ExamGecko
Search Search Login
Home Home / ISC / CISSP

ISC CISSP Practice Test - Questions Answers, Page 30

Question list
Search
Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

Which of the following are all elements of a disaster recovery plan (DRP)?
All of the following items should be included in a Business Impact Analysis (BIA) questionnaire EXCEPT questions that
Which of the following would BEST support effective testing of patch compatibility when patches are applied to an organization's systems?
An organization is preparing to achieve General Data Protection Regulation (GDPR) compliance. The Chief Information Security Officer (CISO) is reviewing data protection methods. Which of the following is the BEST data protection method?
In what phase of the System Development Life Cycle (SDLC) should security training for the development team begin?
Which part of an operating system (OS) is responsible for providing security interfaces among the hardware, OS, and other parts of the computing system?
What balance MUST be considered when web application developers determine how informative application error messages should be constructed?
Backup information that is critical to the organization is identified through a
Data remanence refers to which of the following?
With what frequency should monitoring of a control occur when implementing Information Security Continuous Monitoring (ISCM) solutions?

Question 291

Report
Export
Collapse

What component of a web application that stores the session state in a cookie can be bypassed by an attacker?

A.
An initialization check
A.
An initialization check
Answers
B.
An identification check
B.
An identification check
Answers
C.
An authentication check
C.
An authentication check
Answers
D.
An authorization check
D.
An authorization check
Answers
Suggested answer: C

Question 292

Report
Export
Collapse

Which of the following is a MAJOR consideration in implementing a Voice over IP (VoIP) network?

A.
Use of a unified messaging.
A.
Use of a unified messaging.
Answers
B.
Use of separation for the voice network.
B.
Use of separation for the voice network.
Answers
C.
Use of Network Access Control (NAC) on switches.
C.
Use of Network Access Control (NAC) on switches.
Answers
D.
Use of Request for Comments (RFC) 1918 addressing.
D.
Use of Request for Comments (RFC) 1918 addressing.
Answers
Suggested answer: A

Question 293

Report
Export
Collapse

Host-Based Intrusion Protection (HIPS) systems are often deployed in monitoring or learning mode during their initial implementation. What is the objective of starting in this mode?

A.
Automatically create exceptions for specific actions or files
A.
Automatically create exceptions for specific actions or files
Answers
B.
Determine which files are unsafe to access and blacklist them
B.
Determine which files are unsafe to access and blacklist them
Answers
C.
Automatically whitelist actions or files known to the system
C.
Automatically whitelist actions or files known to the system
Answers
D.
Build a baseline of normal or safe system events for review
D.
Build a baseline of normal or safe system events for review
Answers
Suggested answer: D

Question 294

Report
Export
Collapse

Which of the following describes the concept of a Single Sign -On (SSO) system?

A.
Users are authenticated to one system at a time.
A.
Users are authenticated to one system at a time.
Answers
B.
Users are identified to multiple systems with several credentials.
B.
Users are identified to multiple systems with several credentials.
Answers
C.
Users are authenticated to multiple systems with one login.
C.
Users are authenticated to multiple systems with one login.
Answers
D.
Only one user is using the system at a time.
D.
Only one user is using the system at a time.
Answers
Suggested answer: C

Question 295

Report
Export
Collapse

What physical characteristic does a retinal scan biometric device measure?

A.
The amount of light reflected by the retina
A.
The amount of light reflected by the retina
Answers
B.
The size, curvature, and shape of the retina
B.
The size, curvature, and shape of the retina
Answers
C.
The pattern of blood vessels at the back of the eye
C.
The pattern of blood vessels at the back of the eye
Answers
D.
The pattern of light receptors at the back of the eye
D.
The pattern of light receptors at the back of the eye
Answers
Suggested answer: C

Question 296

Report
Export
Collapse

What does secure authentication with logging provide?

A.
Data integrity
A.
Data integrity
Answers
B.
Access accountability
B.
Access accountability
Answers
C.
Encryption logging format
C.
Encryption logging format
Answers
D.
Segregation of duties
D.
Segregation of duties
Answers
Suggested answer: B

Question 297

Report
Export
Collapse

Which of the following provides the minimum set of privileges required to perform a job function and restricts the user to a domain with the required privileges?

A.
Access based on rules
A.
Access based on rules
Answers
B.
Access based on user's role
B.
Access based on user's role
Answers
C.
Access determined by the system
C.
Access determined by the system
Answers
D.
Access based on data sensitivity
D.
Access based on data sensitivity
Answers
Suggested answer: B

Question 298

Report
Export
Collapse

Discretionary Access Control (DAC) restricts access according to

A.
data classification labeling.
A.
data classification labeling.
Answers
B.
page views within an application.
B.
page views within an application.
Answers
C.
authorizations granted to the user.
C.
authorizations granted to the user.
Answers
D.
management accreditation.
D.
management accreditation.
Answers
Suggested answer: C

Question 299

Report
Export
Collapse

Retaining system logs for six months or longer can be valuable for what activities?

A.
Disaster recovery and business continuity
A.
Disaster recovery and business continuity
Answers
B.
Forensics and incident response
B.
Forensics and incident response
Answers
C.
Identity and authorization management
C.
Identity and authorization management
Answers
D.
Physical and logical access control
D.
Physical and logical access control
Answers
Suggested answer: B

Question 300

Report
Export
Collapse

Which of the following statements is TRUE regarding value boundary analysis as a functional software testing technique?

A.
It is useful for testing communications protocols and graphical user interfaces.
A.
It is useful for testing communications protocols and graphical user interfaces.
Answers
B.
It is characterized by the stateless behavior of a process implemented in a function.
B.
It is characterized by the stateless behavior of a process implemented in a function.
Answers
C.
Test inputs are obtained from the derived threshold of the given functional specifications.
C.
Test inputs are obtained from the derived threshold of the given functional specifications.
Answers
D.
An entire partition can be covered by considering only one representative value from that partition.
D.
An entire partition can be covered by considering only one representative value from that partition.
Answers
Suggested answer: C
Total 1.482 questions
Go to page: of 149
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms