ExamGecko
Login
Home / ISC / CISSP / List of questions
Ask Question

ISC CISSP Practice Test - Questions Answers, Page 43

List of questions

Question 421

Report Export Collapse

Backup information that is critical to the organization is identified through a

Vulnerability Assessment (VA).
Vulnerability Assessment (VA).
Business Continuity Plan (BCP).
Business Continuity Plan (BCP).
Business Impact Analysis (BIA).
Business Impact Analysis (BIA).
data recovery analysis.
data recovery analysis.
Suggested answer: D
asked 18/09/2024
Louis Flink
36 questions

Question 422

Report Export Collapse

When using Generic Routing Encapsulation (GRE) tunneling over Internet Protocol version 4 (IPv4), where is the GRE header inserted?

Into the options field
Into the options field
Between the delivery header and payload
Between the delivery header and payload
Between the source and destination addresses
Between the source and destination addresses
Into the destination address
Into the destination address
Suggested answer: B
asked 18/09/2024
Sasa Korlat
37 questions

Question 423

Report Export Collapse

An application developer is deciding on the amount of idle session time that the application allows before a timeout. The BEST reason for determining the session timeout requirement is

organization policy.
organization policy.
industry best practices.
industry best practices.
industry laws and regulations.
industry laws and regulations.
management feedback.
management feedback.
Suggested answer: A
asked 18/09/2024
Petya Pavlova
44 questions

Question 424

Report Export Collapse

Knowing the language in which an encrypted message was originally produced might help a cryptanalyst to perform a

clear-text attack.
clear-text attack.
known cipher attack.
known cipher attack.
frequency analysis.
frequency analysis.
stochastic assessment.
stochastic assessment.
Suggested answer: C
asked 18/09/2024
Martinho Hinterholz
37 questions

Question 425

Report Export Collapse

During the Security Assessment and Authorization process, what is the PRIMARY purpose for conducting a hardware and software inventory?

Calculate the value of assets being accredited.
Calculate the value of assets being accredited.
Create a list to include in the Security Assessment and Authorization package.
Create a list to include in the Security Assessment and Authorization package.
Identify obsolete hardware and software.
Identify obsolete hardware and software.
Define the boundaries of the information system.
Define the boundaries of the information system.
Suggested answer: A
asked 18/09/2024
Gofaone Ncube
46 questions

Question 426

Report Export Collapse

When evaluating third-party applications, which of the following is the GREATEST responsibility of Information Security?

Accept the risk on behalf of the organization.
Accept the risk on behalf of the organization.
Report findings to the business to determine security gaps.
Report findings to the business to determine security gaps.
Quantify the risk to the business for product selection.
Quantify the risk to the business for product selection.
Approve the application that best meets security requirements.
Approve the application that best meets security requirements.
Suggested answer: C
asked 18/09/2024
B Erol
63 questions

Question 427

Report Export Collapse

An employee of a retail company has been granted an extended leave of absence by Human Resources (HR). This information has been formally communicated to the access provisioning team.

Which of the following is the BEST action to take?

Revoke access temporarily.
Revoke access temporarily.
Block user access and delete user account after six months.
Block user access and delete user account after six months.
Block access to the offices immediately.
Block access to the offices immediately.
Monitor account usage temporarily.
Monitor account usage temporarily.
Suggested answer: D
asked 18/09/2024
Richard Villanueva
39 questions

Question 428

Report Export Collapse

The goal of a Business Impact Analysis (BIA) is to determine which of the following?

Cost effectiveness of business recovery
Cost effectiveness of business recovery
Cost effectiveness of installing software security patches
Cost effectiveness of installing software security patches
Resource priorities for recovery and Maximum Tolerable Downtime (MTD)
Resource priorities for recovery and Maximum Tolerable Downtime (MTD)
Which security measures should be implemented
Which security measures should be implemented
Suggested answer: C
asked 18/09/2024
Jesserey Joseph
43 questions

Question 429

Report Export Collapse

What does the Maximum Tolerable Downtime (MTD) determine?

The estimated period of time a business critical database can remain down before customers are affected.
The estimated period of time a business critical database can remain down before customers are affected.
The fixed length of time a company can endure a disaster without any Disaster Recovery (DR) planning
The fixed length of time a company can endure a disaster without any Disaster Recovery (DR) planning
The estimated period of time a business can remain interrupted beyond which it risks never recovering
The estimated period of time a business can remain interrupted beyond which it risks never recovering
The fixed length of time in a DR process before redundant systems are engaged
The fixed length of time in a DR process before redundant systems are engaged
Suggested answer: C
asked 18/09/2024
Fednol Presume
37 questions

Question 430

Report Export Collapse

What is a characteristic of Secure Socket Layer (SSL) and Transport Layer Security (TLS)?

SSL and TLS provide a generic channel security mechanism on top of Transmission Control Protocol (TCP).
SSL and TLS provide a generic channel security mechanism on top of Transmission Control Protocol (TCP).
SSL and TLS provide nonrepudiation by default.
SSL and TLS provide nonrepudiation by default.
SSL and TLS do not provide security for most routed protocols.
SSL and TLS do not provide security for most routed protocols.
SSL and TLS provide header encapsulation over HyperText Transfer Protocol (HTTP).
SSL and TLS provide header encapsulation over HyperText Transfer Protocol (HTTP).
Suggested answer: A
asked 18/09/2024
Sandor Alayon
33 questions
Total 1.482 questions
Go to page: of 149
Open VPLUS File
Convert VPLUS to PDF

Related questions

Which Open Systems Interconnection (OSI) layer(s) BEST corresponds to the network access layer in the Transmission Control Protocol/Internet Protocol (TCP/IP) model?
All of the following items should be included in a Business Impact Analysis (BIA) questionnaire EXCEPT questions that
An organization is preparing to achieve General Data Protection Regulation (GDPR) compliance. The Chief Information Security Officer (CISO) is reviewing data protection methods. Which of the following is the BEST data protection method?
Which one of the following would cause an immediate review and possible change to the security policies of an organization?
Which of the following are all elements of a disaster recovery plan (DRP)?
What is the MAIN reason for testing a Disaster Recovery Plan (DRP)?
Which of the following BEST describes the objectives of the Business Impact Analysis (BIA)?
Which of the following would BEST support effective testing of patch compatibility when patches are applied to an organization's systems?
Which part of an operating system (OS) is responsible for providing security interfaces among the hardware, OS, and other parts of the computing system?
In what phase of the System Development Life Cycle (SDLC) should security training for the development team begin?