ExamGecko
Login
Home / ISC / CISSP / List of questions
Ask Question

ISC CISSP Practice Test - Questions Answers, Page 36

List of questions

Question 351

Report Export Collapse

While investigating a malicious event, only six days of audit logs from the last month were available.

What policy should be updated to address this problem?

Retention
Retention
Reporting
Reporting
Recovery
Recovery
Remediation
Remediation
Suggested answer: A
asked 18/09/2024
Sasha Grib
49 questions

Question 352

Report Export Collapse

Who is ultimately responsible to ensure that information assets are categorized and adequate measures are taken to protect them?

Data Custodian
Data Custodian
Executive Management
Executive Management
Chief Information Security Officer
Chief Information Security Officer
Data/Information/Business Owners
Data/Information/Business Owners
Suggested answer: B
asked 18/09/2024
Helania Stevenson
54 questions

Question 353

Report Export Collapse

A mobile device application that restricts the storage of user information to just that which is needed to accomplish lawful business goals adheres to what privacy principle?

Onward transfer
Onward transfer
Collection Limitation
Collection Limitation
Collector Accountability
Collector Accountability
Individual Participation
Individual Participation
Suggested answer: B
asked 18/09/2024
safiqueahmed kazi
41 questions

Question 354

Report Export Collapse

Which of the following is the PRIMARY benefit of implementing data-in-use controls?

If the data is lost, it must be decrypted to be opened.
If the data is lost, it must be decrypted to be opened.
If the data is lost, it will not be accessible to unauthorized users.
If the data is lost, it will not be accessible to unauthorized users.
When the data is being viewed, it can only be printed by authorized users.
When the data is being viewed, it can only be printed by authorized users.
When the data is being viewed, it must be accessed using secure protocols.
When the data is being viewed, it must be accessed using secure protocols.
Suggested answer: C
asked 18/09/2024
Anil Dehriya
42 questions

Question 355

Report Export Collapse

A health care provider is considering Internet access for their employees and patients. Which of the following is the organization's MOST secure solution for protection of data?

Public Key Infrastructure (PKI) and digital signatures
Public Key Infrastructure (PKI) and digital signatures
Trusted server certificates and passphrases
Trusted server certificates and passphrases
User ID and password
User ID and password
Asymmetric encryption and User ID
Asymmetric encryption and User ID
Suggested answer: A
asked 18/09/2024
Yassin Benjajji
44 questions

Question 356

Report Export Collapse

Which of the following BEST describes the purpose of the security functional requirements of Common Criteria?

Level of assurance of the Target of Evaluation (TOE) in intended operational environment
Level of assurance of the Target of Evaluation (TOE) in intended operational environment
Selection to meet the security objectives stated in test documents
Selection to meet the security objectives stated in test documents
Security behavior expected of a TOE
Security behavior expected of a TOE
Definition of the roles and responsibilities
Definition of the roles and responsibilities
Suggested answer: C
asked 18/09/2024
Dawn Silva
31 questions

Question 357

Report Export Collapse

Application of which of the following Institute of Electrical and Electronics Engineers (IEEE) standards will prevent an unauthorized wireless device from being attached to a network?

IEEE 802.1F
IEEE 802.1F
IEEE 802.1H
IEEE 802.1H
IEEE 802.1Q
IEEE 802.1Q
IEEE 802.1X
IEEE 802.1X
Suggested answer: D
asked 18/09/2024
JAVIER MARDOMINGO SALAZAR
37 questions

Question 358

Report Export Collapse

The PRIMARY security concern for handheld devices is the

strength of the encryption algorithm.
strength of the encryption algorithm.
spread of malware during synchronization.
spread of malware during synchronization.
ability to bypass the authentication mechanism.
ability to bypass the authentication mechanism.
strength of the Personal Identification Number (PIN).
strength of the Personal Identification Number (PIN).
Suggested answer: C
asked 18/09/2024
Jason Childers
43 questions

Question 359

Report Export Collapse

Which of the following is the BIGGEST weakness when using native Lightweight Directory Access Protocol (LDAP) for authentication?

Authorizations are not included in the server response
Authorizations are not included in the server response
Unsalted hashes are passed over the network
Unsalted hashes are passed over the network
The authentication session can be replayed
The authentication session can be replayed
Passwords are passed in cleartext
Passwords are passed in cleartext
Suggested answer: D
asked 18/09/2024
Syed Hasan Rizvi
31 questions

Question 360

Report Export Collapse

A global organization wants to implement hardware tokens as part of a multifactor authentication solution for remote access. The PRIMARY advantage of this implementation is

the scalability of token enrollment.
the scalability of token enrollment.
increased accountability of end users.
increased accountability of end users.
it protects against unauthorized access.
it protects against unauthorized access.
it simplifies user access administration.
it simplifies user access administration.
Suggested answer: C
asked 18/09/2024
Misael E
43 questions
Total 1.482 questions
Go to page: of 149
Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

Which Open Systems Interconnection (OSI) layer(s) BEST corresponds to the network access layer in the Transmission Control Protocol/Internet Protocol (TCP/IP) model?
All of the following items should be included in a Business Impact Analysis (BIA) questionnaire EXCEPT questions that
An organization is preparing to achieve General Data Protection Regulation (GDPR) compliance. The Chief Information Security Officer (CISO) is reviewing data protection methods. Which of the following is the BEST data protection method?
Which one of the following would cause an immediate review and possible change to the security policies of an organization?
Which of the following are all elements of a disaster recovery plan (DRP)?
What is the MAIN reason for testing a Disaster Recovery Plan (DRP)?
Which of the following BEST describes the objectives of the Business Impact Analysis (BIA)?
Which of the following would BEST support effective testing of patch compatibility when patches are applied to an organization's systems?
Which part of an operating system (OS) is responsible for providing security interfaces among the hardware, OS, and other parts of the computing system?
In what phase of the System Development Life Cycle (SDLC) should security training for the development team begin?