receive invalid input from the client
Answers
Suggested answer: A

Question 148

Report
Export
Collapse

To prevent inadvertent disclosure of restricted information, which of the following would be the LEAST effective process for eliminating data prior to the media being discarded?

A.
Multiple-pass overwriting
A.
Multiple-pass overwriting
Answers
B.
Degaussing
B.
Degaussing
Answers
C.
High-level formatting
C.
High-level formatting
Answers
D.
Physical destruction
D.
Physical destruction
Answers
Suggested answer: C

Question 149

Report
Export
Collapse

Multi-threaded applications are more at risk than single-threaded applications to

A.
race conditions.
A.
race conditions.
Answers
B.
virus infection.
B.
virus infection.
Answers
C.
packet sniffing.
C.
packet sniffing.
Answers
D.
database injection.
D.
database injection.
Answers
Suggested answer: A

Question 150

Report
Export
Collapse

Which of the following is a potential risk when a program runs in privileged mode?

A.
It may serve to create unnecessary code complexity
A.
It may serve to create unnecessary code complexity
Answers
B.
It may not enforce job separation duties
B.
It may not enforce job separation duties
Answers
C.
It may create unnecessary application hardening
C.
It may create unnecessary application hardening
Answers
D.
It may allow malicious code to be inserted
D.
It may allow malicious code to be inserted
Answers
Suggested answer: D
Total 1.482 questions
Go to page: of 149
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms