ExamGecko
Login
Home / ISC / CISSP / List of questions
Ask Question

ISC CISSP Practice Test - Questions Answers, Page 2

List of questions

Question 11

Report Export Collapse

Which one of the following affects the classification of data?

Assigned security label
Assigned security label
Multilevel Security (MLS) architecture
Multilevel Security (MLS) architecture
Minimum query size
Minimum query size
Passage of time
Passage of time
Suggested answer: D
asked 18/09/2024
Trung Phan
50 questions

Question 12

Report Export Collapse

Which of the following BEST describes the responsibilities of a data owner?

Ensuring quality and validation through periodic audits for ongoing data integrity
Ensuring quality and validation through periodic audits for ongoing data integrity
Maintaining fundamental data availability, including data storage and archiving
Maintaining fundamental data availability, including data storage and archiving
Ensuring accessibility to appropriate users, maintaining appropriate levels of data security
Ensuring accessibility to appropriate users, maintaining appropriate levels of data security
Determining the impact the information has on the mission of the organization
Determining the impact the information has on the mission of the organization
Suggested answer: D
asked 18/09/2024
CATALIN FLORESCU
39 questions

Question 13

Report Export Collapse

An organization has doubled in size due to a rapid market share increase. The size of the Information Technology (IT) staff has maintained pace with this growth. The organization hires several contractors whose onsite time is limited. The

IT department has pushed its limits building servers and rolling out workstations and has a backlog of account management requests.

Which contract is BEST in offloading the task from the IT staff?

Platform as a Service (PaaS)
Platform as a Service (PaaS)
Identity as a Service (IDaaS)
Identity as a Service (IDaaS)
Desktop as a Service (DaaS)
Desktop as a Service (DaaS)
Software as a Service (SaaS)
Software as a Service (SaaS)
Suggested answer: B
asked 18/09/2024
Cristi Savin
52 questions

Question 14

Report Export Collapse

When implementing a data classification program, why is it important to avoid too much granularity?

The process will require too many resources
The process will require too many resources
It will be difficult to apply to both hardware and software
It will be difficult to apply to both hardware and software
It will be difficult to assign ownership to the data
It will be difficult to assign ownership to the data
The process will be perceived as having value
The process will be perceived as having value
Suggested answer: C
asked 18/09/2024
javier mungaray
43 questions

Question 15

Report Export Collapse

In a data classification scheme, the data is owned by the

system security managers
system security managers
business managers
business managers
Information Technology (IT) managers
Information Technology (IT) managers
end users
end users
Suggested answer: B
asked 18/09/2024
Wislon Pereira
41 questions

Question 16

Report Export Collapse

Which of the following is an initial consideration when developing an information security management system?

Identify the contractual security obligations that apply to the organizations
Identify the contractual security obligations that apply to the organizations
Understand the value of the information assets
Understand the value of the information assets
Identify the level of residual risk that is tolerable to management
Identify the level of residual risk that is tolerable to management
Identify relevant legislative and regulatory compliance requirements
Identify relevant legislative and regulatory compliance requirements
Suggested answer: D
asked 18/09/2024
Bob Target
42 questions

Question 17

Report Export Collapse

Which of the following is an effective control in preventing electronic cloning of Radio Frequency Identification (RFID) based access cards?

Personal Identity Verification (PIV)
Personal Identity Verification (PIV)
Cardholder Unique Identifier (CHUID) authentication
Cardholder Unique Identifier (CHUID) authentication
Physical Access Control System (PACS) repeated attempt detection
Physical Access Control System (PACS) repeated attempt detection
Asymmetric Card Authentication Key (CAK) challenge-response
Asymmetric Card Authentication Key (CAK) challenge-response
Suggested answer: A
asked 18/09/2024
Grzegorz GÅ‚ogowski
37 questions

Question 18

Report Export Collapse

Which security service is served by the process of encryption plaintext with the sender's private key and decrypting cipher text with the sender's public key?

Confidentiality
Confidentiality
Integrity
Integrity
Identification
Identification
Availability
Availability
Suggested answer: A
asked 18/09/2024
Andrew Staton
43 questions

Question 19

Report Export Collapse

Which of the following mobile code security models relies only on trust?

Code signing
Code signing
Class authentication
Class authentication
Sandboxing
Sandboxing
Type safety
Type safety
Suggested answer: A
asked 18/09/2024
Reinhard KOhl
42 questions

Question 20

Report Export Collapse

Which technique can be used to make an encryption scheme more resistant to a known plaintext attack?

Hashing the data before encryption
Hashing the data before encryption
Hashing the data after encryption
Hashing the data after encryption
Compressing the data after encryption
Compressing the data after encryption
Compressing the data before encryption
Compressing the data before encryption
Suggested answer: D
asked 18/09/2024
Cintron, Rigoberto
42 questions
Total 1.482 questions
Go to page: of 149
Open VPLUS File
Convert VPLUS to PDF

Related questions

Which Open Systems Interconnection (OSI) layer(s) BEST corresponds to the network access layer in the Transmission Control Protocol/Internet Protocol (TCP/IP) model?
All of the following items should be included in a Business Impact Analysis (BIA) questionnaire EXCEPT questions that
An organization is preparing to achieve General Data Protection Regulation (GDPR) compliance. The Chief Information Security Officer (CISO) is reviewing data protection methods. Which of the following is the BEST data protection method?
Which one of the following would cause an immediate review and possible change to the security policies of an organization?
Which of the following are all elements of a disaster recovery plan (DRP)?
What is the MAIN reason for testing a Disaster Recovery Plan (DRP)?
Which of the following BEST describes the objectives of the Business Impact Analysis (BIA)?
Which of the following would BEST support effective testing of patch compatibility when patches are applied to an organization's systems?
Which part of an operating system (OS) is responsible for providing security interfaces among the hardware, OS, and other parts of the computing system?
In what phase of the System Development Life Cycle (SDLC) should security training for the development team begin?