ExamGecko

ISC CISSP Practice Test - Questions Answers, Page 39

Question list
Search
Search

Question 381

Report
Export
Collapse

Which of the following is the MOST effective method of mitigating data theft from an active user workstation?

A.
Implement full-disk encryption
A.
Implement full-disk encryption
Answers
B.
Enable multifactor authentication
B.
Enable multifactor authentication
Answers
C.
Deploy file integrity checkers
C.
Deploy file integrity checkers
Answers
D.
Disable use of portable devices
D.
Disable use of portable devices
Answers
Suggested answer: D
asked 18/09/2024
Arun Samuel
41 questions

Question 382

Report
Export
Collapse

The BEST method to mitigate the risk of a dictionary attack on a system is to

A.
use a hardware token.
A.
use a hardware token.
Answers
B.
use complex passphrases.
B.
use complex passphrases.
Answers
C.
implement password history.
C.
implement password history.
Answers
D.
encrypt the access control list (ACL).
D.
encrypt the access control list (ACL).
Answers
Suggested answer: A
asked 18/09/2024
Jay Fletcher
49 questions

Question 383

Report
Export
Collapse

Which of the following is an advantage of on-premise Credential Management Systems?

A.
Improved credential interoperability
A.
Improved credential interoperability
Answers
B.
Control over system configuration
B.
Control over system configuration
Answers
C.
Lower infrastructure capital costs
C.
Lower infrastructure capital costs
Answers
D.
Reduced administrative overhead
D.
Reduced administrative overhead
Answers
Suggested answer: B
asked 18/09/2024
Sergio Guerra
43 questions

Question 384

Report
Export
Collapse

Which of the following prevents improper aggregation of privileges in Role Based Access Control (RBAC)?

A.
Hierarchical inheritance
A.
Hierarchical inheritance
Answers
B.
Dynamic separation of duties
B.
Dynamic separation of duties
Answers
C.
The Clark-Wilson security model
C.
The Clark-Wilson security model
Answers
D.
The Bell-LaPadula security model
D.
The Bell-LaPadula security model
Answers
Suggested answer: B
asked 18/09/2024
Raymond LaFrance
51 questions

Question 385

Report
Export
Collapse

The implementation of which features of an identity management system reduces costs and administration overhead while improving audit and accountability?

A.
Two-factor authentication
A.
Two-factor authentication
Answers
B.
Single Sign-On (SSO)
B.
Single Sign-On (SSO)
Answers
C.
User self-service
C.
User self-service
Answers
D.
A metadirectory
D.
A metadirectory
Answers
Suggested answer: C
asked 18/09/2024
Jose Ortuondo Arambalza
42 questions

Question 386

Report
Export
Collapse

Which of the following is the BEST method to assess the effectiveness of an organization's vulnerability management program?

A.
Review automated patch deployment reports
A.
Review automated patch deployment reports
Answers
B.
Periodic third party vulnerability assessment
B.
Periodic third party vulnerability assessment
Answers
C.
Automated vulnerability scanning
C.
Automated vulnerability scanning
Answers
D.
Perform vulnerability scan by security team
D.
Perform vulnerability scan by security team
Answers
Suggested answer: B
asked 18/09/2024
Jialu Wang
36 questions

Question 387

Report
Export
Collapse

Which methodology is recommended for penetration testing to be effective in the development phase of the life-cycle process?

A.
White-box testing
A.
White-box testing
Answers
B.
Software fuzz testing
B.
Software fuzz testing
Answers
C.
Black-box testing
C.
Black-box testing
Answers
D.
Visual testing
D.
Visual testing
Answers
Suggested answer: A
asked 18/09/2024
Ishan Patel
42 questions

Question 388

Report
Export
Collapse

Which of the following is most helpful in applying the principle of LEAST privilege?

A.
Establishing a sandboxing environment
A.
Establishing a sandboxing environment
Answers
B.
Setting up a Virtual Private Network (VPN) tunnel
B.
Setting up a Virtual Private Network (VPN) tunnel
Answers
C.
Monitoring and reviewing privileged sessions
C.
Monitoring and reviewing privileged sessions
Answers
D.
Introducing a job rotation program
D.
Introducing a job rotation program
Answers
Suggested answer: A
asked 18/09/2024
Mustafa Hussien
41 questions

Question 389

Report
Export
Collapse

Which of the following explains why record destruction requirements are included in a data retention policy?

A.
To comply with legal and business requirements
A.
To comply with legal and business requirements
Answers
B.
To save cost for storage and backup
B.
To save cost for storage and backup
Answers
C.
To meet destruction guidelines
C.
To meet destruction guidelines
Answers
D.
To validate data ownership
D.
To validate data ownership
Answers
Suggested answer: A
asked 18/09/2024
Andrzej Pawlus
46 questions

Question 390

Report
Export
Collapse

What should happen when an emergency change to a system must be performed?

A.
The change must be given priority at the next meeting of the change control board.
A.
The change must be given priority at the next meeting of the change control board.
Answers
B.
Testing and approvals must be performed quickly.
B.
Testing and approvals must be performed quickly.
Answers
C.
The change must be performed immediately and then submitted to the change board.
C.
The change must be performed immediately and then submitted to the change board.
Answers
D.
The change is performed and a notation is made in the system log.
D.
The change is performed and a notation is made in the system log.
Answers
Suggested answer: B
asked 18/09/2024
Raed Abu-Haija
35 questions
Total 1.482 questions
Go to page: of 149