ExamGecko
Search Search Login
Home Home / ISC / CISSP

ISC CISSP Practice Test - Questions Answers, Page 40

Question list
Search
Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

Which of the following are all elements of a disaster recovery plan (DRP)?
All of the following items should be included in a Business Impact Analysis (BIA) questionnaire EXCEPT questions that
Which of the following would BEST support effective testing of patch compatibility when patches are applied to an organization's systems?
An organization is preparing to achieve General Data Protection Regulation (GDPR) compliance. The Chief Information Security Officer (CISO) is reviewing data protection methods. Which of the following is the BEST data protection method?
In what phase of the System Development Life Cycle (SDLC) should security training for the development team begin?
What balance MUST be considered when web application developers determine how informative application error messages should be constructed?
Which part of an operating system (OS) is responsible for providing security interfaces among the hardware, OS, and other parts of the computing system?
Backup information that is critical to the organization is identified through a
Data remanence refers to which of the following?
With what frequency should monitoring of a control occur when implementing Information Security Continuous Monitoring (ISCM) solutions?

Question 391

Report
Export
Collapse

Which of the following is the BEST approach to take in order to effectively incorporate the concepts of business continuity into the organization?

A.
Ensure end users are aware of the planning activities
A.
Ensure end users are aware of the planning activities
Answers
B.
Validate all regulatory requirements are known and fully documented
B.
Validate all regulatory requirements are known and fully documented
Answers
C.
Develop training and awareness programs that involve all stakeholders
C.
Develop training and awareness programs that involve all stakeholders
Answers
D.
Ensure plans do not violate the organization's cultural objectives and goals
D.
Ensure plans do not violate the organization's cultural objectives and goals
Answers
Suggested answer: C

Question 392

Report
Export
Collapse

Which of the following has the GREATEST impact on an organization's security posture?

A.
International and country-specific compliance requirements
A.
International and country-specific compliance requirements
Answers
B.
Security violations by employees and contractors
B.
Security violations by employees and contractors
Answers
C.
Resource constraints due to increasing costs of supporting security
C.
Resource constraints due to increasing costs of supporting security
Answers
D.
Audit findings related to employee access and permissions process
D.
Audit findings related to employee access and permissions process
Answers
Suggested answer: A

Question 393

Report
Export
Collapse

The application of which of the following standards would BEST reduce the potential for data breaches?

A.
ISO 9000
A.
ISO 9000
Answers
B.
ISO 20121
B.
ISO 20121
Answers
C.
ISO 26000
C.
ISO 26000
Answers
D.
ISO 27001
D.
ISO 27001
Answers
Suggested answer: D

Question 394

Report
Export
Collapse

In order for a security policy to be effective within an organization, it MUST include

A.
strong statements that clearly define the problem.
A.
strong statements that clearly define the problem.
Answers
B.
a list of all standards that apply to the policy.
B.
a list of all standards that apply to the policy.
Answers
C.
owner information and date of last revision.
C.
owner information and date of last revision.
Answers
D.
disciplinary measures for non compliance.
D.
disciplinary measures for non compliance.
Answers
Suggested answer: D

Question 395

Report
Export
Collapse

Which of the following roles has the obligation to ensure that a third party provider is capable of processing and handling data in a secure manner and meeting the standards set by the organization?

A.
Data Custodian
A.
Data Custodian
Answers
B.
Data Owner
B.
Data Owner
Answers
C.
Data Creator
C.
Data Creator
Answers
D.
Data User
D.
Data User
Answers
Suggested answer: B

Question 396

Report
Export
Collapse

To protect auditable information, which of the following MUST be configured to only allow read access?

A.
Logging configurations
A.
Logging configurations
Answers
B.
Transaction log files
B.
Transaction log files
Answers
C.
User account configurations
C.
User account configurations
Answers
D.
Access control lists (ACL)
D.
Access control lists (ACL)
Answers
Suggested answer: B

Question 397

Report
Export
Collapse

What type of encryption is used to protect sensitive data in transit over a network?

A.
Payload encryption and transport encryption
A.
Payload encryption and transport encryption
Answers
B.
Authentication Headers (AH)
B.
Authentication Headers (AH)
Answers
C.
Keyed-Hashing for Message Authentication
C.
Keyed-Hashing for Message Authentication
Answers
D.
Point-to-Point Encryption (P2PE)
D.
Point-to-Point Encryption (P2PE)
Answers
Suggested answer: A

Question 398

Report
Export
Collapse

Which of the following entities is ultimately accountable for data remanence vulnerabilities with data replicated by a cloud service provider?

A.
Data owner
A.
Data owner
Answers
B.
Data steward
B.
Data steward
Answers
C.
Data custodian
C.
Data custodian
Answers
D.
Data processor
D.
Data processor
Answers
Suggested answer: A

Question 399

Report
Export
Collapse

Which of the following is a recommended alternative to an integrated email encryption system?

A.
Sign emails containing sensitive data
A.
Sign emails containing sensitive data
Answers
B.
Send sensitive data in separate emails
B.
Send sensitive data in separate emails
Answers
C.
Encrypt sensitive data separately in attachments
C.
Encrypt sensitive data separately in attachments
Answers
D.
Store sensitive information to be sent in encrypted drives
D.
Store sensitive information to be sent in encrypted drives
Answers
Suggested answer: C

Question 400

Report
Export
Collapse

In the Open System Interconnection (OSI) model, which layer is responsible for the transmission of binary data over a communications network?

A.
Application Layer
A.
Application Layer
Answers
B.
Physical Layer
B.
Physical Layer
Answers
C.
Data-Link Layer
C.
Data-Link Layer
Answers
D.
Network Layer
D.
Network Layer
Answers
Suggested answer: B
Total 1.482 questions
Go to page: of 149
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms