ExamGecko
Search Search Login
Home Home / ISC / CISSP

ISC CISSP Practice Test - Questions Answers, Page 31

Question list
Search
Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

Which of the following are all elements of a disaster recovery plan (DRP)?
All of the following items should be included in a Business Impact Analysis (BIA) questionnaire EXCEPT questions that
Which of the following would BEST support effective testing of patch compatibility when patches are applied to an organization's systems?
An organization is preparing to achieve General Data Protection Regulation (GDPR) compliance. The Chief Information Security Officer (CISO) is reviewing data protection methods. Which of the following is the BEST data protection method?
In what phase of the System Development Life Cycle (SDLC) should security training for the development team begin?
Which part of an operating system (OS) is responsible for providing security interfaces among the hardware, OS, and other parts of the computing system?
What balance MUST be considered when web application developers determine how informative application error messages should be constructed?
Backup information that is critical to the organization is identified through a
Data remanence refers to which of the following?
With what frequency should monitoring of a control occur when implementing Information Security Continuous Monitoring (ISCM) solutions?

Question 301

Report
Export
Collapse

Data leakage of sensitive information is MOST often concealed by which of the following?

A.
Secure Sockets Layer (SSL)
A.
Secure Sockets Layer (SSL)
Answers
B.
Secure Hash Algorithm (SHA)
B.
Secure Hash Algorithm (SHA)
Answers
C.
Wired Equivalent Privacy (WEP)
C.
Wired Equivalent Privacy (WEP)
Answers
D.
Secure Post Office Protocol (POP)
D.
Secure Post Office Protocol (POP)
Answers
Suggested answer: A

Question 302

Report
Export
Collapse

Which of the following is a reason to use manual patch installation instead of automated patch management?

A.
The cost required to install patches will be reduced.
A.
The cost required to install patches will be reduced.
Answers
B.
The time during which systems will remain vulnerable to an exploit will be decreased.
B.
The time during which systems will remain vulnerable to an exploit will be decreased.
Answers
C.
The likelihood of system or application incompatibilities will be decreased.
C.
The likelihood of system or application incompatibilities will be decreased.
Answers
D.
The ability to cover large geographic areas is increased.
D.
The ability to cover large geographic areas is increased.
Answers
Suggested answer: C

Question 303

Report
Export
Collapse

Which of the following is the MOST important element of change management documentation?

A.
List of components involved
A.
List of components involved
Answers
B.
Number of changes being made
B.
Number of changes being made
Answers
C.
Business case justification
C.
Business case justification
Answers
D.
A stakeholder communication
D.
A stakeholder communication
Answers
Suggested answer: C

Question 304

Report
Export
Collapse

The PRIMARY outcome of a certification process is that it provides documented

A.
system weaknesses for remediation.
A.
system weaknesses for remediation.
Answers
B.
standards for security assessment, testing, and process evaluation.
B.
standards for security assessment, testing, and process evaluation.
Answers
C.
interconnected systems and their implemented security controls.
C.
interconnected systems and their implemented security controls.
Answers
D.
security analyses needed to make a risk-based decision.
D.
security analyses needed to make a risk-based decision.
Answers
Suggested answer: D

Question 305

Report
Export
Collapse

Which of the following standards/guidelines requires an Information Security Management System (ISMS) to be defined?

A.
International Organization for Standardization (ISO) 27000 family
A.
International Organization for Standardization (ISO) 27000 family
Answers
B.
Information Technology Infrastructure Library (ITIL)
B.
Information Technology Infrastructure Library (ITIL)
Answers
C.
Payment Card Industry Data Security Standard (PCIDSS)
C.
Payment Card Industry Data Security Standard (PCIDSS)
Answers
D.
ISO/IEC 20000
D.
ISO/IEC 20000
Answers
Suggested answer: A

Question 306

Report
Export
Collapse

Which of the following PRIMARILY contributes to security incidents in web-based applications?

A.
Systems administration and operating systems
A.
Systems administration and operating systems
Answers
B.
System incompatibility and patch management
B.
System incompatibility and patch management
Answers
C.
Third-party applications and change controls
C.
Third-party applications and change controls
Answers
D.
Improper stress testing and application interfaces
D.
Improper stress testing and application interfaces
Answers
Suggested answer: C

Question 307

Report
Export
Collapse

What is the process called when impact values are assigned to the security objectives for information types?

A.
Qualitative analysis
A.
Qualitative analysis
Answers
B.
Quantitative analysis
B.
Quantitative analysis
Answers
C.
Remediation
C.
Remediation
Answers
D.
System security categorization
D.
System security categorization
Answers
Suggested answer: D

Question 308

Report
Export
Collapse

Data remanence refers to which of the following?

A.
The remaining photons left in a fiber optic cable after a secure transmission.
A.
The remaining photons left in a fiber optic cable after a secure transmission.
Answers
B.
The retention period required by law or regulation.
B.
The retention period required by law or regulation.
Answers
C.
The magnetic flux created when removing the network connection from a server or personal computer.
C.
The magnetic flux created when removing the network connection from a server or personal computer.
Answers
D.
The residual information left on magnetic storage media after a deletion or erasure.
D.
The residual information left on magnetic storage media after a deletion or erasure.
Answers
Suggested answer: D

Question 309

Report
Export
Collapse

Which of the following describes the BEST configuration management practice?

A.
After installing a new system, the configuration files are copied to a separate back-up system and hashed to detect tampering.
A.
After installing a new system, the configuration files are copied to a separate back-up system and hashed to detect tampering.
Answers
B.
After installing a new system, the configuration files are copied to an air-gapped system and hashed to detect tampering.
B.
After installing a new system, the configuration files are copied to an air-gapped system and hashed to detect tampering.
Answers
C.
The firewall rules are backed up to an air-gapped system.
C.
The firewall rules are backed up to an air-gapped system.
Answers
D.
A baseline configuration is created and maintained for all relevant systems.
D.
A baseline configuration is created and maintained for all relevant systems.
Answers
Suggested answer: D

Question 310

Report
Export
Collapse

How does Encapsulating Security Payload (ESP) in transport mode affect the Internet Protocol (IP)?

A.
Encrypts and optionally authenticates the IP header, but not the IP payload
A.
Encrypts and optionally authenticates the IP header, but not the IP payload
Answers
B.
Encrypts and optionally authenticates the IP payload, but not the IP header
B.
Encrypts and optionally authenticates the IP payload, but not the IP header
Answers
C.
Authenticates the IP payload and selected portions of the IP header
C.
Authenticates the IP payload and selected portions of the IP header
Answers
D.
Encrypts and optionally authenticates the complete IP packet
D.
Encrypts and optionally authenticates the complete IP packet
Answers
Suggested answer: B
Total 1.482 questions
Go to page: of 149
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms