ExamGecko
Search Search Login
Home Home / ISC / CISSP

ISC CISSP Practice Test - Questions Answers, Page 28

Question list
Search
Search

List of questions

Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

Which of the following are all elements of a disaster recovery plan (DRP)?
All of the following items should be included in a Business Impact Analysis (BIA) questionnaire EXCEPT questions that
Which of the following would BEST support effective testing of patch compatibility when patches are applied to an organization's systems?
An organization is preparing to achieve General Data Protection Regulation (GDPR) compliance. The Chief Information Security Officer (CISO) is reviewing data protection methods. Which of the following is the BEST data protection method?
In what phase of the System Development Life Cycle (SDLC) should security training for the development team begin?
Which part of an operating system (OS) is responsible for providing security interfaces among the hardware, OS, and other parts of the computing system?
What balance MUST be considered when web application developers determine how informative application error messages should be constructed?
Backup information that is critical to the organization is identified through a
Data remanence refers to which of the following?
With what frequency should monitoring of a control occur when implementing Information Security Continuous Monitoring (ISCM) solutions?

Question 271

Report
Export
Collapse

Refer to the information below to answer the question.

During the investigation of a security incident, it is determined that an unauthorized individual accessed a system which hosts a database containing financial information.

If the intrusion causes the system processes to hang, which of the following has been affected?

A.
System integrity
A.
System integrity
Answers
B.
System availability
B.
System availability
Answers
C.
System confidentiality
C.
System confidentiality
Answers
D.
System auditability
D.
System auditability
Answers
Suggested answer: B

Question 272

Report
Export
Collapse

Refer to the information below to answer the question.

An organization experiencing a negative financial impact is forced to reduce budgets and the number of Information Technology (IT) operations staff performing basic logical access security administration functions. Security processes have been tightly integrated into normal IT operations and are not separate and distinct roles.

Which of the following will be the PRIMARY security concern as staff is released from the organization?

A.
Inadequate IT support
A.
Inadequate IT support
Answers
B.
Loss of data and separation of duties
B.
Loss of data and separation of duties
Answers
C.
Undocumented security controls
C.
Undocumented security controls
Answers
D.
Additional responsibilities for remaining staff
D.
Additional responsibilities for remaining staff
Answers
Suggested answer: B

Question 273

Report
Export
Collapse

Refer to the information below to answer the question.

An organization experiencing a negative financial impact is forced to reduce budgets and the number of Information Technology (IT) operations staff performing basic logical access security administration functions. Security processes have been tightly integrated into normal IT operations and are not separate and distinct roles.

Which of the following will MOST likely allow the organization to keep risk at an acceptable level?

A.
Increasing the amount of audits performed by third parties
A.
Increasing the amount of audits performed by third parties
Answers
B.
Removing privileged accounts from operational staff
B.
Removing privileged accounts from operational staff
Answers
C.
Assigning privileged functions to appropriate staff
C.
Assigning privileged functions to appropriate staff
Answers
D.
Separating the security function into distinct roles
D.
Separating the security function into distinct roles
Answers
Suggested answer: C

Question 274

Report
Export
Collapse

Refer to the information below to answer the question.

An organization experiencing a negative financial impact is forced to reduce budgets and the number of Information Technology (IT) operations staff performing basic logical access security administration functions. Security processes have been tightly integrated into normal IT operations and are not separate and distinct roles.

Which of the following will indicate where the IT budget is BEST allocated during this time?

A.
Policies
A.
Policies
Answers
B.
Frameworks
B.
Frameworks
Answers
C.
Metrics
C.
Metrics
Answers
D.
Guidelines
D.
Guidelines
Answers
Suggested answer: C

Question 275

Report
Export
Collapse

Refer to the information below to answer the question.

An organization experiencing a negative financial impact is forced to reduce budgets and the number of Information Technology (IT) operations staff performing basic logical access security administration functions. Security processes have been tightly integrated into normal IT operations and are not separate and distinct roles.

When determining appropriate resource allocation, which of the following is MOST important to monitor?

A.
Number of system compromises
A.
Number of system compromises
Answers
B.
Number of audit findings
B.
Number of audit findings
Answers
C.
Number of staff reductions
C.
Number of staff reductions
Answers
D.
Number of additional assets
D.
Number of additional assets
Answers
Suggested answer: B

Question 276

Report
Export
Collapse

Refer to the information below to answer the question.

In a Multilevel Security (MLS) system, the following sensitivity labels are used in increasing levels of sensitivity: restricted, confidential, secret, top secret. Table A lists the clearance levels for four users, while Table B lists the security classes of four different files.

Which of the following is true according to the star property (*property)?

A.
User D can write to File 1
A.
User D can write to File 1
Answers
B.
User B can write to File 1
B.
User B can write to File 1
Answers
C.
User A can write to File 1
C.
User A can write to File 1
Answers
D.
User C can write to File 1
D.
User C can write to File 1
Answers
Suggested answer: C

Question 277

Report
Export
Collapse

Refer to the information below to answer the question.

In a Multilevel Security (MLS) system, the following sensitivity labels are used in increasing levels of sensitivity: restricted, confidential, secret, top secret. Table A lists the clearance levels for four users, while Table B lists the security classes of four different files.

In a Bell-LaPadula system, which user cannot write to File 3?

A.
User A
A.
User A
Answers
B.
User B
B.
User B
Answers
C.
User C
C.
User C
Answers
D.
User D
D.
User D
Answers
Suggested answer: D

Question 278

Report
Export
Collapse

Refer to the information below to answer the question.

In a Multilevel Security (MLS) system, the following sensitivity labels are used in increasing levels of sensitivity: restricted, confidential, secret, top secret. Table A lists the clearance levels for four users, while Table B lists the security classes of four different files.

In a Bell-LaPadula system, which user has the MOST restrictions when writing data to any of the four files?

A.
User A
A.
User A
Answers
B.
User B
B.
User B
Answers
C.
User C
C.
User C
Answers
D.
User D
D.
User D
Answers
Suggested answer: D

Question 279

Report
Export
Collapse

Refer to the information below to answer the question.

Desktop computers in an organization were sanitized for re-use in an equivalent security environment. The data was destroyed in accordance with organizational policy and all marking and other external indications of the sensitivity of the data that was formerly stored on the magnetic drives were removed.

After magnetic drives were degaussed twice according to the product manufacturer's directions, what is the MOST LIKELY security issue with degaussing?

A.
Commercial products often have serious weaknesses of the magnetic force available in the degausser product.
A.
Commercial products often have serious weaknesses of the magnetic force available in the degausser product.
Answers
B.
Degausser products may not be properly maintained and operated.
B.
Degausser products may not be properly maintained and operated.
Answers
C.
The inability to turn the drive around in the chamber for the second pass due to human error.
C.
The inability to turn the drive around in the chamber for the second pass due to human error.
Answers
D.
Inadequate record keeping when sanitizing mediA.
D.
Inadequate record keeping when sanitizing mediA.
Answers
Suggested answer: B

Question 280

Report
Export
Collapse

Refer to the information below to answer the question.

Desktop computers in an organization were sanitized for re-use in an equivalent security environment. The data was destroyed in accordance with organizational policy and all marking and other external indications of the sensitivity of the data that was formerly stored on the magnetic drives were removed.

Organizational policy requires the deletion of user data from Personal Digital Assistant (PDA) devices before disposal. It may not be possible to delete the user data if the device is malfunctioning. Which destruction method below provides the BEST assurance that the data has been removed?

A.
Knurling
A.
Knurling
Answers
B.
Grinding
B.
Grinding
Answers
C.
Shredding
C.
Shredding
Answers
D.
Degaussing
D.
Degaussing
Answers
Suggested answer: C
Total 1.482 questions
Go to page: of 149
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms