ExamGecko
Login
Home / ISC / CISSP / List of questions
Ask Question

ISC CISSP Practice Test - Questions Answers, Page 37

List of questions

Question 361

Report Export Collapse

Which of the following could elicit a Denial of Service (DoS) attack against a credential management system?

Delayed revocation or destruction of credentials
Delayed revocation or destruction of credentials
Modification of Certificate Revocation List
Modification of Certificate Revocation List
Unauthorized renewal or re-issuance
Unauthorized renewal or re-issuance
Token use after decommissioning
Token use after decommissioning
Suggested answer: B
asked 18/09/2024
Vusani Nedzungani
54 questions

Question 362

Report Export Collapse

What security risk does the role-based access approach mitigate MOST effectively?

Excessive access rights to systems and data
Excessive access rights to systems and data
Segregation of duties conflicts within business applications
Segregation of duties conflicts within business applications
Lack of system administrator activity monitoring
Lack of system administrator activity monitoring
Inappropriate access requests
Inappropriate access requests
Suggested answer: A
asked 18/09/2024
Johan Wu
30 questions

Question 363

Report Export Collapse

Which of the following questions can be answered using user and group entitlement reporting?

When a particular file was last accessed by a user
When a particular file was last accessed by a user
Change control activities for a particular group of users
Change control activities for a particular group of users
The number of failed login attempts for a particular user
The number of failed login attempts for a particular user
Where does a particular user have access within the network
Where does a particular user have access within the network
Suggested answer: D
asked 18/09/2024
JP Pelovello
54 questions

Question 364

Report Export Collapse

A network scan found 50% of the systems with one or more critical vulnerabilities. Which of the following represents the BEST action?

Assess vulnerability risk and program effectiveness.
Assess vulnerability risk and program effectiveness.
Assess vulnerability risk and business impact.
Assess vulnerability risk and business impact.
Disconnect all systems with critical vulnerabilities.
Disconnect all systems with critical vulnerabilities.
Disconnect systems with the most number of vulnerabilities.
Disconnect systems with the most number of vulnerabilities.
Suggested answer: B
asked 18/09/2024
Crystal Eagle
36 questions

Question 365

Report Export Collapse

Which of the following command line tools can be used in the reconnaisance phase of a network vulnerability assessment?

dig
dig
ifconfig
ifconfig
ipconfig
ipconfig
nbtstat
nbtstat
Suggested answer: A
asked 18/09/2024
GUY XAVIER DONGMO FAPONG
43 questions

Question 366

Report Export Collapse

An organization has hired a security services firm to conduct a penetration test. Which of the following will the organization provide to the tester?

Limits and scope of the testing.
Limits and scope of the testing.
Physical location of server room and wiring closet.
Physical location of server room and wiring closet.
Logical location of filters and concentrators.
Logical location of filters and concentrators.
Employee directory and organizational chart.
Employee directory and organizational chart.
Suggested answer: A
asked 18/09/2024
Laimonas Mulys
49 questions

Question 367

Report Export Collapse

When planning a penetration test, the tester will be MOST interested in which information?

Places to install back doors
Places to install back doors
The main network access points
The main network access points
Job application handouts and tours
Job application handouts and tours
Exploits that can attack weaknesses
Exploits that can attack weaknesses
Suggested answer: D
asked 18/09/2024
Mashudu Abraham
39 questions

Question 368

Report Export Collapse

After acquiring the latest security updates, what must be done before deploying to production systems?

Use tools to detect missing system patches
Use tools to detect missing system patches
Install the patches on a test system
Install the patches on a test system
Subscribe to notifications for vulnerabilities
Subscribe to notifications for vulnerabilities
Assess the severity of the situation
Assess the severity of the situation
Suggested answer: B
asked 18/09/2024
Sarath Ganaparthi
48 questions

Question 369

Report Export Collapse

Software Code signing is used as a method of verifying what security concept?

Integrity
Integrity
Confidentiality
Confidentiality
Availability
Availability
Access Control
Access Control
Suggested answer: A
asked 18/09/2024
Panayiotis Markatos
54 questions

Question 370

Report Export Collapse

Which of the following BEST describes the purpose of performing security certification?

To identify system threats, vulnerabilities, and acceptable level of risk
To identify system threats, vulnerabilities, and acceptable level of risk
To formalize the confirmation of compliance to security policies and standards
To formalize the confirmation of compliance to security policies and standards
To formalize the confirmation of completed risk mitigation and risk analysis
To formalize the confirmation of completed risk mitigation and risk analysis
To verify that system architecture and interconnections with other systems are effectively implemented
To verify that system architecture and interconnections with other systems are effectively implemented
Suggested answer: B
asked 18/09/2024
Yuriy Kitsis
38 questions
Total 1.482 questions
Go to page: of 149
Open VPLUS File
Convert VPLUS to PDF

Related questions

Which Open Systems Interconnection (OSI) layer(s) BEST corresponds to the network access layer in the Transmission Control Protocol/Internet Protocol (TCP/IP) model?
All of the following items should be included in a Business Impact Analysis (BIA) questionnaire EXCEPT questions that
An organization is preparing to achieve General Data Protection Regulation (GDPR) compliance. The Chief Information Security Officer (CISO) is reviewing data protection methods. Which of the following is the BEST data protection method?
Which one of the following would cause an immediate review and possible change to the security policies of an organization?
Which of the following are all elements of a disaster recovery plan (DRP)?
What is the MAIN reason for testing a Disaster Recovery Plan (DRP)?
Which of the following BEST describes the objectives of the Business Impact Analysis (BIA)?
Which of the following would BEST support effective testing of patch compatibility when patches are applied to an organization's systems?
Which part of an operating system (OS) is responsible for providing security interfaces among the hardware, OS, and other parts of the computing system?
In what phase of the System Development Life Cycle (SDLC) should security training for the development team begin?