ExamGecko
Search Search Login
Home Home / ISC / CISSP

ISC CISSP Practice Test - Questions Answers, Page 2

Question list
Search
Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

Which of the following are all elements of a disaster recovery plan (DRP)?
All of the following items should be included in a Business Impact Analysis (BIA) questionnaire EXCEPT questions that
Which of the following would BEST support effective testing of patch compatibility when patches are applied to an organization's systems?
Which part of an operating system (OS) is responsible for providing security interfaces among the hardware, OS, and other parts of the computing system?
In what phase of the System Development Life Cycle (SDLC) should security training for the development team begin?
What balance MUST be considered when web application developers determine how informative application error messages should be constructed?
Backup information that is critical to the organization is identified through a
With what frequency should monitoring of a control occur when implementing Information Security Continuous Monitoring (ISCM) solutions?
An organization is preparing to achieve General Data Protection Regulation (GDPR) compliance. The Chief Information Security Officer (CISO) is reviewing data protection methods. Which of the following is the BEST data protection method?
Data remanence refers to which of the following?

Question 11

Report
Export
Collapse

Which one of the following affects the classification of data?

A.
Assigned security label
A.
Assigned security label
Answers
B.
Multilevel Security (MLS) architecture
B.
Multilevel Security (MLS) architecture
Answers
C.
Minimum query size
C.
Minimum query size
Answers
D.
Passage of time
D.
Passage of time
Answers
Suggested answer: D

Question 12

Report
Export
Collapse

Which of the following BEST describes the responsibilities of a data owner?

A.
Ensuring quality and validation through periodic audits for ongoing data integrity
A.
Ensuring quality and validation through periodic audits for ongoing data integrity
Answers
B.
Maintaining fundamental data availability, including data storage and archiving
B.
Maintaining fundamental data availability, including data storage and archiving
Answers
C.
Ensuring accessibility to appropriate users, maintaining appropriate levels of data security
C.
Ensuring accessibility to appropriate users, maintaining appropriate levels of data security
Answers
D.
Determining the impact the information has on the mission of the organization
D.
Determining the impact the information has on the mission of the organization
Answers
Suggested answer: D

Question 13

Report
Export
Collapse

An organization has doubled in size due to a rapid market share increase. The size of the Information Technology (IT) staff has maintained pace with this growth. The organization hires several contractors whose onsite time is limited. The

IT department has pushed its limits building servers and rolling out workstations and has a backlog of account management requests.

Which contract is BEST in offloading the task from the IT staff?

A.
Platform as a Service (PaaS)
A.
Platform as a Service (PaaS)
Answers
B.
Identity as a Service (IDaaS)
B.
Identity as a Service (IDaaS)
Answers
C.
Desktop as a Service (DaaS)
C.
Desktop as a Service (DaaS)
Answers
D.
Software as a Service (SaaS)
D.
Software as a Service (SaaS)
Answers
Suggested answer: B

Question 14

Report
Export
Collapse

When implementing a data classification program, why is it important to avoid too much granularity?

A.
The process will require too many resources
A.
The process will require too many resources
Answers
B.
It will be difficult to apply to both hardware and software
B.
It will be difficult to apply to both hardware and software
Answers
C.
It will be difficult to assign ownership to the data
C.
It will be difficult to assign ownership to the data
Answers
D.
The process will be perceived as having value
D.
The process will be perceived as having value
Answers
Suggested answer: C

Question 15

Report
Export
Collapse

In a data classification scheme, the data is owned by the

A.
system security managers
A.
system security managers
Answers
B.
business managers
B.
business managers
Answers
C.
Information Technology (IT) managers
C.
Information Technology (IT) managers
Answers
D.
end users
D.
end users
Answers
Suggested answer: B

Question 16

Report
Export
Collapse

Which of the following is an initial consideration when developing an information security management system?

A.
Identify the contractual security obligations that apply to the organizations
A.
Identify the contractual security obligations that apply to the organizations
Answers
B.
Understand the value of the information assets
B.
Understand the value of the information assets
Answers
C.
Identify the level of residual risk that is tolerable to management
C.
Identify the level of residual risk that is tolerable to management
Answers
D.
Identify relevant legislative and regulatory compliance requirements
D.
Identify relevant legislative and regulatory compliance requirements
Answers
Suggested answer: D

Question 17

Report
Export
Collapse

Which of the following is an effective control in preventing electronic cloning of Radio Frequency Identification (RFID) based access cards?

A.
Personal Identity Verification (PIV)
A.
Personal Identity Verification (PIV)
Answers
B.
Cardholder Unique Identifier (CHUID) authentication
B.
Cardholder Unique Identifier (CHUID) authentication
Answers
C.
Physical Access Control System (PACS) repeated attempt detection
C.
Physical Access Control System (PACS) repeated attempt detection
Answers
D.
Asymmetric Card Authentication Key (CAK) challenge-response
D.
Asymmetric Card Authentication Key (CAK) challenge-response
Answers
Suggested answer: A

Question 18

Report
Export
Collapse

Which security service is served by the process of encryption plaintext with the sender's private key and decrypting cipher text with the sender's public key?

A.
Confidentiality
A.
Confidentiality
Answers
B.
Integrity
B.
Integrity
Answers
C.
Identification
C.
Identification
Answers
D.
Availability
D.
Availability
Answers
Suggested answer: A

Question 19

Report
Export
Collapse

Which of the following mobile code security models relies only on trust?

A.
Code signing
A.
Code signing
Answers
B.
Class authentication
B.
Class authentication
Answers
C.
Sandboxing
C.
Sandboxing
Answers
D.
Type safety
D.
Type safety
Answers
Suggested answer: A

Question 20

Report
Export
Collapse

Which technique can be used to make an encryption scheme more resistant to a known plaintext attack?

A.
Hashing the data before encryption
A.
Hashing the data before encryption
Answers
B.
Hashing the data after encryption
B.
Hashing the data after encryption
Answers
C.
Compressing the data after encryption
C.
Compressing the data after encryption
Answers
D.
Compressing the data before encryption
D.
Compressing the data before encryption
Answers
Suggested answer: D
Total 1.482 questions
Go to page: of 149
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms