ExamGecko
Login
Home / ISC / CISSP / List of questions
Ask Question

ISC CISSP Practice Test - Questions Answers, Page 42

List of questions

Question 411

Report Export Collapse

Which one of the following is a common risk with network configuration management?

Patches on the network are difficult to keep current.
Patches on the network are difficult to keep current.
It is the responsibility of the systems administrator.
It is the responsibility of the systems administrator.
User ID and passwords are never set to expire.
User ID and passwords are never set to expire.
Network diagrams are not up to date.
Network diagrams are not up to date.
Suggested answer: D
asked 18/09/2024
Ana Roque
38 questions

Question 412

Report Export Collapse

What type of test assesses a Disaster Recovery (DR) plan using realistic disaster scenarios while maintaining minimal impact to business operations?

Parallel
Parallel
Walkthrough
Walkthrough
Simulation
Simulation
Tabletop
Tabletop
Suggested answer: C
asked 18/09/2024
MARTIN WEAVER
40 questions

Question 413

Report Export Collapse

How can lessons learned from business continuity training and actual recovery incidents BEST be used?

As a means for improvement
As a means for improvement
As alternative options for awareness and training
As alternative options for awareness and training
As indicators of a need for policy
As indicators of a need for policy
As business function gap indicators
As business function gap indicators
Suggested answer: A
asked 18/09/2024
Robert Thompson
49 questions

Question 414

Report Export Collapse

An Intrusion Detection System (IDS) has recently been deployed in a Demilitarized Zone (DMZ). The IDS detects a flood of malformed packets. Which of the following BEST describes what has occurred?

Denial of Service (DoS) attack
Denial of Service (DoS) attack
Address Resolution Protocol (ARP) spoof
Address Resolution Protocol (ARP) spoof
Buffer overflow
Buffer overflow
Ping flood attack
Ping flood attack
Suggested answer: A
asked 18/09/2024
Said Jabri
44 questions

Question 415

Report Export Collapse

In configuration management, what baseline configuration information MUST be maintained for each computer system?

Operating system and version, patch level, applications running, and versions.
Operating system and version, patch level, applications running, and versions.
List of system changes, test reports, and change approvals
List of system changes, test reports, and change approvals
Last vulnerability assessment report and initial risk assessment report
Last vulnerability assessment report and initial risk assessment report
Date of last update, test report, and accreditation certificate
Date of last update, test report, and accreditation certificate
Suggested answer: A
asked 18/09/2024
mariam alsallal
47 questions

Question 416

Report Export Collapse

Which Radio Frequency Interference (RFI) phenomenon associated with bundled cable runs can create information leakage?

Transference
Transference
Covert channel
Covert channel
Bleeding
Bleeding
Cross-talk
Cross-talk
Suggested answer: D
asked 18/09/2024
I Haq
40 questions

Question 417

Report Export Collapse

An organization's information security strategic plan MUST be reviewed

whenever there are significant changes to a major application.
whenever there are significant changes to a major application.
quarterly, when the organization's strategic plan is updated.
quarterly, when the organization's strategic plan is updated.
whenever there are major changes to the business.
whenever there are major changes to the business.
every three years, when the organization's strategic plan is updated.
every three years, when the organization's strategic plan is updated.
Suggested answer: C
asked 18/09/2024
Vladimir Litvinenko
34 questions

Question 418

Report Export Collapse

When building a data classification scheme, which of the following is the PRIMARY concern?

Purpose
Purpose
Cost effectiveness
Cost effectiveness
Availability
Availability
Authenticity
Authenticity
Suggested answer: D
asked 18/09/2024
efrem perry
50 questions

Question 419

Report Export Collapse

Which technology is a prerequisite for populating the cloud-based directory in a federated identity solution?

Notification tool
Notification tool
Message queuing tool
Message queuing tool
Security token tool
Security token tool
Synchronization tool
Synchronization tool
Suggested answer: C
asked 18/09/2024
Sebastian Gryza
47 questions

Question 420

Report Export Collapse

What is an advantage of Elliptic Curve Cryptography (ECC)?

Cryptographic approach that does not require a fixed-length key
Cryptographic approach that does not require a fixed-length key
Military-strength security that does not depend upon secrecy of the algorithm
Military-strength security that does not depend upon secrecy of the algorithm
Opportunity to use shorter keys for the same level of security
Opportunity to use shorter keys for the same level of security
Ability to use much longer keys for greater security
Ability to use much longer keys for greater security
Suggested answer: C
asked 18/09/2024
G C
51 questions
Total 1.482 questions
Go to page: of 149
Open VPLUS File
Convert VPLUS to PDF

Related questions

Which Open Systems Interconnection (OSI) layer(s) BEST corresponds to the network access layer in the Transmission Control Protocol/Internet Protocol (TCP/IP) model?
All of the following items should be included in a Business Impact Analysis (BIA) questionnaire EXCEPT questions that
An organization is preparing to achieve General Data Protection Regulation (GDPR) compliance. The Chief Information Security Officer (CISO) is reviewing data protection methods. Which of the following is the BEST data protection method?
Which one of the following would cause an immediate review and possible change to the security policies of an organization?
Which of the following are all elements of a disaster recovery plan (DRP)?
What is the MAIN reason for testing a Disaster Recovery Plan (DRP)?
Which of the following BEST describes the objectives of the Business Impact Analysis (BIA)?
Which of the following would BEST support effective testing of patch compatibility when patches are applied to an organization's systems?
Which part of an operating system (OS) is responsible for providing security interfaces among the hardware, OS, and other parts of the computing system?
In what phase of the System Development Life Cycle (SDLC) should security training for the development team begin?