ExamGecko
Search Search Login
Home Home / ISC / CISSP

ISC CISSP Practice Test - Questions Answers, Page 3

Question list
Search
Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

Which of the following are all elements of a disaster recovery plan (DRP)?
All of the following items should be included in a Business Impact Analysis (BIA) questionnaire EXCEPT questions that
Which of the following would BEST support effective testing of patch compatibility when patches are applied to an organization's systems?
Which part of an operating system (OS) is responsible for providing security interfaces among the hardware, OS, and other parts of the computing system?
In what phase of the System Development Life Cycle (SDLC) should security training for the development team begin?
What balance MUST be considered when web application developers determine how informative application error messages should be constructed?
Backup information that is critical to the organization is identified through a
An organization is preparing to achieve General Data Protection Regulation (GDPR) compliance. The Chief Information Security Officer (CISO) is reviewing data protection methods. Which of the following is the BEST data protection method?
Data remanence refers to which of the following?
With what frequency should monitoring of a control occur when implementing Information Security Continuous Monitoring (ISCM) solutions?

Question 21

Report
Export
Collapse

What is the second phase of Public Key Infrastructure (PKI) key/certificate life-cycle management?

A.
Implementation Phase
A.
Implementation Phase
Answers
B.
Initialization Phase
B.
Initialization Phase
Answers
C.
Cancellation Phase
C.
Cancellation Phase
Answers
D.
Issued Phase
D.
Issued Phase
Answers
Suggested answer: D

Question 22

Report
Export
Collapse

Which component of the Security Content Automation Protocol (SCAP) specification contains the data required to estimate the severity of vulnerabilities identified automated vulnerability assessments?

A.
Common Vulnerabilities and Exposures (CVE)
A.
Common Vulnerabilities and Exposures (CVE)
Answers
B.
Common Vulnerability Scoring System (CVSS)
B.
Common Vulnerability Scoring System (CVSS)
Answers
C.
Asset Reporting Format (ARF)
C.
Asset Reporting Format (ARF)
Answers
D.
Open Vulnerability and Assessment Language (OVAL)
D.
Open Vulnerability and Assessment Language (OVAL)
Answers
Suggested answer: B

Question 23

Report
Export
Collapse

Who in the organization is accountable for classification of data information assets?

A.
Data owner
A.
Data owner
Answers
B.
Data architect
B.
Data architect
Answers
C.
Chief Information Security Officer (CISO)
C.
Chief Information Security Officer (CISO)
Answers
D.
Chief Information Officer (CIO)
D.
Chief Information Officer (CIO)
Answers
Suggested answer: A

Question 24

Report
Export
Collapse

The use of private and public encryption keys is fundamental in the implementation of which of the following?

A.
Diffie-Hellman algorithm
A.
Diffie-Hellman algorithm
Answers
B.
Secure Sockets Layer (SSL)
B.
Secure Sockets Layer (SSL)
Answers
C.
Advanced Encryption Standard (AES)
C.
Advanced Encryption Standard (AES)
Answers
D.
Message Digest 5 (MD5)
D.
Message Digest 5 (MD5)
Answers
Suggested answer: B

Question 25

Report
Export
Collapse

What is the purpose of an Internet Protocol (IP) spoofing attack?

A.
To send excessive amounts of data to a process, making it unpredictable
A.
To send excessive amounts of data to a process, making it unpredictable
Answers
B.
To intercept network traffic without authorization
B.
To intercept network traffic without authorization
Answers
C.
To disguise the destination address from a target's IP filtering devices
C.
To disguise the destination address from a target's IP filtering devices
Answers
D.
To convince a system that it is communicating with a known entity
D.
To convince a system that it is communicating with a known entity
Answers
Suggested answer: D

Question 26

Report
Export
Collapse

At what level of the Open System Interconnection (OSI) model is data at rest on a Storage Area Network (SAN) located?

A.
Link layer
A.
Link layer
Answers
B.
Physical layer
B.
Physical layer
Answers
C.
Session layer
C.
Session layer
Answers
D.
Application layer
D.
Application layer
Answers
Suggested answer: D

Question 27

Report
Export
Collapse

In a Transmission Control Protocol/Internet Protocol (TCP/IP) stack, which layer is responsible for negotiating and establishing a connection with another node?

A.
Transport layer
A.
Transport layer
Answers
B.
Application layer
B.
Application layer
Answers
C.
Network layer
C.
Network layer
Answers
D.
Session layer
D.
Session layer
Answers
Suggested answer: A

Question 28

Report
Export
Collapse

Which of the following is used by the Point-to-Point Protocol (PPP) to determine packet formats?

A.
Layer 2 Tunneling Protocol (L2TP)
A.
Layer 2 Tunneling Protocol (L2TP)
Answers
B.
Link Control Protocol (LCP)
B.
Link Control Protocol (LCP)
Answers
C.
Challenge Handshake Authentication Protocol (CHAP)
C.
Challenge Handshake Authentication Protocol (CHAP)
Answers
D.
Packet Transfer Protocol (PTP)
D.
Packet Transfer Protocol (PTP)
Answers
Suggested answer: B

Question 29

Report
Export
Collapse

Which of the following operates at the Network Layer of the Open System Interconnection (OSI) model?

A.
Packet filtering
A.
Packet filtering
Answers
B.
Port services filtering
B.
Port services filtering
Answers
C.
Content filtering
C.
Content filtering
Answers
D.
Application access control
D.
Application access control
Answers
Suggested answer: A

Question 30

Report
Export
Collapse

An external attacker has compromised an organization's network security perimeter and installed a sniffer onto an inside computer. Which of the following is the MOST effective layer of security the organization could have implemented to mitigate the attacker's ability to gain further information?

A.
Implement packet filtering on the network firewalls
A.
Implement packet filtering on the network firewalls
Answers
B.
Install Host Based Intrusion Detection Systems (HIDS)
B.
Install Host Based Intrusion Detection Systems (HIDS)
Answers
C.
Require strong authentication for administrators
C.
Require strong authentication for administrators
Answers
D.
Implement logical network segmentation at the switches
D.
Implement logical network segmentation at the switches
Answers
Suggested answer: D
Total 1.482 questions
Go to page: of 149
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms