ExamGecko

ISC CISSP Practice Test - Questions Answers, Page 38

Question list
Search
Search

Question 371

Report
Export
Collapse

Are companies legally required to report all data breaches?

A.
No, different jurisdictions have different rules.
A.
No, different jurisdictions have different rules.
Answers
B.
No, not if the data is encrypted.
B.
No, not if the data is encrypted.
Answers
C.
No, companies' codes of ethics don't require it.
C.
No, companies' codes of ethics don't require it.
Answers
D.
No, only if the breach had a material impact.
D.
No, only if the breach had a material impact.
Answers
Suggested answer: A
asked 18/09/2024
Vojtech Danek
38 questions

Question 372

Report
Export
Collapse

What is the PRIMARY difference between security policies and security procedures?

A.
Policies are used to enforce violations, and procedures create penalties
A.
Policies are used to enforce violations, and procedures create penalties
Answers
B.
Policies point to guidelines, and procedures are more contractual in nature
B.
Policies point to guidelines, and procedures are more contractual in nature
Answers
C.
Policies are included in awareness training, and procedures give guidance
C.
Policies are included in awareness training, and procedures give guidance
Answers
D.
Policies are generic in nature, and procedures contain operational details
D.
Policies are generic in nature, and procedures contain operational details
Answers
Suggested answer: D
asked 18/09/2024
JAOID EL OUALITI
29 questions

Question 373

Report
Export
Collapse

For privacy protected data, which of the following roles has the highest authority for establishing dissemination rules for the data?

A.
Information Systems Security Officer
A.
Information Systems Security Officer
Answers
B.
Data Owner
B.
Data Owner
Answers
C.
System Security Architect
C.
System Security Architect
Answers
D.
Security Requirements Analyst
D.
Security Requirements Analyst
Answers
Suggested answer: B
asked 18/09/2024
Jackes Matos
44 questions

Question 374

Report
Export
Collapse

Which of the following controls is the FIRST step in protecting privacy in an information system?

A.
Data Redaction
A.
Data Redaction
Answers
B.
Data Minimization
B.
Data Minimization
Answers
C.
Data Encryption
C.
Data Encryption
Answers
D.
Data Storage
D.
Data Storage
Answers
Suggested answer: B
asked 18/09/2024
Gilbert Mendoza
38 questions

Question 375

Report
Export
Collapse

Which of the following BEST avoids data remanence disclosure for cloud hosted resources?

A.
Strong encryption and deletion of the keys after data is deleted.
A.
Strong encryption and deletion of the keys after data is deleted.
Answers
B.
Strong encryption and deletion of the virtual host after data is deleted.
B.
Strong encryption and deletion of the virtual host after data is deleted.
Answers
C.
Software based encryption with two factor authentication.
C.
Software based encryption with two factor authentication.
Answers
D.
Hardware based encryption on dedicated physical servers.
D.
Hardware based encryption on dedicated physical servers.
Answers
Suggested answer: A
asked 18/09/2024
Akash Makkar
35 questions

Question 376

Report
Export
Collapse

What is the MOST efficient way to secure a production program and its data?

A.
Disable default accounts and implement access control lists (ACL)
A.
Disable default accounts and implement access control lists (ACL)
Answers
B.
Harden the application and encrypt the data
B.
Harden the application and encrypt the data
Answers
C.
Disable unused services and implement tunneling
C.
Disable unused services and implement tunneling
Answers
D.
Harden the servers and backup the data
D.
Harden the servers and backup the data
Answers
Suggested answer: B
asked 18/09/2024
khalid Hassan
33 questions

Question 377

Report
Export
Collapse

If compromised, which of the following would lead to the exploitation of multiple virtual machines?

A.
Virtual device drivers
A.
Virtual device drivers
Answers
B.
Virtual machine monitor
B.
Virtual machine monitor
Answers
C.
Virtual machine instance
C.
Virtual machine instance
Answers
D.
Virtual machine file system
D.
Virtual machine file system
Answers
Suggested answer: B
asked 18/09/2024
George Morales
47 questions

Question 378

Report
Export
Collapse

Which of the following is the MOST important output from a mobile application threat modeling exercise according to Open Web Application Security Project (OWASP)?

A.
Application interface entry and endpoints
A.
Application interface entry and endpoints
Answers
B.
The likelihood and impact of a vulnerability
B.
The likelihood and impact of a vulnerability
Answers
C.
Countermeasures and mitigations for vulnerabilities
C.
Countermeasures and mitigations for vulnerabilities
Answers
D.
A data flow diagram for the application and attack surface analysis
D.
A data flow diagram for the application and attack surface analysis
Answers
Suggested answer: D
asked 18/09/2024
Mithun E
50 questions

Question 379

Report
Export
Collapse

Which one of the following operates at the session, transport, or network layer of the Open System Interconnection (OSI) model?

A.
Data at rest encryption
A.
Data at rest encryption
Answers
B.
Configuration Management
B.
Configuration Management
Answers
C.
Integrity checking software
C.
Integrity checking software
Answers
D.
Cyclic redundancy check (CRC)
D.
Cyclic redundancy check (CRC)
Answers
Suggested answer: D
asked 18/09/2024
Chuck Crouse
49 questions

Question 380

Report
Export
Collapse

Which of the following secures web transactions at the Transport Layer?

A.
Secure HyperText Transfer Protocol (S-HTTP)
A.
Secure HyperText Transfer Protocol (S-HTTP)
Answers
B.
Secure Sockets Layer (SSL)
B.
Secure Sockets Layer (SSL)
Answers
C.
Socket Security (SOCKS)
C.
Socket Security (SOCKS)
Answers
D.
Secure Shell (SSH)
D.
Secure Shell (SSH)
Answers
Suggested answer: B
asked 18/09/2024
Venkataramanan R
32 questions
Total 1.482 questions
Go to page: of 149