ExamGecko
Login
Home / ISC / CISSP / List of questions
Ask Question

ISC CISSP Practice Test - Questions Answers, Page 41

List of questions

Question 401

Report Export Collapse

What is the PRIMARY goal for using Domain Name System Security Extensions (DNSSEC) to sign records?

Integrity
Integrity
Confidentiality
Confidentiality
Accountability
Accountability
Availability
Availability
Suggested answer: A
asked 18/09/2024
Akhil Borkar
44 questions

Question 402

Report Export Collapse

While inventorying storage equipment, it is found that there are unlabeled, disconnected, and powered off devices. Which of the following is the correct procedure for handling such equipment?

They should be recycled to save energy.
They should be recycled to save energy.
They should be recycled according to NIST SP 800-88.
They should be recycled according to NIST SP 800-88.
They should be inspected and sanitized following the organizational policy.
They should be inspected and sanitized following the organizational policy.
They should be inspected and categorized properly to sell them for reuse.
They should be inspected and categorized properly to sell them for reuse.
Suggested answer: C
asked 18/09/2024
Mitesh Patel
48 questions

Question 403

Report Export Collapse

The PRIMARY characteristic of a Distributed Denial of Service (DDoS) attack is that it

exploits weak authentication to penetrate networks.
exploits weak authentication to penetrate networks.
can be detected with signature analysis.
can be detected with signature analysis.
looks like normal network activity.
looks like normal network activity.
is commonly confused with viruses or worms.
is commonly confused with viruses or worms.
Suggested answer: C
asked 18/09/2024
Jeffrey Tiffany
46 questions

Question 404

Report Export Collapse

Which of the following is generally indicative of a replay attack when dealing with biometric authentication?

False Acceptance Rate (FAR) is greater than 1 in 100,000
False Acceptance Rate (FAR) is greater than 1 in 100,000
False Rejection Rate (FRR) is greater than 5 in 100
False Rejection Rate (FRR) is greater than 5 in 100
Inadequately specified templates
Inadequately specified templates
Exact match
Exact match
Suggested answer: D
asked 18/09/2024
Mogens Jensen
38 questions

Question 405

Report Export Collapse

During a fingerprint verification process, which of the following is used to verify identity and authentication?

A pressure value is compared with a stored template
A pressure value is compared with a stored template
Sets of digits are matched with stored values
Sets of digits are matched with stored values
A hash table is matched to a database of stored value
A hash table is matched to a database of stored value
A template of minutiae is compared with a stored template
A template of minutiae is compared with a stored template
Suggested answer: D
asked 18/09/2024
Aparecido Primo
43 questions

Question 406

Report Export Collapse

The BEST example of the concept of "something that a user has" when providing an authorized user access to a computing system is

the user's hand geometry.
the user's hand geometry.
a credential stored in a token.
a credential stored in a token.
a passphrase.
a passphrase.
the user's face.
the user's face.
Suggested answer: B
asked 18/09/2024
Osman Taskiran
35 questions

Question 407

Report Export Collapse

A security professional is asked to provide a solution that restricts a bank teller to only perform a savings deposit transaction but allows a supervisor to perform corrections after the transaction.

Which of the following is the MOST effective solution?

Access is based on rules.
Access is based on rules.
Access is determined by the system.
Access is determined by the system.
Access is based on user's role.
Access is based on user's role.
Access is based on data sensitivity.
Access is based on data sensitivity.
Suggested answer: C
asked 18/09/2024
Antonios Petropoulos
32 questions

Question 408

Report Export Collapse

Sensitive customer data is going to be added to a database. What is the MOST effective implementation for ensuring data privacy?

Discretionary Access Control (DAC) procedures
Discretionary Access Control (DAC) procedures
Mandatory Access Control (MAC) procedures
Mandatory Access Control (MAC) procedures
Data link encryption
Data link encryption
Segregation of duties
Segregation of duties
Suggested answer: D
asked 18/09/2024
Mian Mudasir Bari
49 questions

Question 409

Report Export Collapse

Which of the following types of security testing is the MOST effective in providing a better indication of the everyday security challenges of an organization when performing a security risk assessment?

External
External
Overt
Overt
Internal
Internal
Covert
Covert
Suggested answer: D
asked 18/09/2024
Maria Telan
35 questions

Question 410

Report Export Collapse

What is the MOST effective method of testing custom application code?

Negative testing
Negative testing
White box testing
White box testing
Penetration testing
Penetration testing
Black box testing
Black box testing
Suggested answer: B
asked 18/09/2024
Rick van der Slot
41 questions
Total 1.482 questions
Go to page: of 149
Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

Which Open Systems Interconnection (OSI) layer(s) BEST corresponds to the network access layer in the Transmission Control Protocol/Internet Protocol (TCP/IP) model?
All of the following items should be included in a Business Impact Analysis (BIA) questionnaire EXCEPT questions that
An organization is preparing to achieve General Data Protection Regulation (GDPR) compliance. The Chief Information Security Officer (CISO) is reviewing data protection methods. Which of the following is the BEST data protection method?
Which one of the following would cause an immediate review and possible change to the security policies of an organization?
Which of the following are all elements of a disaster recovery plan (DRP)?
What is the MAIN reason for testing a Disaster Recovery Plan (DRP)?
Which of the following BEST describes the objectives of the Business Impact Analysis (BIA)?
Which of the following would BEST support effective testing of patch compatibility when patches are applied to an organization's systems?
Which part of an operating system (OS) is responsible for providing security interfaces among the hardware, OS, and other parts of the computing system?
In what phase of the System Development Life Cycle (SDLC) should security training for the development team begin?