ExamGecko
Search Search Login
Home Home / ISC / CISSP

ISC CISSP Practice Test - Questions Answers, Page 46

Question list
Search
Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

Which of the following are all elements of a disaster recovery plan (DRP)?
All of the following items should be included in a Business Impact Analysis (BIA) questionnaire EXCEPT questions that
Which of the following would BEST support effective testing of patch compatibility when patches are applied to an organization's systems?
An organization is preparing to achieve General Data Protection Regulation (GDPR) compliance. The Chief Information Security Officer (CISO) is reviewing data protection methods. Which of the following is the BEST data protection method?
In what phase of the System Development Life Cycle (SDLC) should security training for the development team begin?
What balance MUST be considered when web application developers determine how informative application error messages should be constructed?
Which part of an operating system (OS) is responsible for providing security interfaces among the hardware, OS, and other parts of the computing system?
Backup information that is critical to the organization is identified through a
Data remanence refers to which of the following?
With what frequency should monitoring of a control occur when implementing Information Security Continuous Monitoring (ISCM) solutions?

Question 451

Report
Export
Collapse

What is the MOST important element when considering the effectiveness of a training program for Business Continuity (BC) and Disaster Recovery (DR)?

A.
Management support
A.
Management support
Answers
B.
Consideration of organizational need
B.
Consideration of organizational need
Answers
C.
Technology used for delivery
C.
Technology used for delivery
Answers
D.
Target audience
D.
Target audience
Answers
Suggested answer: B

Question 452

Report
Export
Collapse

A database administrator is asked by a high-ranking member of management to perform specific changes to the accounting system database. The administrator is specifically instructed to not track or evidence the change in a ticket. Which of the following is the BEST course of action?

A.
Ignore the request and do not perform the change.
A.
Ignore the request and do not perform the change.
Answers
B.
Perform the change as requested, and rely on the next audit to detect and report the situation.
B.
Perform the change as requested, and rely on the next audit to detect and report the situation.
Answers
C.
Perform the change, but create a change ticket regardless to ensure there is complete traceability.
C.
Perform the change, but create a change ticket regardless to ensure there is complete traceability.
Answers
D.
Inform the audit committee or internal audit directly using the corporate whistleblower process.
D.
Inform the audit committee or internal audit directly using the corporate whistleblower process.
Answers
Suggested answer: D

Question 453

Report
Export
Collapse

Which of the following is the MOST important goal of information asset valuation?

A.
Developing a consistent and uniform method of controlling access on information assets
A.
Developing a consistent and uniform method of controlling access on information assets
Answers
B.
Developing appropriate access control policies and guidelines
B.
Developing appropriate access control policies and guidelines
Answers
C.
Assigning a financial value to an organization's information assets
C.
Assigning a financial value to an organization's information assets
Answers
D.
Determining the appropriate level of protection
D.
Determining the appropriate level of protection
Answers
Suggested answer: D

Question 454

Report
Export
Collapse

Which of the following is a strategy of grouping requirements in developing a Security Test and Evaluation (ST&E)?

A.
Tactical, strategic, and financial
A.
Tactical, strategic, and financial
Answers
B.
Management, operational, and technical
B.
Management, operational, and technical
Answers
C.
Documentation, observation, and manual
C.
Documentation, observation, and manual
Answers
D.
Standards, policies, and procedures
D.
Standards, policies, and procedures
Answers
Suggested answer: B

Question 455

Report
Export
Collapse

Which one of the following activities would present a significant security risk to organizations when employing a Virtual Private Network (VPN) solution?

A.
VPN bandwidth
A.
VPN bandwidth
Answers
B.
Simultaneous connection to other networks
B.
Simultaneous connection to other networks
Answers
C.
Users with Internet Protocol (IP) addressing conflicts
C.
Users with Internet Protocol (IP) addressing conflicts
Answers
D.
Remote users with administrative rights
D.
Remote users with administrative rights
Answers
Suggested answer: B

Question 456

Report
Export
Collapse

Which of the following BEST describes a chosen plaintext attack?

A.
The cryptanalyst can generate ciphertext from arbitrary text.
A.
The cryptanalyst can generate ciphertext from arbitrary text.
Answers
B.
The cryptanalyst examines the communication being sent back and forth.
B.
The cryptanalyst examines the communication being sent back and forth.
Answers
C.
The cryptanalyst can choose the key and algorithm to mount the attack.
C.
The cryptanalyst can choose the key and algorithm to mount the attack.
Answers
D.
The cryptanalyst is presented with the ciphertext from which the original message is determined.
D.
The cryptanalyst is presented with the ciphertext from which the original message is determined.
Answers
Suggested answer: A

Question 457

Report
Export
Collapse

For network based evidence, which of the following contains traffic details of all network sessions in order to detect anomalies?

A.
Alert data
A.
Alert data
Answers
B.
User data
B.
User data
Answers
C.
Content data
C.
Content data
Answers
D.
Statistical data
D.
Statistical data
Answers
Suggested answer: D

Question 458

Report
Export
Collapse

Which of the following is the PRIMARY reason to perform regular vulnerability scanning of an organization network?

A.
Provide vulnerability reports to management.
A.
Provide vulnerability reports to management.
Answers
B.
Validate vulnerability remediation activities.
B.
Validate vulnerability remediation activities.
Answers
C.
Prevent attackers from discovering vulnerabilities.
C.
Prevent attackers from discovering vulnerabilities.
Answers
D.
Remediate known vulnerabilities.
D.
Remediate known vulnerabilities.
Answers
Suggested answer: B

Question 459

Report
Export
Collapse

Which of the following would BEST describe the role directly responsible for data within an organization?

A.
Data custodian
A.
Data custodian
Answers
B.
Information owner
B.
Information owner
Answers
C.
Database administrator
C.
Database administrator
Answers
D.
Quality control
D.
Quality control
Answers
Suggested answer: A

Question 460

Report
Export
Collapse

The restoration priorities of a Disaster Recovery Plan (DRP) are based on which of the following documents?

A.
Service Level Agreement (SLA)
A.
Service Level Agreement (SLA)
Answers
B.
Business Continuity Plan (BCP)
B.
Business Continuity Plan (BCP)
Answers
C.
Business Impact Analysis (BIA)
C.
Business Impact Analysis (BIA)
Answers
D.
Crisis management plan
D.
Crisis management plan
Answers
Suggested answer: B
Total 1.482 questions
Go to page: of 149
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms