ExamGecko
Search Search Login
Home Home / ISC / CISSP

ISC CISSP Practice Test - Questions Answers, Page 48

Question list
Search
Search

List of questions

Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

Which of the following are all elements of a disaster recovery plan (DRP)?
All of the following items should be included in a Business Impact Analysis (BIA) questionnaire EXCEPT questions that
Which of the following would BEST support effective testing of patch compatibility when patches are applied to an organization's systems?
An organization is preparing to achieve General Data Protection Regulation (GDPR) compliance. The Chief Information Security Officer (CISO) is reviewing data protection methods. Which of the following is the BEST data protection method?
In what phase of the System Development Life Cycle (SDLC) should security training for the development team begin?
What balance MUST be considered when web application developers determine how informative application error messages should be constructed?
Which part of an operating system (OS) is responsible for providing security interfaces among the hardware, OS, and other parts of the computing system?
Backup information that is critical to the organization is identified through a
Data remanence refers to which of the following?
With what frequency should monitoring of a control occur when implementing Information Security Continuous Monitoring (ISCM) solutions?

Question 471

Report
Export
Collapse

A company was ranked as high in the following National Institute of Standards and Technology (NIST) functions: Protect, Detect, Respond and Recover. However, a low maturity grade was attributed to the Identify function. In which of the following the controls categories does this company need to improve when analyzing its processes individually?

A.
Asset Management, Business Environment, Governance and Risk Assessment
A.
Asset Management, Business Environment, Governance and Risk Assessment
Answers
B.
Access Control, Awareness and Training, Data Security and Maintenance
B.
Access Control, Awareness and Training, Data Security and Maintenance
Answers
C.
Anomalies and Events, Security Continuous Monitoring and Detection Processes
C.
Anomalies and Events, Security Continuous Monitoring and Detection Processes
Answers
D.
Recovery Planning, Improvements and Communications
D.
Recovery Planning, Improvements and Communications
Answers
Suggested answer: A

Question 472

Report
Export
Collapse

What is the difference between media marking and media labeling?

A.
Media marking refers to the use of human-readable security attributes, while media labeling refers to the use of security attributes in internal data structures.
A.
Media marking refers to the use of human-readable security attributes, while media labeling refers to the use of security attributes in internal data structures.
Answers
B.
Media labeling refers to the use of human-readable security attributes, while media marking refers to the use of security attributes in internal data structures.
B.
Media labeling refers to the use of human-readable security attributes, while media marking refers to the use of security attributes in internal data structures.
Answers
C.
Media labeling refers to security attributes required by public policy/law, while media marking refers to security required by internal organizational policy.
C.
Media labeling refers to security attributes required by public policy/law, while media marking refers to security required by internal organizational policy.
Answers
D.
Media marking refers to security attributes required by public policy/law, while media labeling refers to security attributes required by internal organizational policy.
D.
Media marking refers to security attributes required by public policy/law, while media labeling refers to security attributes required by internal organizational policy.
Answers
Suggested answer: D

Question 473

Report
Export
Collapse

What balance MUST be considered when web application developers determine how informative application error messages should be constructed?

A.
Risk versus benefit
A.
Risk versus benefit
Answers
B.
Availability versus auditability
B.
Availability versus auditability
Answers
C.
Confidentiality versus integrity
C.
Confidentiality versus integrity
Answers
D.
Performance versus user satisfaction
D.
Performance versus user satisfaction
Answers
Suggested answer: A

Question 474

Report
Export
Collapse

What operations role is responsible for protecting the enterprise from corrupt or contaminated media?

A.
Information security practitioner
A.
Information security practitioner
Answers
B.
Information librarian
B.
Information librarian
Answers
C.
Computer operator
C.
Computer operator
Answers
D.
Network administrator
D.
Network administrator
Answers
Suggested answer: B

Question 475

Report
Export
Collapse

Which of the following is a characteristic of the initialization vector when using Data Encryption Standard (DES)?

A.
It must be known to both sender and receiver.
A.
It must be known to both sender and receiver.
Answers
B.
It can be transmitted in the clear as a random number.
B.
It can be transmitted in the clear as a random number.
Answers
C.
It must be retained until the last block is transmitted.
C.
It must be retained until the last block is transmitted.
Answers
D.
It can be used to encrypt and decrypt information.
D.
It can be used to encrypt and decrypt information.
Answers
Suggested answer: B

Question 476

Report
Export
Collapse

In general, servers that are facing the Internet should be placed in a demilitarized zone (DMZ). What is MAIN purpose of the DMZ?

A.
Reduced risk to internal systems.
A.
Reduced risk to internal systems.
Answers
B.
Prepare the server for potential attacks.
B.
Prepare the server for potential attacks.
Answers
C.
Mitigate the risk associated with the exposed server.
C.
Mitigate the risk associated with the exposed server.
Answers
D.
Bypass the need for a firewall.
D.
Bypass the need for a firewall.
Answers
Suggested answer: A

Question 477

Report
Export
Collapse

Network-based logging has which advantage over host-based logging when reviewing malicious activity about a victim machine?

A.
Addresses and protocols of network-based logs are analyzed.
A.
Addresses and protocols of network-based logs are analyzed.
Answers
B.
Host-based system logging has files stored in multiple locations.
B.
Host-based system logging has files stored in multiple locations.
Answers
C.
Properly handled network-based logs may be more reliable and valid.
C.
Properly handled network-based logs may be more reliable and valid.
Answers
D.
Network-based systems cannot capture users logging into the console.
D.
Network-based systems cannot capture users logging into the console.
Answers
Suggested answer: A

Question 478

Report
Export
Collapse

Which of the following is the PRIMARY reason for employing physical security personnel at entry points in facilities where card access is in operation?

A.
To verify that only employees have access to the facility.
A.
To verify that only employees have access to the facility.
Answers
B.
To identify present hazards requiring remediation.
B.
To identify present hazards requiring remediation.
Answers
C.
To monitor staff movement throughout the facility.
C.
To monitor staff movement throughout the facility.
Answers
D.
To provide a safe environment for employees.
D.
To provide a safe environment for employees.
Answers
Suggested answer: D

Question 479

Report
Export
Collapse

Between which pair of Open System Interconnection (OSI) Reference Model layers are routers used as a communications device?

A.
Transport and Session
A.
Transport and Session
Answers
B.
Data-Link and Transport
B.
Data-Link and Transport
Answers
C.
Network and Session
C.
Network and Session
Answers
D.
Physical and Data-Link
D.
Physical and Data-Link
Answers
Suggested answer: B

Question 480

Report
Export
Collapse

Which type of security testing is being performed when an ethical hacker has no knowledge about the target system but the testing target is notified before the test?

A.
Reversal
A.
Reversal
Answers
B.
Gray box
B.
Gray box
Answers
C.
Blind
C.
Blind
Answers
D.
White box
D.
White box
Answers
Suggested answer: C
Total 1.482 questions
Go to page: of 149
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms