ExamGecko
Search Search Login
Home Home / ISC / CISSP

ISC CISSP Practice Test - Questions Answers, Page 41

Question list
Search
Search

List of questions

Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

Which of the following are all elements of a disaster recovery plan (DRP)?
All of the following items should be included in a Business Impact Analysis (BIA) questionnaire EXCEPT questions that
Which of the following would BEST support effective testing of patch compatibility when patches are applied to an organization's systems?
An organization is preparing to achieve General Data Protection Regulation (GDPR) compliance. The Chief Information Security Officer (CISO) is reviewing data protection methods. Which of the following is the BEST data protection method?
In what phase of the System Development Life Cycle (SDLC) should security training for the development team begin?
What balance MUST be considered when web application developers determine how informative application error messages should be constructed?
Which part of an operating system (OS) is responsible for providing security interfaces among the hardware, OS, and other parts of the computing system?
Backup information that is critical to the organization is identified through a
Data remanence refers to which of the following?
With what frequency should monitoring of a control occur when implementing Information Security Continuous Monitoring (ISCM) solutions?

Question 401

Report
Export
Collapse

What is the PRIMARY goal for using Domain Name System Security Extensions (DNSSEC) to sign records?

A.
Integrity
A.
Integrity
Answers
B.
Confidentiality
B.
Confidentiality
Answers
C.
Accountability
C.
Accountability
Answers
D.
Availability
D.
Availability
Answers
Suggested answer: A

Question 402

Report
Export
Collapse

While inventorying storage equipment, it is found that there are unlabeled, disconnected, and powered off devices. Which of the following is the correct procedure for handling such equipment?

A.
They should be recycled to save energy.
A.
They should be recycled to save energy.
Answers
B.
They should be recycled according to NIST SP 800-88.
B.
They should be recycled according to NIST SP 800-88.
Answers
C.
They should be inspected and sanitized following the organizational policy.
C.
They should be inspected and sanitized following the organizational policy.
Answers
D.
They should be inspected and categorized properly to sell them for reuse.
D.
They should be inspected and categorized properly to sell them for reuse.
Answers
Suggested answer: C

Question 403

Report
Export
Collapse

The PRIMARY characteristic of a Distributed Denial of Service (DDoS) attack is that it

A.
exploits weak authentication to penetrate networks.
A.
exploits weak authentication to penetrate networks.
Answers
B.
can be detected with signature analysis.
B.
can be detected with signature analysis.
Answers
C.
looks like normal network activity.
C.
looks like normal network activity.
Answers
D.
is commonly confused with viruses or worms.
D.
is commonly confused with viruses or worms.
Answers
Suggested answer: C

Question 404

Report
Export
Collapse

Which of the following is generally indicative of a replay attack when dealing with biometric authentication?

A.
False Acceptance Rate (FAR) is greater than 1 in 100,000
A.
False Acceptance Rate (FAR) is greater than 1 in 100,000
Answers
B.
False Rejection Rate (FRR) is greater than 5 in 100
B.
False Rejection Rate (FRR) is greater than 5 in 100
Answers
C.
Inadequately specified templates
C.
Inadequately specified templates
Answers
D.
Exact match
D.
Exact match
Answers
Suggested answer: D

Question 405

Report
Export
Collapse

During a fingerprint verification process, which of the following is used to verify identity and authentication?

A.
A pressure value is compared with a stored template
A.
A pressure value is compared with a stored template
Answers
B.
Sets of digits are matched with stored values
B.
Sets of digits are matched with stored values
Answers
C.
A hash table is matched to a database of stored value
C.
A hash table is matched to a database of stored value
Answers
D.
A template of minutiae is compared with a stored template
D.
A template of minutiae is compared with a stored template
Answers
Suggested answer: D

Question 406

Report
Export
Collapse

The BEST example of the concept of "something that a user has" when providing an authorized user access to a computing system is

A.
the user's hand geometry.
A.
the user's hand geometry.
Answers
B.
a credential stored in a token.
B.
a credential stored in a token.
Answers
C.
a passphrase.
C.
a passphrase.
Answers
D.
the user's face.
D.
the user's face.
Answers
Suggested answer: B

Question 407

Report
Export
Collapse

A security professional is asked to provide a solution that restricts a bank teller to only perform a savings deposit transaction but allows a supervisor to perform corrections after the transaction.

Which of the following is the MOST effective solution?

A.
Access is based on rules.
A.
Access is based on rules.
Answers
B.
Access is determined by the system.
B.
Access is determined by the system.
Answers
C.
Access is based on user's role.
C.
Access is based on user's role.
Answers
D.
Access is based on data sensitivity.
D.
Access is based on data sensitivity.
Answers
Suggested answer: C

Question 408

Report
Export
Collapse

Sensitive customer data is going to be added to a database. What is the MOST effective implementation for ensuring data privacy?

A.
Discretionary Access Control (DAC) procedures
A.
Discretionary Access Control (DAC) procedures
Answers
B.
Mandatory Access Control (MAC) procedures
B.
Mandatory Access Control (MAC) procedures
Answers
C.
Data link encryption
C.
Data link encryption
Answers
D.
Segregation of duties
D.
Segregation of duties
Answers
Suggested answer: D

Question 409

Report
Export
Collapse

Which of the following types of security testing is the MOST effective in providing a better indication of the everyday security challenges of an organization when performing a security risk assessment?

A.
External
A.
External
Answers
B.
Overt
B.
Overt
Answers
C.
Internal
C.
Internal
Answers
D.
Covert
D.
Covert
Answers
Suggested answer: D

Question 410

Report
Export
Collapse

What is the MOST effective method of testing custom application code?

A.
Negative testing
A.
Negative testing
Answers
B.
White box testing
B.
White box testing
Answers
C.
Penetration testing
C.
Penetration testing
Answers
D.
Black box testing
D.
Black box testing
Answers
Suggested answer: B
Total 1.482 questions
Go to page: of 149
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms