ExamGecko
Login
Home / ISC / CISSP / List of questions
Ask Question

ISC CISSP Practice Test - Questions Answers, Page 21

List of questions

Question 201

Report Export Collapse

With data labeling, which of the following MUST be the key decision maker?

Information security
Information security
Departmental management
Departmental management
Data custodian
Data custodian
Data owner
Data owner
Suggested answer: D
asked 18/09/2024
Brian Foy
43 questions

Question 202

Report Export Collapse

Which of the following is a critical factor for implementing a successful data classification program?

Executive sponsorship
Executive sponsorship
Information security sponsorship
Information security sponsorship
End-user acceptance
End-user acceptance
Internal audit acceptance
Internal audit acceptance
Suggested answer: A
asked 18/09/2024
Musaddiq Shorunke
46 questions

Question 203

Report Export Collapse

An organization's data policy MUST include a data retention period which is based on

application dismissal.
application dismissal.
business procedures.
business procedures.
digital certificates expiration.
digital certificates expiration.
regulatory compliance.
regulatory compliance.
Suggested answer: D
asked 18/09/2024
Kabi Bashala
40 questions

Question 204

Report Export Collapse

What is the MOST important reason to configure unique user IDs?

Supporting accountability
Supporting accountability
Reducing authentication errors
Reducing authentication errors
Preventing password compromise
Preventing password compromise
Supporting Single Sign On (SSO)
Supporting Single Sign On (SSO)
Suggested answer: A
asked 18/09/2024
Salah Dabwan
49 questions

Question 205

Report Export Collapse

What is the PRIMARY advantage of using automated application security testing tools?

The application can be protected in the production environment.
The application can be protected in the production environment.
Large amounts of code can be tested using fewer resources.
Large amounts of code can be tested using fewer resources.
The application will fail less when tested using these tools.
The application will fail less when tested using these tools.
Detailed testing of code functions can be performed.
Detailed testing of code functions can be performed.
Suggested answer: B
asked 18/09/2024
Laxman Paudel
26 questions

Question 206

Report Export Collapse

When using third-party software developers, which of the following is the MOST effective method of providing software development Quality Assurance (QA)?

Retain intellectual property rights through contractual wording.
Retain intellectual property rights through contractual wording.
Perform overlapping code reviews by both parties.
Perform overlapping code reviews by both parties.
Verify that the contractors attend development planning meetings.
Verify that the contractors attend development planning meetings.
Create a separate contractor development environment.
Create a separate contractor development environment.
Suggested answer: B
asked 18/09/2024
Peter Klaffehn
45 questions

Question 207

Report Export Collapse

What do Capability Maturity Models (CMM) serve as a benchmark for in an organization?

Experience in the industry
Experience in the industry
Definition of security profiles
Definition of security profiles
Human resource planning efforts
Human resource planning efforts
Procedures in systems development
Procedures in systems development
Suggested answer: D
asked 18/09/2024
Michael Akinpelu
36 questions

Question 208

Report Export Collapse

Which of the following is the MOST crucial for a successful audit plan?

Defining the scope of the audit to be performed
Defining the scope of the audit to be performed
Identifying the security controls to be implemented
Identifying the security controls to be implemented
Working with the system owner on new controls
Working with the system owner on new controls
Acquiring evidence of systems that are not compliant
Acquiring evidence of systems that are not compliant
Suggested answer: A
asked 18/09/2024
dion alken
44 questions

Question 209

Report Export Collapse

An organization decides to implement a partial Public Key Infrastructure (PKI) with only the servers having digital certificates. What is the security benefit of this implementation?

Clients can authenticate themselves to the servers.
Clients can authenticate themselves to the servers.
Mutual authentication is available between the clients and servers.
Mutual authentication is available between the clients and servers.
Servers are able to issue digital certificates to the client.
Servers are able to issue digital certificates to the client.
Servers can authenticate themselves to the client.
Servers can authenticate themselves to the client.
Suggested answer: D
asked 18/09/2024
Tom Starren
47 questions

Question 210

Report Export Collapse

Which of the following is the PRIMARY benefit of a formalized information classification program?

It drives audit processes.
It drives audit processes.
It supports risk assessment.
It supports risk assessment.
It reduces asset vulnerabilities.
It reduces asset vulnerabilities.
It minimizes system logging requirements.
It minimizes system logging requirements.
Suggested answer: B
asked 18/09/2024
Sriharsha Janga
47 questions
Total 1.482 questions
Go to page: of 149
Open VPLUS File
Convert VPLUS to PDF

Related questions

Which Open Systems Interconnection (OSI) layer(s) BEST corresponds to the network access layer in the Transmission Control Protocol/Internet Protocol (TCP/IP) model?
All of the following items should be included in a Business Impact Analysis (BIA) questionnaire EXCEPT questions that
An organization is preparing to achieve General Data Protection Regulation (GDPR) compliance. The Chief Information Security Officer (CISO) is reviewing data protection methods. Which of the following is the BEST data protection method?
Which one of the following would cause an immediate review and possible change to the security policies of an organization?
Which of the following are all elements of a disaster recovery plan (DRP)?
What is the MAIN reason for testing a Disaster Recovery Plan (DRP)?
Which of the following BEST describes the objectives of the Business Impact Analysis (BIA)?
Which of the following would BEST support effective testing of patch compatibility when patches are applied to an organization's systems?
Which part of an operating system (OS) is responsible for providing security interfaces among the hardware, OS, and other parts of the computing system?
In what phase of the System Development Life Cycle (SDLC) should security training for the development team begin?