ExamGecko
Home / ISC / CISSP / List of questions
Ask Question

ISC CISSP Practice Test - Questions Answers, Page 31

List of questions

Question 301

Report Export Collapse

Data leakage of sensitive information is MOST often concealed by which of the following?

Secure Sockets Layer (SSL)
Secure Sockets Layer (SSL)
Secure Hash Algorithm (SHA)
Secure Hash Algorithm (SHA)
Wired Equivalent Privacy (WEP)
Wired Equivalent Privacy (WEP)
Secure Post Office Protocol (POP)
Secure Post Office Protocol (POP)
Suggested answer: A
asked 18/09/2024
Josiah Pardee
51 questions

Question 302

Report Export Collapse

Which of the following is a reason to use manual patch installation instead of automated patch management?

The cost required to install patches will be reduced.
The cost required to install patches will be reduced.
The time during which systems will remain vulnerable to an exploit will be decreased.
The time during which systems will remain vulnerable to an exploit will be decreased.
The likelihood of system or application incompatibilities will be decreased.
The likelihood of system or application incompatibilities will be decreased.
The ability to cover large geographic areas is increased.
The ability to cover large geographic areas is increased.
Suggested answer: C
asked 18/09/2024
Geetanjali Singh
40 questions

Question 303

Report Export Collapse

Which of the following is the MOST important element of change management documentation?

List of components involved
List of components involved
Number of changes being made
Number of changes being made
Business case justification
Business case justification
A stakeholder communication
A stakeholder communication
Suggested answer: C
asked 18/09/2024
Fthcx Fgghn
40 questions

Question 304

Report Export Collapse

The PRIMARY outcome of a certification process is that it provides documented

system weaknesses for remediation.
system weaknesses for remediation.
standards for security assessment, testing, and process evaluation.
standards for security assessment, testing, and process evaluation.
interconnected systems and their implemented security controls.
interconnected systems and their implemented security controls.
security analyses needed to make a risk-based decision.
security analyses needed to make a risk-based decision.
Suggested answer: D
asked 18/09/2024
Amanuel Mesfin
50 questions

Question 305

Report Export Collapse

Which of the following standards/guidelines requires an Information Security Management System (ISMS) to be defined?

International Organization for Standardization (ISO) 27000 family
International Organization for Standardization (ISO) 27000 family
Information Technology Infrastructure Library (ITIL)
Information Technology Infrastructure Library (ITIL)
Payment Card Industry Data Security Standard (PCIDSS)
Payment Card Industry Data Security Standard (PCIDSS)
ISO/IEC 20000
ISO/IEC 20000
Suggested answer: A
asked 18/09/2024
Rudy Raijmakers
43 questions

Question 306

Report Export Collapse

Which of the following PRIMARILY contributes to security incidents in web-based applications?

Systems administration and operating systems
Systems administration and operating systems
System incompatibility and patch management
System incompatibility and patch management
Third-party applications and change controls
Third-party applications and change controls
Improper stress testing and application interfaces
Improper stress testing and application interfaces
Suggested answer: C
asked 18/09/2024
Robert Andrade
54 questions

Question 307

Report Export Collapse

What is the process called when impact values are assigned to the security objectives for information types?

Qualitative analysis
Qualitative analysis
Quantitative analysis
Quantitative analysis
Remediation
Remediation
System security categorization
System security categorization
Suggested answer: D
asked 18/09/2024
Jonathan McGurgan
37 questions

Question 308

Report Export Collapse

Data remanence refers to which of the following?

The remaining photons left in a fiber optic cable after a secure transmission.
The remaining photons left in a fiber optic cable after a secure transmission.
The retention period required by law or regulation.
The retention period required by law or regulation.
The magnetic flux created when removing the network connection from a server or personal computer.
The magnetic flux created when removing the network connection from a server or personal computer.
The residual information left on magnetic storage media after a deletion or erasure.
The residual information left on magnetic storage media after a deletion or erasure.
Suggested answer: D
asked 18/09/2024
Dmitry Balikhin
26 questions

Question 309

Report Export Collapse

Which of the following describes the BEST configuration management practice?

After installing a new system, the configuration files are copied to a separate back-up system and hashed to detect tampering.
After installing a new system, the configuration files are copied to a separate back-up system and hashed to detect tampering.
After installing a new system, the configuration files are copied to an air-gapped system and hashed to detect tampering.
After installing a new system, the configuration files are copied to an air-gapped system and hashed to detect tampering.
The firewall rules are backed up to an air-gapped system.
The firewall rules are backed up to an air-gapped system.
A baseline configuration is created and maintained for all relevant systems.
A baseline configuration is created and maintained for all relevant systems.
Suggested answer: D
asked 18/09/2024
Yusuf E
44 questions

Question 310

Report Export Collapse

How does Encapsulating Security Payload (ESP) in transport mode affect the Internet Protocol (IP)?

Encrypts and optionally authenticates the IP header, but not the IP payload
Encrypts and optionally authenticates the IP header, but not the IP payload
Encrypts and optionally authenticates the IP payload, but not the IP header
Encrypts and optionally authenticates the IP payload, but not the IP header
Authenticates the IP payload and selected portions of the IP header
Authenticates the IP payload and selected portions of the IP header
Encrypts and optionally authenticates the complete IP packet
Encrypts and optionally authenticates the complete IP packet
Suggested answer: B
asked 18/09/2024
GIORGOS KELAIDIS
36 questions
Total 1.482 questions
Go to page: of 149