ExamGecko

ISC CISSP Practice Test - Questions Answers, Page 4

Question list
Search
Search

List of questions

Search

Question 31

Report
Export
Collapse

An input validation and exception handling vulnerability has been discovered on a critical web-based system. Which of the following is MOST suited to quickly implement a control?

A.
Add a new rule to the application layer firewall
A.
Add a new rule to the application layer firewall
Answers
B.
Block access to the service
B.
Block access to the service
Answers
C.
Install an Intrusion Detection System (IDS)
C.
Install an Intrusion Detection System (IDS)
Answers
D.
Patch the application source code
D.
Patch the application source code
Answers
Suggested answer: A
asked 18/09/2024
Arvind Prasad S
41 questions

Question 32

Report
Export
Collapse

Which of the following is the BEST network defense against unknown types of attacks or stealth attacks in progress?

A.
Intrusion Prevention Systems (IPS)
A.
Intrusion Prevention Systems (IPS)
Answers
B.
Intrusion Detection Systems (IDS)
B.
Intrusion Detection Systems (IDS)
Answers
C.
Stateful firewalls
C.
Stateful firewalls
Answers
D.
Network Behavior Analysis (NBA) tools
D.
Network Behavior Analysis (NBA) tools
Answers
Suggested answer: D
asked 18/09/2024
Dilip Kumar
37 questions

Question 33

Report
Export
Collapse

Which of the following factors contributes to the weakness of Wired Equivalent Privacy (WEP) protocol?

A.
WEP uses a small range Initialization Vector (IV)
A.
WEP uses a small range Initialization Vector (IV)
Answers
B.
WEP uses Message Digest 5 (MD5)
B.
WEP uses Message Digest 5 (MD5)
Answers
C.
WEP uses Diffie-Hellman
C.
WEP uses Diffie-Hellman
Answers
D.
WEP does not use any Initialization Vector (IV)
D.
WEP does not use any Initialization Vector (IV)
Answers
Suggested answer: A
asked 18/09/2024
Vladimir Kosintsov
37 questions

Question 34

Report
Export
Collapse

A manufacturing organization wants to establish a Federated Identity Management (FIM) system with its 20 different supplier companies. Which of the following is the BEST solution for the manufacturing organization?

A.
Trusted third-party certification
A.
Trusted third-party certification
Answers
B.
Lightweight Directory Access Protocol (LDAP)
B.
Lightweight Directory Access Protocol (LDAP)
Answers
C.
Security Assertion Markup language (SAML)
C.
Security Assertion Markup language (SAML)
Answers
D.
Cross-certification
D.
Cross-certification
Answers
Suggested answer: C
asked 18/09/2024
Christina Lanaski
38 questions

Question 35

Report
Export
Collapse

Which of the following BEST describes an access control method utilizing cryptographic keys derived from a smart card private key that is embedded within mobile devices?

A.
Derived credential
A.
Derived credential
Answers
B.
Temporary security credential
B.
Temporary security credential
Answers
C.
Mobile device credentialing service
C.
Mobile device credentialing service
Answers
D.
Digest authentication
D.
Digest authentication
Answers
Suggested answer: A
asked 18/09/2024
christopher tenney
34 questions

Question 36

Report
Export
Collapse

Users require access rights that allow them to view the average salary of groups of employees.

Which control would prevent the users from obtaining an individual employee's salary?

A.
Limit access to predefined queries
A.
Limit access to predefined queries
Answers
B.
Segregate the database into a small number of partitions each with a separate security level
B.
Segregate the database into a small number of partitions each with a separate security level
Answers
C.
Implement Role Based Access Control (RBAC)
C.
Implement Role Based Access Control (RBAC)
Answers
D.
Reduce the number of people who have access to the system for statistical purposes
D.
Reduce the number of people who have access to the system for statistical purposes
Answers
Suggested answer: C
asked 18/09/2024
Teste Teste
39 questions

Question 37

Report
Export
Collapse

What is the BEST approach for controlling access to highly sensitive information when employees have the same level of security clearance?

A.
Audit logs
A.
Audit logs
Answers
B.
Role-Based Access Control (RBAC)
B.
Role-Based Access Control (RBAC)
Answers
C.
Two-factor authentication
C.
Two-factor authentication
Answers
D.
Application of least privilege
D.
Application of least privilege
Answers
Suggested answer: B
asked 18/09/2024
Michael Ulrich
41 questions

Question 38

Report
Export
Collapse

Which of the following is of GREATEST assistance to auditors when reviewing system configurations?

A.
Change management processes
A.
Change management processes
Answers
B.
User administration procedures
B.
User administration procedures
Answers
C.
Operating System (OS) baselines
C.
Operating System (OS) baselines
Answers
D.
System backup documentation
D.
System backup documentation
Answers
Suggested answer: A
asked 18/09/2024
Francisco Jesús Cano Hinarejos
53 questions

Question 39

Report
Export
Collapse

In which of the following programs is it MOST important to include the collection of security process data?

A.
Quarterly access reviews
A.
Quarterly access reviews
Answers
B.
Security continuous monitoring
B.
Security continuous monitoring
Answers
C.
Business continuity testing
C.
Business continuity testing
Answers
D.
Annual security training
D.
Annual security training
Answers
Suggested answer: B
asked 18/09/2024
David Looby
37 questions

Question 40

Report
Export
Collapse

A Virtual Machine (VM) environment has five guest Operating Systems (OS) and provides strong isolation. What MUST an administrator review to audit a user's access to data files?

A.
Host VM monitor audit logs
A.
Host VM monitor audit logs
Answers
B.
Guest OS access controls
B.
Guest OS access controls
Answers
C.
Host VM access controls
C.
Host VM access controls
Answers
D.
Guest OS audit logs
D.
Guest OS audit logs
Answers
Suggested answer: A
asked 18/09/2024
Vetti Paiyan
28 questions
Total 1.482 questions
Go to page: of 149