ExamGecko
Login
Home / ISC / CISSP / List of questions
Ask Question

ISC CISSP Practice Test - Questions Answers, Page 45

List of questions

Question 441

Report Export Collapse

Which of the following is BEST suited for exchanging authentication and authorization messages in a multi-party decentralized environment?

Lightweight Directory Access Protocol (LDAP)
Lightweight Directory Access Protocol (LDAP)
Security Assertion Markup Language (SAML)
Security Assertion Markup Language (SAML)
Internet Mail Access Protocol
Internet Mail Access Protocol
Transport Layer Security (TLS)
Transport Layer Security (TLS)
Suggested answer: B
asked 18/09/2024
test testsers
43 questions

Question 442

Report Export Collapse

Which of the following is MOST important when deploying digital certificates?

Validate compliance with X.509 digital certificate standards
Validate compliance with X.509 digital certificate standards
Establish a certificate life cycle management framework
Establish a certificate life cycle management framework
Use a third-party Certificate Authority (CA)
Use a third-party Certificate Authority (CA)
Use no less than 256-bit strength encryption when creating a certificate
Use no less than 256-bit strength encryption when creating a certificate
Suggested answer: B
asked 18/09/2024
Rio Ordonez
42 questions

Question 443

Report Export Collapse

A user sends an e-mail request asking for read-only access to files that are not considered sensitive. A Discretionary Access Control (DAC) methodology is in place. Which is the MOST suitable approach that the administrator should take?

Administrator should request data owner approval to the user access
Administrator should request data owner approval to the user access
Administrator should request manager approval for the user access
Administrator should request manager approval for the user access
Administrator should directly grant the access to the non-sensitive files
Administrator should directly grant the access to the non-sensitive files
Administrator should assess the user access need and either grant or deny the access
Administrator should assess the user access need and either grant or deny the access
Suggested answer: A
asked 18/09/2024
John Bocachica
48 questions

Question 444

Report Export Collapse

How should an organization determine the priority of its remediation efforts after a vulnerability assessment has been conducted?

Use an impact-based approach.
Use an impact-based approach.
Use a risk-based approach.
Use a risk-based approach.
Use a criticality-based approach.
Use a criticality-based approach.
Use a threat-based approach.
Use a threat-based approach.
Suggested answer: B
asked 18/09/2024
Ntombifuthi Shabangu
33 questions

Question 445

Report Export Collapse

Which of the following is the MOST important consideration when developing a Disaster Recovery Plan (DRP)?

The dynamic reconfiguration of systems
The dynamic reconfiguration of systems
The cost of downtime
The cost of downtime
A recovery strategy for all business processes
A recovery strategy for all business processes
A containment strategy
A containment strategy
Suggested answer: C
asked 18/09/2024
Norman Camacho
53 questions

Question 446

Report Export Collapse

A proxy firewall operates at what layer of the Open System Interconnection (OSI) model?

Transport
Transport
Data link
Data link
Network
Network
Application
Application
Suggested answer: D
asked 18/09/2024
DAVID LOPEZ MORGADO
45 questions

Question 447

Report Export Collapse

Which of the following restricts the ability of an individual to carry out all the steps of a particular process?

Job rotation
Job rotation
Separation of duties
Separation of duties
Least privilege
Least privilege
Mandatory vacations
Mandatory vacations
Suggested answer: B
asked 18/09/2024
Melvin Masina
38 questions

Question 448

Report Export Collapse

Although code using a specific program language may not be susceptible to a buffer overflow attack,

most calls to plug-in programs are susceptible.
most calls to plug-in programs are susceptible.
most supporting application code is susceptible.
most supporting application code is susceptible.
the graphical images used by the application could be susceptible.
the graphical images used by the application could be susceptible.
the supporting virtual machine could be susceptible.
the supporting virtual machine could be susceptible.
Suggested answer: C
asked 18/09/2024
J.L.M. van Loo
50 questions

Question 449

Report Export Collapse

What is the BEST way to encrypt web application communications?

Secure Hash Algorithm 1 (SHA-1)
Secure Hash Algorithm 1 (SHA-1)
Secure Sockets Layer (SSL)
Secure Sockets Layer (SSL)
Cipher Block Chaining Message Authentication Code (CBC-MAC)
Cipher Block Chaining Message Authentication Code (CBC-MAC)
Transport Layer Security (TLS)
Transport Layer Security (TLS)
Suggested answer: D
asked 18/09/2024
Andrea Tria
44 questions

Question 450

Report Export Collapse

Which of the following are effective countermeasures against passive network-layer attacks?

Federated security and authenticated access controls
Federated security and authenticated access controls
Trusted software development and run time integrity controls
Trusted software development and run time integrity controls
Encryption and security enabled applications
Encryption and security enabled applications
Enclave boundary protection and computing environment defense
Enclave boundary protection and computing environment defense
Suggested answer: C
asked 18/09/2024
Flamur Kapaj
49 questions
Total 1.482 questions
Go to page: of 149
Open VPLUS File
Convert VPLUS to PDF

Related questions

Which Open Systems Interconnection (OSI) layer(s) BEST corresponds to the network access layer in the Transmission Control Protocol/Internet Protocol (TCP/IP) model?
All of the following items should be included in a Business Impact Analysis (BIA) questionnaire EXCEPT questions that
An organization is preparing to achieve General Data Protection Regulation (GDPR) compliance. The Chief Information Security Officer (CISO) is reviewing data protection methods. Which of the following is the BEST data protection method?
Which one of the following would cause an immediate review and possible change to the security policies of an organization?
Which of the following are all elements of a disaster recovery plan (DRP)?
What is the MAIN reason for testing a Disaster Recovery Plan (DRP)?
Which of the following BEST describes the objectives of the Business Impact Analysis (BIA)?
Which of the following would BEST support effective testing of patch compatibility when patches are applied to an organization's systems?
Which part of an operating system (OS) is responsible for providing security interfaces among the hardware, OS, and other parts of the computing system?
In what phase of the System Development Life Cycle (SDLC) should security training for the development team begin?