ExamGecko
Login
Home / ISC / CISSP / List of questions
Ask Question

ISC CISSP Practice Test - Questions Answers, Page 33

List of questions

Question 321

Report Export Collapse

How does an organization verify that an information system's current hardware and software match the standard system configuration?

By reviewing the configuration after the system goes into production
By reviewing the configuration after the system goes into production
By running vulnerability scanning tools on all devices in the environment
By running vulnerability scanning tools on all devices in the environment
By comparing the actual configuration of the system against the baseline
By comparing the actual configuration of the system against the baseline
By verifying all the approved security patches are implemented
By verifying all the approved security patches are implemented
Suggested answer: C
asked 18/09/2024
Lazar Marinovic
38 questions

Question 322

Report Export Collapse

The goal of a Business Continuity Plan (BCP) training and awareness program is to

enhance the skills required to create, maintain, and execute the plan.
enhance the skills required to create, maintain, and execute the plan.
provide for a high level of recovery in case of disaster.
provide for a high level of recovery in case of disaster.
describe the recovery organization to new employees.
describe the recovery organization to new employees.
provide each recovery team with checklists and procedures.
provide each recovery team with checklists and procedures.
Suggested answer: A
asked 18/09/2024
Igor An
40 questions

Question 323

Report Export Collapse

Which of the following disaster recovery test plans will be MOST effective while providing minimal risk?

Read-through
Read-through
Parallel
Parallel
Full interruption
Full interruption
Simulation
Simulation
Suggested answer: D
asked 18/09/2024
Ali S Zahedi
44 questions

Question 324

Report Export Collapse

An organization has developed a major application that has undergone accreditation testing. After receiving the results of the evaluation, what is the final step before the application can be accredited?

Acceptance of risk by the authorizing official
Acceptance of risk by the authorizing official
Remediation of vulnerabilities
Remediation of vulnerabilities
Adoption of standardized policies and procedures
Adoption of standardized policies and procedures
Approval of the System Security Plan (SSP)
Approval of the System Security Plan (SSP)
Suggested answer: A
asked 18/09/2024
Maurille AGBISSIKO
39 questions

Question 325

Report Export Collapse

What is one way to mitigate the risk of security flaws in custom software?

Include security language in the Earned Value Management (EVM) contract
Include security language in the Earned Value Management (EVM) contract
Include security assurance clauses in the Service Level Agreement (SLA)
Include security assurance clauses in the Service Level Agreement (SLA)
Purchase only Commercial Off-The-Shelf (COTS) products
Purchase only Commercial Off-The-Shelf (COTS) products
Purchase only software with no open source Application Programming Interfaces (APIs)
Purchase only software with no open source Application Programming Interfaces (APIs)
Suggested answer: B
asked 18/09/2024
Natalia Novikova
45 questions

Question 326

Report Export Collapse

Which of the following is the BEST example of weak management commitment to the protection of security assets and resources?

poor governance over security processes and procedures
poor governance over security processes and procedures
immature security controls and procedures
immature security controls and procedures
variances against regulatory requirements
variances against regulatory requirements
unanticipated increases in security incidents and threats
unanticipated increases in security incidents and threats
Suggested answer: A
asked 18/09/2024
Rajesh K
33 questions

Question 327

Report Export Collapse

What does an organization FIRST review to assure compliance with privacy requirements?

Best practices
Best practices
Business objectives
Business objectives
Legal and regulatory mandates
Legal and regulatory mandates
Employee's compliance to policies and standards
Employee's compliance to policies and standards
Suggested answer: C
asked 18/09/2024
Marcelo Oliveira
42 questions

Question 328

Report Export Collapse

Which security approach will BEST minimize Personally Identifiable Information (PII) loss from a data breach?

A strong breach notification process
A strong breach notification process
Limited collection of individuals' confidential data
Limited collection of individuals' confidential data
End-to-end data encryption for data in transit
End-to-end data encryption for data in transit
Continuous monitoring of potential vulnerabilities
Continuous monitoring of potential vulnerabilities
Suggested answer: B
asked 18/09/2024
Crystal Eagle
36 questions

Question 329

Report Export Collapse

An organization lacks a data retention policy. Of the following, who is the BEST person to consult for such requirement?

Application Manager
Application Manager
Database Administrator
Database Administrator
Privacy Officer
Privacy Officer
Finance Manager
Finance Manager
Suggested answer: C
asked 18/09/2024
Emmanuel ogoro
38 questions

Question 330

Report Export Collapse

Which of the following analyses is performed to protect information assets?

Business impact analysis
Business impact analysis
Feasibility analysis
Feasibility analysis
Cost benefit analysis
Cost benefit analysis
Data analysis
Data analysis
Suggested answer: A
asked 18/09/2024
David Galiata
36 questions
Total 1.482 questions
Go to page: of 149
Open VPLUS File
Convert VPLUS to PDF

Related questions

Which Open Systems Interconnection (OSI) layer(s) BEST corresponds to the network access layer in the Transmission Control Protocol/Internet Protocol (TCP/IP) model?
All of the following items should be included in a Business Impact Analysis (BIA) questionnaire EXCEPT questions that
An organization is preparing to achieve General Data Protection Regulation (GDPR) compliance. The Chief Information Security Officer (CISO) is reviewing data protection methods. Which of the following is the BEST data protection method?
Which one of the following would cause an immediate review and possible change to the security policies of an organization?
Which of the following are all elements of a disaster recovery plan (DRP)?
What is the MAIN reason for testing a Disaster Recovery Plan (DRP)?
Which of the following BEST describes the objectives of the Business Impact Analysis (BIA)?
Which of the following would BEST support effective testing of patch compatibility when patches are applied to an organization's systems?
Which part of an operating system (OS) is responsible for providing security interfaces among the hardware, OS, and other parts of the computing system?
In what phase of the System Development Life Cycle (SDLC) should security training for the development team begin?