ExamGecko
Login
Home / ISC / CISSP / List of questions
Ask Question

ISC CISSP Practice Test - Questions Answers, Page 26

List of questions

Question 251

Report Export Collapse

Which item below is a federated identity standard?

802.11i
802.11i
Kerberos
Kerberos
Lightweight Directory Access Protocol (LDAP)
Lightweight Directory Access Protocol (LDAP)
Security Assertion Markup Language (SAML)
Security Assertion Markup Language (SAML)
Suggested answer: D
asked 18/09/2024
Dominique Reemer
43 questions

Question 252

Report Export Collapse

What is a common challenge when implementing Security Assertion Markup Language (SAML) for identity integration between on-premise environment and an external identity provider service?

Some users are not provisioned into the service.
Some users are not provisioned into the service.
SAML tokens are provided by the on-premise identity provider.
SAML tokens are provided by the on-premise identity provider.
Single users cannot be revoked from the service.
Single users cannot be revoked from the service.
SAML tokens contain user information.
SAML tokens contain user information.
Suggested answer: A
asked 18/09/2024
souhaib chabchoub
40 questions

Question 253

Report Export Collapse

Refer to the information below to answer the question.

A new employee is given a laptop computer with full administrator access. This employee does not have a personal computer at home and has a child that uses the computer to send and receive email, search the web, and use instant messaging. The organization's Information Technology (IT) department discovers that a peer-to-peer program has been installed on the computer using the employee's access.

Which of the following could have MOST likely prevented the Peer-to-Peer (P2P) program from being installed on the computer?

Removing employee's full access to the computer
Removing employee's full access to the computer
Supervising their child's use of the computer
Supervising their child's use of the computer
Limiting computer's access to only the employee
Limiting computer's access to only the employee
Ensuring employee understands their business conduct guidelines
Ensuring employee understands their business conduct guidelines
Suggested answer: A
asked 18/09/2024
Yedron Rojas Acosta
51 questions

Question 254

Report Export Collapse

Refer to the information below to answer the question.

A new employee is given a laptop computer with full administrator access. This employee does not have a personal computer at home and has a child that uses the computer to send and receive email, search the web, and use instant messaging. The organization's Information Technology (IT) department discovers that a peer-to-peer program has been installed on the computer using the employee's access.

Which of the following solutions would have MOST likely detected the use of peer-to-peer programs when the computer was connected to the office network?

Anti-virus software
Anti-virus software
Intrusion Prevention System (IPS)
Intrusion Prevention System (IPS)
Anti-spyware software
Anti-spyware software
Integrity checking software
Integrity checking software
Suggested answer: B
asked 18/09/2024
Victor Gouveia Pennella
47 questions

Question 255

Report Export Collapse

Refer to the information below to answer the question.

A new employee is given a laptop computer with full administrator access. This employee does not have a personal computer at home and has a child that uses the computer to send and receive email, search the web, and use instant messaging. The organization's Information Technology (IT) department discovers that a peer-to-peer program has been installed on the computer using the employee's access.

Which of the following methods is the MOST effective way of removing the Peer-to-Peer (P2P) program from the computer?

Run software uninstall
Run software uninstall
Re-image the computer
Re-image the computer
Find and remove all installation files
Find and remove all installation files
Delete all cookies stored in the web browser cache
Delete all cookies stored in the web browser cache
Suggested answer: B
asked 18/09/2024
Svetlana Popova
42 questions

Question 256

Report Export Collapse

Refer to the information below to answer the question.

A new employee is given a laptop computer with full administrator access. This employee does not have a personal computer at home and has a child that uses the computer to send and receive email, search the web, and use instant messaging. The organization's Information Technology (IT) department discovers that a peer-to-peer program has been installed on the computer using the employee's access.

Which of the following documents explains the proper use of the organization's assets?

Human resources policy
Human resources policy
Acceptable use policy
Acceptable use policy
Code of ethics
Code of ethics
Access control policy
Access control policy
Suggested answer: B
asked 18/09/2024
BRIAN SCULLION
36 questions

Question 257

Report Export Collapse

Refer to the information below to answer the question.

A security practitioner detects client-based attacks on the organization's network. A plan will be necessary to address these concerns.

In the plan, what is the BEST approach to mitigate future internal client-based attacks?

Block all client side web exploits at the perimeter.
Block all client side web exploits at the perimeter.
Remove all non-essential client-side web services from the network.
Remove all non-essential client-side web services from the network.
Screen for harmful exploits of client-side services before implementation.
Screen for harmful exploits of client-side services before implementation.
Harden the client image before deployment.
Harden the client image before deployment.
Suggested answer: D
asked 18/09/2024
Brian Charlton,
46 questions

Question 258

Report Export Collapse

Refer to the information below to answer the question.

A security practitioner detects client-based attacks on the organization's network. A plan will be necessary to address these concerns.

In addition to web browsers, what PRIMARY areas need to be addressed concerning mobile code used for malicious purposes?

Text editors, database, and Internet phone applications
Text editors, database, and Internet phone applications
Email, presentation, and database applications
Email, presentation, and database applications
Image libraries, presentation and spreadsheet applications
Image libraries, presentation and spreadsheet applications
Email, media players, and instant messaging applications
Email, media players, and instant messaging applications
Suggested answer: D
asked 18/09/2024
Talal Elemam
54 questions

Question 259

Report Export Collapse

Refer to the information below to answer the question.

A security practitioner detects client-based attacks on the organization's network. A plan will be necessary to address these concerns.

What MUST the plan include in order to reduce client-side exploitation?

Approved web browsers
Approved web browsers
Network firewall procedures
Network firewall procedures
Proxy configuration
Proxy configuration
Employee education
Employee education
Suggested answer: D
asked 18/09/2024
shylashri selvamani
50 questions

Question 260

Report Export Collapse

Refer to the information below to answer the question.

A security practitioner detects client-based attacks on the organization's network. A plan will be necessary to address these concerns.

What is the BEST reason for the organization to pursue a plan to mitigate client-based attacks?

Client privilege administration is inherently weaker than server privilege administration.
Client privilege administration is inherently weaker than server privilege administration.
Client hardening and management is easier on clients than on servers.
Client hardening and management is easier on clients than on servers.
Client-based attacks are more common and easier to exploit than server and network based attacks.
Client-based attacks are more common and easier to exploit than server and network based attacks.
Client-based attacks have higher financial impact.
Client-based attacks have higher financial impact.
Suggested answer: C
asked 18/09/2024
Rajesh Gurav
32 questions
Total 1.482 questions
Go to page: of 149
Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

Which Open Systems Interconnection (OSI) layer(s) BEST corresponds to the network access layer in the Transmission Control Protocol/Internet Protocol (TCP/IP) model?
All of the following items should be included in a Business Impact Analysis (BIA) questionnaire EXCEPT questions that
An organization is preparing to achieve General Data Protection Regulation (GDPR) compliance. The Chief Information Security Officer (CISO) is reviewing data protection methods. Which of the following is the BEST data protection method?
Which one of the following would cause an immediate review and possible change to the security policies of an organization?
Which of the following are all elements of a disaster recovery plan (DRP)?
What is the MAIN reason for testing a Disaster Recovery Plan (DRP)?
Which of the following BEST describes the objectives of the Business Impact Analysis (BIA)?
Which of the following would BEST support effective testing of patch compatibility when patches are applied to an organization's systems?
Which part of an operating system (OS) is responsible for providing security interfaces among the hardware, OS, and other parts of the computing system?
In what phase of the System Development Life Cycle (SDLC) should security training for the development team begin?