ExamGecko
Login
Home / ISC / CISSP / List of questions
Ask Question

ISC CISSP Practice Test - Questions Answers, Page 40

List of questions

Question 391

Report Export Collapse

Which of the following is the BEST approach to take in order to effectively incorporate the concepts of business continuity into the organization?

Ensure end users are aware of the planning activities
Ensure end users are aware of the planning activities
Validate all regulatory requirements are known and fully documented
Validate all regulatory requirements are known and fully documented
Develop training and awareness programs that involve all stakeholders
Develop training and awareness programs that involve all stakeholders
Ensure plans do not violate the organization's cultural objectives and goals
Ensure plans do not violate the organization's cultural objectives and goals
Suggested answer: C
asked 18/09/2024
John Kaye
33 questions

Question 392

Report Export Collapse

Which of the following has the GREATEST impact on an organization's security posture?

International and country-specific compliance requirements
International and country-specific compliance requirements
Security violations by employees and contractors
Security violations by employees and contractors
Resource constraints due to increasing costs of supporting security
Resource constraints due to increasing costs of supporting security
Audit findings related to employee access and permissions process
Audit findings related to employee access and permissions process
Suggested answer: A
asked 18/09/2024
Korrakot Tianniam
37 questions

Question 393

Report Export Collapse

The application of which of the following standards would BEST reduce the potential for data breaches?

ISO 9000
ISO 9000
ISO 20121
ISO 20121
ISO 26000
ISO 26000
ISO 27001
ISO 27001
Suggested answer: D
asked 18/09/2024
Krishan Randitha
48 questions

Question 394

Report Export Collapse

In order for a security policy to be effective within an organization, it MUST include

strong statements that clearly define the problem.
strong statements that clearly define the problem.
a list of all standards that apply to the policy.
a list of all standards that apply to the policy.
owner information and date of last revision.
owner information and date of last revision.
disciplinary measures for non compliance.
disciplinary measures for non compliance.
Suggested answer: D
asked 18/09/2024
YASSIR EL GHAZY
62 questions

Question 395

Report Export Collapse

Which of the following roles has the obligation to ensure that a third party provider is capable of processing and handling data in a secure manner and meeting the standards set by the organization?

Data Custodian
Data Custodian
Data Owner
Data Owner
Data Creator
Data Creator
Data User
Data User
Suggested answer: B
asked 18/09/2024
Cesar Augusto Veliz Reyes
52 questions

Question 396

Report Export Collapse

To protect auditable information, which of the following MUST be configured to only allow read access?

Logging configurations
Logging configurations
Transaction log files
Transaction log files
User account configurations
User account configurations
Access control lists (ACL)
Access control lists (ACL)
Suggested answer: B
asked 18/09/2024
Charalambos Pasvantis
46 questions

Question 397

Report Export Collapse

What type of encryption is used to protect sensitive data in transit over a network?

Payload encryption and transport encryption
Payload encryption and transport encryption
Authentication Headers (AH)
Authentication Headers (AH)
Keyed-Hashing for Message Authentication
Keyed-Hashing for Message Authentication
Point-to-Point Encryption (P2PE)
Point-to-Point Encryption (P2PE)
Suggested answer: A
asked 18/09/2024
Vishal Sahare
52 questions

Question 398

Report Export Collapse

Which of the following entities is ultimately accountable for data remanence vulnerabilities with data replicated by a cloud service provider?

Data owner
Data owner
Data steward
Data steward
Data custodian
Data custodian
Data processor
Data processor
Suggested answer: A
asked 18/09/2024
Rehan Malik
54 questions

Question 399

Report Export Collapse

Which of the following is a recommended alternative to an integrated email encryption system?

Sign emails containing sensitive data
Sign emails containing sensitive data
Send sensitive data in separate emails
Send sensitive data in separate emails
Encrypt sensitive data separately in attachments
Encrypt sensitive data separately in attachments
Store sensitive information to be sent in encrypted drives
Store sensitive information to be sent in encrypted drives
Suggested answer: C
asked 18/09/2024
Lance Herbst
51 questions

Question 400

Report Export Collapse

In the Open System Interconnection (OSI) model, which layer is responsible for the transmission of binary data over a communications network?

Application Layer
Application Layer
Physical Layer
Physical Layer
Data-Link Layer
Data-Link Layer
Network Layer
Network Layer
Suggested answer: B
asked 18/09/2024
Carson Plunkett
53 questions
Total 1.482 questions
Go to page: of 149
Open VPLUS File
Convert VPLUS to PDF

Related questions

Which Open Systems Interconnection (OSI) layer(s) BEST corresponds to the network access layer in the Transmission Control Protocol/Internet Protocol (TCP/IP) model?
All of the following items should be included in a Business Impact Analysis (BIA) questionnaire EXCEPT questions that
An organization is preparing to achieve General Data Protection Regulation (GDPR) compliance. The Chief Information Security Officer (CISO) is reviewing data protection methods. Which of the following is the BEST data protection method?
Which one of the following would cause an immediate review and possible change to the security policies of an organization?
Which of the following are all elements of a disaster recovery plan (DRP)?
What is the MAIN reason for testing a Disaster Recovery Plan (DRP)?
Which of the following BEST describes the objectives of the Business Impact Analysis (BIA)?
Which of the following would BEST support effective testing of patch compatibility when patches are applied to an organization's systems?
Which part of an operating system (OS) is responsible for providing security interfaces among the hardware, OS, and other parts of the computing system?
In what phase of the System Development Life Cycle (SDLC) should security training for the development team begin?