ExamGecko
Login
Home / ISC / CISSP / List of questions
Ask Question

ISC CISSP Practice Test - Questions Answers, Page 44

List of questions

Question 431

Report Export Collapse

How does a Host Based Intrusion Detection System (HIDS) identify a potential attack?

Examines log messages or other indications on the system.
Examines log messages or other indications on the system.
Monitors alarms sent to the system administrator
Monitors alarms sent to the system administrator
Matches traffic patterns to virus signature files
Matches traffic patterns to virus signature files
Examines the Access Control List (ACL)
Examines the Access Control List (ACL)
Suggested answer: C
asked 18/09/2024
A R
41 questions

Question 432

Report Export Collapse

From a cryptographic perspective, the service of non-repudiation includes which of the following features?

Validity of digital certificates
Validity of digital certificates
Validity of the authorization rules
Validity of the authorization rules
Proof of authenticity of the message
Proof of authenticity of the message
Proof of integrity of the message
Proof of integrity of the message
Suggested answer: C
asked 18/09/2024
Ksu doo Makek
51 questions

Question 433

Report Export Collapse

Which of the following BEST represents the concept of least privilege?

Access to an object is denied unless access is specifically allowed.
Access to an object is denied unless access is specifically allowed.
Access to an object is only available to the owner.
Access to an object is only available to the owner.
Access to an object is allowed unless it is protected by the information security policy.
Access to an object is allowed unless it is protected by the information security policy.
Access to an object is only allowed to authenticated users via an Access Control List (ACL).
Access to an object is only allowed to authenticated users via an Access Control List (ACL).
Suggested answer: A
asked 18/09/2024
George Sanchez
43 questions

Question 434

Report Export Collapse

When designing a vulnerability test, which one of the following is likely to give the BEST indication of what components currently operate on the network?

Topology diagrams
Topology diagrams
Mapping tools
Mapping tools
Asset register
Asset register
Ping testing
Ping testing
Suggested answer: B
asked 18/09/2024
John Kaye
33 questions

Question 435

Report Export Collapse

Which of the following approaches is the MOST effective way to dispose of data on multiple hard drives?

Delete every file on each drive.
Delete every file on each drive.
Destroy the partition table for each drive using the command line.
Destroy the partition table for each drive using the command line.
Degauss each drive individually.
Degauss each drive individually.
Perform multiple passes on each drive using approved formatting methods.
Perform multiple passes on each drive using approved formatting methods.
Suggested answer: D
asked 18/09/2024
Stefan Finke
44 questions

Question 436

Report Export Collapse

Which of the following is the BEST method to reduce the effectiveness of phishing attacks?

User awareness
User awareness
Two-factor authentication
Two-factor authentication
Anti-phishing software
Anti-phishing software
Periodic vulnerability scan
Periodic vulnerability scan
Suggested answer: A
asked 18/09/2024
SAI CHARAN TANGELLA
40 questions

Question 437

Report Export Collapse

The PRIMARY purpose of accreditation is to:

comply with applicable laws and regulations.
comply with applicable laws and regulations.
allow senior management to make an informed decision regarding whether to accept the risk of operating the system.
allow senior management to make an informed decision regarding whether to accept the risk of operating the system.
protect an organization's sensitive datA.
protect an organization's sensitive datA.
verify that all security controls have been implemented properly and are operating in the correct manner.
verify that all security controls have been implemented properly and are operating in the correct manner.
Suggested answer: B
asked 18/09/2024
Thomas Kincer
39 questions

Question 438

Report Export Collapse

Which of the following is a weakness of Wired Equivalent Privacy (WEP)?

Length of Initialization Vector (IV)
Length of Initialization Vector (IV)
Protection against message replay
Protection against message replay
Detection of message tampering
Detection of message tampering
Built-in provision to rotate keys
Built-in provision to rotate keys
Suggested answer: A
asked 18/09/2024
Zakaria Boujli
32 questions

Question 439

Report Export Collapse

When writing security assessment procedures, what is the MAIN purpose of the test outputs and reports?

To force the software to fail and document the process
To force the software to fail and document the process
To find areas of compromise in confidentiality and integrity
To find areas of compromise in confidentiality and integrity
To allow for objective pass or fail decisions
To allow for objective pass or fail decisions
To identify malware or hidden code within the test results
To identify malware or hidden code within the test results
Suggested answer: C
asked 18/09/2024
Andrew Naftel
39 questions

Question 440

Report Export Collapse

Which of the following is the MAIN reason for using configuration management?

To provide centralized administration
To provide centralized administration
To reduce the number of changes
To reduce the number of changes
To reduce errors during upgrades
To reduce errors during upgrades
To provide consistency in security controls
To provide consistency in security controls
Suggested answer: D
asked 18/09/2024
Felix Morales
44 questions
Total 1.482 questions
Go to page: of 149
Open VPLUS File
Convert VPLUS to PDF

Related questions

Which Open Systems Interconnection (OSI) layer(s) BEST corresponds to the network access layer in the Transmission Control Protocol/Internet Protocol (TCP/IP) model?
All of the following items should be included in a Business Impact Analysis (BIA) questionnaire EXCEPT questions that
An organization is preparing to achieve General Data Protection Regulation (GDPR) compliance. The Chief Information Security Officer (CISO) is reviewing data protection methods. Which of the following is the BEST data protection method?
Which one of the following would cause an immediate review and possible change to the security policies of an organization?
Which of the following are all elements of a disaster recovery plan (DRP)?
What is the MAIN reason for testing a Disaster Recovery Plan (DRP)?
Which of the following BEST describes the objectives of the Business Impact Analysis (BIA)?
Which of the following would BEST support effective testing of patch compatibility when patches are applied to an organization's systems?
Which part of an operating system (OS) is responsible for providing security interfaces among the hardware, OS, and other parts of the computing system?
In what phase of the System Development Life Cycle (SDLC) should security training for the development team begin?