ExamGecko
Login
Home / ISC / CISSP / List of questions
Ask Question

ISC CISSP Practice Test - Questions Answers, Page 39

List of questions

Question 381

Report Export Collapse

Which of the following is the MOST effective method of mitigating data theft from an active user workstation?

Implement full-disk encryption
Implement full-disk encryption
Enable multifactor authentication
Enable multifactor authentication
Deploy file integrity checkers
Deploy file integrity checkers
Disable use of portable devices
Disable use of portable devices
Suggested answer: D
asked 18/09/2024
Arun Samuel
50 questions

Question 382

Report Export Collapse

The BEST method to mitigate the risk of a dictionary attack on a system is to

use a hardware token.
use a hardware token.
use complex passphrases.
use complex passphrases.
implement password history.
implement password history.
encrypt the access control list (ACL).
encrypt the access control list (ACL).
Suggested answer: A
asked 18/09/2024
Jay Fletcher
53 questions

Question 383

Report Export Collapse

Which of the following is an advantage of on-premise Credential Management Systems?

Improved credential interoperability
Improved credential interoperability
Control over system configuration
Control over system configuration
Lower infrastructure capital costs
Lower infrastructure capital costs
Reduced administrative overhead
Reduced administrative overhead
Suggested answer: B
asked 18/09/2024
Sergio Guerra
46 questions

Question 384

Report Export Collapse

Which of the following prevents improper aggregation of privileges in Role Based Access Control (RBAC)?

Hierarchical inheritance
Hierarchical inheritance
Dynamic separation of duties
Dynamic separation of duties
The Clark-Wilson security model
The Clark-Wilson security model
The Bell-LaPadula security model
The Bell-LaPadula security model
Suggested answer: B
asked 18/09/2024
Raymond LaFrance
55 questions

Question 385

Report Export Collapse

The implementation of which features of an identity management system reduces costs and administration overhead while improving audit and accountability?

Two-factor authentication
Two-factor authentication
Single Sign-On (SSO)
Single Sign-On (SSO)
User self-service
User self-service
A metadirectory
A metadirectory
Suggested answer: C
asked 18/09/2024
Jose Ortuondo Arambalza
44 questions

Question 386

Report Export Collapse

Which of the following is the BEST method to assess the effectiveness of an organization's vulnerability management program?

Review automated patch deployment reports
Review automated patch deployment reports
Periodic third party vulnerability assessment
Periodic third party vulnerability assessment
Automated vulnerability scanning
Automated vulnerability scanning
Perform vulnerability scan by security team
Perform vulnerability scan by security team
Suggested answer: B
asked 18/09/2024
Jialu Wang
38 questions

Question 387

Report Export Collapse

Which methodology is recommended for penetration testing to be effective in the development phase of the life-cycle process?

White-box testing
White-box testing
Software fuzz testing
Software fuzz testing
Black-box testing
Black-box testing
Visual testing
Visual testing
Suggested answer: A
asked 18/09/2024
Ishan Patel
47 questions

Question 388

Report Export Collapse

Which of the following is most helpful in applying the principle of LEAST privilege?

Establishing a sandboxing environment
Establishing a sandboxing environment
Setting up a Virtual Private Network (VPN) tunnel
Setting up a Virtual Private Network (VPN) tunnel
Monitoring and reviewing privileged sessions
Monitoring and reviewing privileged sessions
Introducing a job rotation program
Introducing a job rotation program
Suggested answer: A
asked 18/09/2024
Mustafa Hussien
48 questions

Question 389

Report Export Collapse

Which of the following explains why record destruction requirements are included in a data retention policy?

To comply with legal and business requirements
To comply with legal and business requirements
To save cost for storage and backup
To save cost for storage and backup
To meet destruction guidelines
To meet destruction guidelines
To validate data ownership
To validate data ownership
Suggested answer: A
asked 18/09/2024
Andrzej Pawlus
52 questions

Question 390

Report Export Collapse

What should happen when an emergency change to a system must be performed?

The change must be given priority at the next meeting of the change control board.
The change must be given priority at the next meeting of the change control board.
Testing and approvals must be performed quickly.
Testing and approvals must be performed quickly.
The change must be performed immediately and then submitted to the change board.
The change must be performed immediately and then submitted to the change board.
The change is performed and a notation is made in the system log.
The change is performed and a notation is made in the system log.
Suggested answer: B
asked 18/09/2024
Raed Abu-Haija
41 questions
Total 1.482 questions
Go to page: of 149
Open VPLUS File
Convert VPLUS to PDF

Related questions

Which Open Systems Interconnection (OSI) layer(s) BEST corresponds to the network access layer in the Transmission Control Protocol/Internet Protocol (TCP/IP) model?
All of the following items should be included in a Business Impact Analysis (BIA) questionnaire EXCEPT questions that
An organization is preparing to achieve General Data Protection Regulation (GDPR) compliance. The Chief Information Security Officer (CISO) is reviewing data protection methods. Which of the following is the BEST data protection method?
Which one of the following would cause an immediate review and possible change to the security policies of an organization?
Which of the following are all elements of a disaster recovery plan (DRP)?
What is the MAIN reason for testing a Disaster Recovery Plan (DRP)?
Which of the following BEST describes the objectives of the Business Impact Analysis (BIA)?
Which of the following would BEST support effective testing of patch compatibility when patches are applied to an organization's systems?
Which part of an operating system (OS) is responsible for providing security interfaces among the hardware, OS, and other parts of the computing system?
In what phase of the System Development Life Cycle (SDLC) should security training for the development team begin?