ExamGecko
Login
Home / ISC / CISSP / List of questions
Ask Question

ISC CISSP Practice Test - Questions Answers, Page 46

List of questions

Question 451

Report Export Collapse

What is the MOST important element when considering the effectiveness of a training program for Business Continuity (BC) and Disaster Recovery (DR)?

Management support
Management support
Consideration of organizational need
Consideration of organizational need
Technology used for delivery
Technology used for delivery
Target audience
Target audience
Suggested answer: B
asked 18/09/2024
Tyrika Warren
43 questions

Question 452

Report Export Collapse

A database administrator is asked by a high-ranking member of management to perform specific changes to the accounting system database. The administrator is specifically instructed to not track or evidence the change in a ticket. Which of the following is the BEST course of action?

Ignore the request and do not perform the change.
Ignore the request and do not perform the change.
Perform the change as requested, and rely on the next audit to detect and report the situation.
Perform the change as requested, and rely on the next audit to detect and report the situation.
Perform the change, but create a change ticket regardless to ensure there is complete traceability.
Perform the change, but create a change ticket regardless to ensure there is complete traceability.
Inform the audit committee or internal audit directly using the corporate whistleblower process.
Inform the audit committee or internal audit directly using the corporate whistleblower process.
Suggested answer: D
asked 18/09/2024
Nikki Matheson
37 questions

Question 453

Report Export Collapse

Which of the following is the MOST important goal of information asset valuation?

Developing a consistent and uniform method of controlling access on information assets
Developing a consistent and uniform method of controlling access on information assets
Developing appropriate access control policies and guidelines
Developing appropriate access control policies and guidelines
Assigning a financial value to an organization's information assets
Assigning a financial value to an organization's information assets
Determining the appropriate level of protection
Determining the appropriate level of protection
Suggested answer: D
asked 18/09/2024
Mario Herrera González
50 questions

Question 454

Report Export Collapse

Which of the following is a strategy of grouping requirements in developing a Security Test and Evaluation (ST&E)?

Tactical, strategic, and financial
Tactical, strategic, and financial
Management, operational, and technical
Management, operational, and technical
Documentation, observation, and manual
Documentation, observation, and manual
Standards, policies, and procedures
Standards, policies, and procedures
Suggested answer: B
asked 18/09/2024
Dilip Kumar
40 questions

Question 455

Report Export Collapse

Which one of the following activities would present a significant security risk to organizations when employing a Virtual Private Network (VPN) solution?

VPN bandwidth
VPN bandwidth
Simultaneous connection to other networks
Simultaneous connection to other networks
Users with Internet Protocol (IP) addressing conflicts
Users with Internet Protocol (IP) addressing conflicts
Remote users with administrative rights
Remote users with administrative rights
Suggested answer: B
asked 18/09/2024
Waleed Bahadaq
42 questions

Question 456

Report Export Collapse

Which of the following BEST describes a chosen plaintext attack?

The cryptanalyst can generate ciphertext from arbitrary text.
The cryptanalyst can generate ciphertext from arbitrary text.
The cryptanalyst examines the communication being sent back and forth.
The cryptanalyst examines the communication being sent back and forth.
The cryptanalyst can choose the key and algorithm to mount the attack.
The cryptanalyst can choose the key and algorithm to mount the attack.
The cryptanalyst is presented with the ciphertext from which the original message is determined.
The cryptanalyst is presented with the ciphertext from which the original message is determined.
Suggested answer: A
asked 18/09/2024
Jermaine Wells
45 questions

Question 457

Report Export Collapse

For network based evidence, which of the following contains traffic details of all network sessions in order to detect anomalies?

Alert data
Alert data
User data
User data
Content data
Content data
Statistical data
Statistical data
Suggested answer: D
asked 18/09/2024
Tyler Andringa
41 questions

Question 458

Report Export Collapse

Which of the following is the PRIMARY reason to perform regular vulnerability scanning of an organization network?

Provide vulnerability reports to management.
Provide vulnerability reports to management.
Validate vulnerability remediation activities.
Validate vulnerability remediation activities.
Prevent attackers from discovering vulnerabilities.
Prevent attackers from discovering vulnerabilities.
Remediate known vulnerabilities.
Remediate known vulnerabilities.
Suggested answer: B
asked 18/09/2024
Amol Wani
48 questions

Question 459

Report Export Collapse

Which of the following would BEST describe the role directly responsible for data within an organization?

Data custodian
Data custodian
Information owner
Information owner
Database administrator
Database administrator
Quality control
Quality control
Suggested answer: A
asked 18/09/2024
disserto management gmbh
46 questions

Question 460

Report Export Collapse

The restoration priorities of a Disaster Recovery Plan (DRP) are based on which of the following documents?

Service Level Agreement (SLA)
Service Level Agreement (SLA)
Business Continuity Plan (BCP)
Business Continuity Plan (BCP)
Business Impact Analysis (BIA)
Business Impact Analysis (BIA)
Crisis management plan
Crisis management plan
Suggested answer: B
asked 18/09/2024
cesar ganguie
48 questions
Total 1.482 questions
Go to page: of 149
Open VPLUS File
Convert VPLUS to PDF

Related questions

Which Open Systems Interconnection (OSI) layer(s) BEST corresponds to the network access layer in the Transmission Control Protocol/Internet Protocol (TCP/IP) model?
All of the following items should be included in a Business Impact Analysis (BIA) questionnaire EXCEPT questions that
An organization is preparing to achieve General Data Protection Regulation (GDPR) compliance. The Chief Information Security Officer (CISO) is reviewing data protection methods. Which of the following is the BEST data protection method?
Which one of the following would cause an immediate review and possible change to the security policies of an organization?
Which of the following are all elements of a disaster recovery plan (DRP)?
What is the MAIN reason for testing a Disaster Recovery Plan (DRP)?
Which of the following BEST describes the objectives of the Business Impact Analysis (BIA)?
Which of the following would BEST support effective testing of patch compatibility when patches are applied to an organization's systems?
Which part of an operating system (OS) is responsible for providing security interfaces among the hardware, OS, and other parts of the computing system?
In what phase of the System Development Life Cycle (SDLC) should security training for the development team begin?