ExamGecko
Login
Home / ISC / CISSP / List of questions
Ask Question

ISC CISSP Practice Test - Questions Answers, Page 3

List of questions

Question 21

Report Export Collapse

What is the second phase of Public Key Infrastructure (PKI) key/certificate life-cycle management?

Implementation Phase
Implementation Phase
Initialization Phase
Initialization Phase
Cancellation Phase
Cancellation Phase
Issued Phase
Issued Phase
Suggested answer: D
asked 18/09/2024
Grip op IT
43 questions

Question 22

Report Export Collapse

Which component of the Security Content Automation Protocol (SCAP) specification contains the data required to estimate the severity of vulnerabilities identified automated vulnerability assessments?

Common Vulnerabilities and Exposures (CVE)
Common Vulnerabilities and Exposures (CVE)
Common Vulnerability Scoring System (CVSS)
Common Vulnerability Scoring System (CVSS)
Asset Reporting Format (ARF)
Asset Reporting Format (ARF)
Open Vulnerability and Assessment Language (OVAL)
Open Vulnerability and Assessment Language (OVAL)
Suggested answer: B
asked 18/09/2024
Sonjoy Kanwal
48 questions

Question 23

Report Export Collapse

Who in the organization is accountable for classification of data information assets?

Data owner
Data owner
Data architect
Data architect
Chief Information Security Officer (CISO)
Chief Information Security Officer (CISO)
Chief Information Officer (CIO)
Chief Information Officer (CIO)
Suggested answer: A
asked 18/09/2024
Ben Spiers
40 questions

Question 24

Report Export Collapse

The use of private and public encryption keys is fundamental in the implementation of which of the following?

Diffie-Hellman algorithm
Diffie-Hellman algorithm
Secure Sockets Layer (SSL)
Secure Sockets Layer (SSL)
Advanced Encryption Standard (AES)
Advanced Encryption Standard (AES)
Message Digest 5 (MD5)
Message Digest 5 (MD5)
Suggested answer: B
asked 18/09/2024
Jennifer Lear
49 questions

Question 25

Report Export Collapse

What is the purpose of an Internet Protocol (IP) spoofing attack?

To send excessive amounts of data to a process, making it unpredictable
To send excessive amounts of data to a process, making it unpredictable
To intercept network traffic without authorization
To intercept network traffic without authorization
To disguise the destination address from a target's IP filtering devices
To disguise the destination address from a target's IP filtering devices
To convince a system that it is communicating with a known entity
To convince a system that it is communicating with a known entity
Suggested answer: D
asked 18/09/2024
Praveen Achankunju
49 questions

Question 26

Report Export Collapse

At what level of the Open System Interconnection (OSI) model is data at rest on a Storage Area Network (SAN) located?

Link layer
Link layer
Physical layer
Physical layer
Session layer
Session layer
Application layer
Application layer
Suggested answer: D
asked 18/09/2024
Darin Ambrose
43 questions

Question 27

Report Export Collapse

In a Transmission Control Protocol/Internet Protocol (TCP/IP) stack, which layer is responsible for negotiating and establishing a connection with another node?

Transport layer
Transport layer
Application layer
Application layer
Network layer
Network layer
Session layer
Session layer
Suggested answer: A
asked 18/09/2024
jordi vanderpooten
37 questions

Question 28

Report Export Collapse

Which of the following is used by the Point-to-Point Protocol (PPP) to determine packet formats?

Layer 2 Tunneling Protocol (L2TP)
Layer 2 Tunneling Protocol (L2TP)
Link Control Protocol (LCP)
Link Control Protocol (LCP)
Challenge Handshake Authentication Protocol (CHAP)
Challenge Handshake Authentication Protocol (CHAP)
Packet Transfer Protocol (PTP)
Packet Transfer Protocol (PTP)
Suggested answer: B
asked 18/09/2024
David Aghaegbuna
50 questions

Question 29

Report Export Collapse

Which of the following operates at the Network Layer of the Open System Interconnection (OSI) model?

Packet filtering
Packet filtering
Port services filtering
Port services filtering
Content filtering
Content filtering
Application access control
Application access control
Suggested answer: A
asked 18/09/2024
Antoine CHEA
29 questions

Question 30

Report Export Collapse

An external attacker has compromised an organization's network security perimeter and installed a sniffer onto an inside computer. Which of the following is the MOST effective layer of security the organization could have implemented to mitigate the attacker's ability to gain further information?

Implement packet filtering on the network firewalls
Implement packet filtering on the network firewalls
Install Host Based Intrusion Detection Systems (HIDS)
Install Host Based Intrusion Detection Systems (HIDS)
Require strong authentication for administrators
Require strong authentication for administrators
Implement logical network segmentation at the switches
Implement logical network segmentation at the switches
Suggested answer: D
asked 18/09/2024
Himal Rai
46 questions
Total 1.482 questions
Go to page: of 149
Open VPLUS File
Convert VPLUS to PDF

Related questions

Which Open Systems Interconnection (OSI) layer(s) BEST corresponds to the network access layer in the Transmission Control Protocol/Internet Protocol (TCP/IP) model?
All of the following items should be included in a Business Impact Analysis (BIA) questionnaire EXCEPT questions that
An organization is preparing to achieve General Data Protection Regulation (GDPR) compliance. The Chief Information Security Officer (CISO) is reviewing data protection methods. Which of the following is the BEST data protection method?
Which one of the following would cause an immediate review and possible change to the security policies of an organization?
Which of the following are all elements of a disaster recovery plan (DRP)?
What is the MAIN reason for testing a Disaster Recovery Plan (DRP)?
Which of the following BEST describes the objectives of the Business Impact Analysis (BIA)?
Which of the following would BEST support effective testing of patch compatibility when patches are applied to an organization's systems?
Which part of an operating system (OS) is responsible for providing security interfaces among the hardware, OS, and other parts of the computing system?
In what phase of the System Development Life Cycle (SDLC) should security training for the development team begin?