ExamGecko
Login
Home / ISC / CISSP / List of questions
Ask Question

ISC CISSP Practice Test - Questions Answers, Page 30

List of questions

Question 291

Report Export Collapse

What component of a web application that stores the session state in a cookie can be bypassed by an attacker?

An initialization check
An initialization check
An identification check
An identification check
An authentication check
An authentication check
An authorization check
An authorization check
Suggested answer: C
asked 18/09/2024
Ibiyemi Araoye
45 questions

Question 292

Report Export Collapse

Which of the following is a MAJOR consideration in implementing a Voice over IP (VoIP) network?

Use of a unified messaging.
Use of a unified messaging.
Use of separation for the voice network.
Use of separation for the voice network.
Use of Network Access Control (NAC) on switches.
Use of Network Access Control (NAC) on switches.
Use of Request for Comments (RFC) 1918 addressing.
Use of Request for Comments (RFC) 1918 addressing.
Suggested answer: A
asked 18/09/2024
J.L.M. van Loo
50 questions

Question 293

Report Export Collapse

Host-Based Intrusion Protection (HIPS) systems are often deployed in monitoring or learning mode during their initial implementation. What is the objective of starting in this mode?

Automatically create exceptions for specific actions or files
Automatically create exceptions for specific actions or files
Determine which files are unsafe to access and blacklist them
Determine which files are unsafe to access and blacklist them
Automatically whitelist actions or files known to the system
Automatically whitelist actions or files known to the system
Build a baseline of normal or safe system events for review
Build a baseline of normal or safe system events for review
Suggested answer: D
asked 18/09/2024
George Mabry
52 questions

Question 294

Report Export Collapse

Which of the following describes the concept of a Single Sign -On (SSO) system?

Users are authenticated to one system at a time.
Users are authenticated to one system at a time.
Users are identified to multiple systems with several credentials.
Users are identified to multiple systems with several credentials.
Users are authenticated to multiple systems with one login.
Users are authenticated to multiple systems with one login.
Only one user is using the system at a time.
Only one user is using the system at a time.
Suggested answer: C
asked 18/09/2024
Mellisa Stroman
44 questions

Question 295

Report Export Collapse

What physical characteristic does a retinal scan biometric device measure?

The amount of light reflected by the retina
The amount of light reflected by the retina
The size, curvature, and shape of the retina
The size, curvature, and shape of the retina
The pattern of blood vessels at the back of the eye
The pattern of blood vessels at the back of the eye
The pattern of light receptors at the back of the eye
The pattern of light receptors at the back of the eye
Suggested answer: C
asked 18/09/2024
Chris Ngobili
42 questions

Question 296

Report Export Collapse

What does secure authentication with logging provide?

Data integrity
Data integrity
Access accountability
Access accountability
Encryption logging format
Encryption logging format
Segregation of duties
Segregation of duties
Suggested answer: B
asked 18/09/2024
Mahmoud Ismail
38 questions

Question 297

Report Export Collapse

Which of the following provides the minimum set of privileges required to perform a job function and restricts the user to a domain with the required privileges?

Access based on rules
Access based on rules
Access based on user's role
Access based on user's role
Access determined by the system
Access determined by the system
Access based on data sensitivity
Access based on data sensitivity
Suggested answer: B
asked 18/09/2024
Kameron Katoku
50 questions

Question 298

Report Export Collapse

Discretionary Access Control (DAC) restricts access according to

data classification labeling.
data classification labeling.
page views within an application.
page views within an application.
authorizations granted to the user.
authorizations granted to the user.
management accreditation.
management accreditation.
Suggested answer: C
asked 18/09/2024
Piotr Jakubowski
38 questions

Question 299

Report Export Collapse

Retaining system logs for six months or longer can be valuable for what activities?

Disaster recovery and business continuity
Disaster recovery and business continuity
Forensics and incident response
Forensics and incident response
Identity and authorization management
Identity and authorization management
Physical and logical access control
Physical and logical access control
Suggested answer: B
asked 18/09/2024
Tuan Nguyen
48 questions

Question 300

Report Export Collapse

Which of the following statements is TRUE regarding value boundary analysis as a functional software testing technique?

It is useful for testing communications protocols and graphical user interfaces.
It is useful for testing communications protocols and graphical user interfaces.
It is characterized by the stateless behavior of a process implemented in a function.
It is characterized by the stateless behavior of a process implemented in a function.
Test inputs are obtained from the derived threshold of the given functional specifications.
Test inputs are obtained from the derived threshold of the given functional specifications.
An entire partition can be covered by considering only one representative value from that partition.
An entire partition can be covered by considering only one representative value from that partition.
Suggested answer: C
asked 18/09/2024
Donald Wu
40 questions
Total 1.482 questions
Go to page: of 149
Open VPLUS File
Convert VPLUS to PDF

Related questions

Which Open Systems Interconnection (OSI) layer(s) BEST corresponds to the network access layer in the Transmission Control Protocol/Internet Protocol (TCP/IP) model?
All of the following items should be included in a Business Impact Analysis (BIA) questionnaire EXCEPT questions that
An organization is preparing to achieve General Data Protection Regulation (GDPR) compliance. The Chief Information Security Officer (CISO) is reviewing data protection methods. Which of the following is the BEST data protection method?
Which one of the following would cause an immediate review and possible change to the security policies of an organization?
Which of the following are all elements of a disaster recovery plan (DRP)?
What is the MAIN reason for testing a Disaster Recovery Plan (DRP)?
Which of the following BEST describes the objectives of the Business Impact Analysis (BIA)?
Which of the following would BEST support effective testing of patch compatibility when patches are applied to an organization's systems?
Which part of an operating system (OS) is responsible for providing security interfaces among the hardware, OS, and other parts of the computing system?
In what phase of the System Development Life Cycle (SDLC) should security training for the development team begin?