ExamGecko
Search Search Login
Home Home / ISC / CISSP

ISC CISSP Practice Test - Questions Answers, Page 44

Question list
Search
Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

Which of the following are all elements of a disaster recovery plan (DRP)?
All of the following items should be included in a Business Impact Analysis (BIA) questionnaire EXCEPT questions that
Which of the following would BEST support effective testing of patch compatibility when patches are applied to an organization's systems?
An organization is preparing to achieve General Data Protection Regulation (GDPR) compliance. The Chief Information Security Officer (CISO) is reviewing data protection methods. Which of the following is the BEST data protection method?
In what phase of the System Development Life Cycle (SDLC) should security training for the development team begin?
What balance MUST be considered when web application developers determine how informative application error messages should be constructed?
Which part of an operating system (OS) is responsible for providing security interfaces among the hardware, OS, and other parts of the computing system?
Backup information that is critical to the organization is identified through a
Data remanence refers to which of the following?
With what frequency should monitoring of a control occur when implementing Information Security Continuous Monitoring (ISCM) solutions?

Question 431

Report
Export
Collapse

How does a Host Based Intrusion Detection System (HIDS) identify a potential attack?

A.
Examines log messages or other indications on the system.
A.
Examines log messages or other indications on the system.
Answers
B.
Monitors alarms sent to the system administrator
B.
Monitors alarms sent to the system administrator
Answers
C.
Matches traffic patterns to virus signature files
C.
Matches traffic patterns to virus signature files
Answers
D.
Examines the Access Control List (ACL)
D.
Examines the Access Control List (ACL)
Answers
Suggested answer: C

Question 432

Report
Export
Collapse

From a cryptographic perspective, the service of non-repudiation includes which of the following features?

A.
Validity of digital certificates
A.
Validity of digital certificates
Answers
B.
Validity of the authorization rules
B.
Validity of the authorization rules
Answers
C.
Proof of authenticity of the message
C.
Proof of authenticity of the message
Answers
D.
Proof of integrity of the message
D.
Proof of integrity of the message
Answers
Suggested answer: C

Question 433

Report
Export
Collapse

Which of the following BEST represents the concept of least privilege?

A.
Access to an object is denied unless access is specifically allowed.
A.
Access to an object is denied unless access is specifically allowed.
Answers
B.
Access to an object is only available to the owner.
B.
Access to an object is only available to the owner.
Answers
C.
Access to an object is allowed unless it is protected by the information security policy.
C.
Access to an object is allowed unless it is protected by the information security policy.
Answers
D.
Access to an object is only allowed to authenticated users via an Access Control List (ACL).
D.
Access to an object is only allowed to authenticated users via an Access Control List (ACL).
Answers
Suggested answer: A

Question 434

Report
Export
Collapse

When designing a vulnerability test, which one of the following is likely to give the BEST indication of what components currently operate on the network?

A.
Topology diagrams
A.
Topology diagrams
Answers
B.
Mapping tools
B.
Mapping tools
Answers
C.
Asset register
C.
Asset register
Answers
D.
Ping testing
D.
Ping testing
Answers
Suggested answer: B

Question 435

Report
Export
Collapse

Which of the following approaches is the MOST effective way to dispose of data on multiple hard drives?

A.
Delete every file on each drive.
A.
Delete every file on each drive.
Answers
B.
Destroy the partition table for each drive using the command line.
B.
Destroy the partition table for each drive using the command line.
Answers
C.
Degauss each drive individually.
C.
Degauss each drive individually.
Answers
D.
Perform multiple passes on each drive using approved formatting methods.
D.
Perform multiple passes on each drive using approved formatting methods.
Answers
Suggested answer: D

Question 436

Report
Export
Collapse

Which of the following is the BEST method to reduce the effectiveness of phishing attacks?

A.
User awareness
A.
User awareness
Answers
B.
Two-factor authentication
B.
Two-factor authentication
Answers
C.
Anti-phishing software
C.
Anti-phishing software
Answers
D.
Periodic vulnerability scan
D.
Periodic vulnerability scan
Answers
Suggested answer: A

Question 437

Report
Export
Collapse

The PRIMARY purpose of accreditation is to:

A.
comply with applicable laws and regulations.
A.
comply with applicable laws and regulations.
Answers
B.
allow senior management to make an informed decision regarding whether to accept the risk of operating the system.
B.
allow senior management to make an informed decision regarding whether to accept the risk of operating the system.
Answers
C.
protect an organization's sensitive datA.
C.
protect an organization's sensitive datA.
Answers
D.
verify that all security controls have been implemented properly and are operating in the correct manner.
D.
verify that all security controls have been implemented properly and are operating in the correct manner.
Answers
Suggested answer: B

Question 438

Report
Export
Collapse

Which of the following is a weakness of Wired Equivalent Privacy (WEP)?

A.
Length of Initialization Vector (IV)
A.
Length of Initialization Vector (IV)
Answers
B.
Protection against message replay
B.
Protection against message replay
Answers
C.
Detection of message tampering
C.
Detection of message tampering
Answers
D.
Built-in provision to rotate keys
D.
Built-in provision to rotate keys
Answers
Suggested answer: A

Question 439

Report
Export
Collapse

When writing security assessment procedures, what is the MAIN purpose of the test outputs and reports?

A.
To force the software to fail and document the process
A.
To force the software to fail and document the process
Answers
B.
To find areas of compromise in confidentiality and integrity
B.
To find areas of compromise in confidentiality and integrity
Answers
C.
To allow for objective pass or fail decisions
C.
To allow for objective pass or fail decisions
Answers
D.
To identify malware or hidden code within the test results
D.
To identify malware or hidden code within the test results
Answers
Suggested answer: C

Question 440

Report
Export
Collapse

Which of the following is the MAIN reason for using configuration management?

A.
To provide centralized administration
A.
To provide centralized administration
Answers
B.
To reduce the number of changes
B.
To reduce the number of changes
Answers
C.
To reduce errors during upgrades
C.
To reduce errors during upgrades
Answers
D.
To provide consistency in security controls
D.
To provide consistency in security controls
Answers
Suggested answer: D
Total 1.482 questions
Go to page: of 149
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms