ExamGecko
Login
Home / ISC / CISSP / List of questions
Ask Question

ISC CISSP Practice Test - Questions Answers, Page 51

List of questions

Question 501

Report Export Collapse

Which of the following is the BEST reason for the use of security metrics?

They ensure that the organization meets its security objectives.
They ensure that the organization meets its security objectives.
They provide an appropriate framework for Information Technology (IT) governance.
They provide an appropriate framework for Information Technology (IT) governance.
They speed up the process of quantitative risk assessment.
They speed up the process of quantitative risk assessment.
They quantify the effectiveness of security processes.
They quantify the effectiveness of security processes.
Suggested answer: B
asked 18/09/2024
Adekunle Fodeke
35 questions

Question 502

Report Export Collapse

Which of the following is a benefit in implementing an enterprise Identity and Access Management (IAM) solution?

Password requirements are simplified.
Password requirements are simplified.
Risk associated with orphan accounts is reduced.
Risk associated with orphan accounts is reduced.
Segregation of duties is automatically enforced.
Segregation of duties is automatically enforced.
Data confidentiality is increased.
Data confidentiality is increased.
Suggested answer: A
asked 18/09/2024
Sivakumar Duraimanickam
40 questions

Question 503

Report Export Collapse

A control to protect from a Denial-of-Service (DoS) attach has been determined to stop 50% of attacks, and additionally reduces the impact of an attack by 50%. What is the residual risk?

25%
25%
50%
50%
75%
75%
100%
100%
Suggested answer: B
asked 18/09/2024
Javier Portabales
44 questions

Question 504

Report Export Collapse

Which of the following entails identification of data and links to business processes, applications, and data stores as well as assignment of ownership responsibilities?

Security governance
Security governance
Risk management
Risk management
Security portfolio management
Security portfolio management
Risk assessment
Risk assessment
Suggested answer: B
asked 18/09/2024
Paul Aronen
54 questions

Question 505

Report Export Collapse

Which of the following mandates the amount and complexity of security controls applied to a security risk?

Security vulnerabilities
Security vulnerabilities
Risk tolerance
Risk tolerance
Risk mitigation
Risk mitigation
Security staff
Security staff
Suggested answer: C
asked 18/09/2024
Kyle Norton
42 questions

Question 506

Report Export Collapse

When determining who can accept the risk associated with a vulnerability, which of the following is MOST important?

Countermeasure effectiveness
Countermeasure effectiveness
Type of potential loss
Type of potential loss
Incident likelihood
Incident likelihood
Information ownership
Information ownership
Suggested answer: C
asked 18/09/2024
marubini mushayathoni
30 questions

Question 507

Report Export Collapse

A security professional determines that a number of outsourcing contracts inherited from a previous merger do not adhere to the current security requirements. Which of the following BEST minimizes the risk of this happening again?

Define additional security controls directly after the merger
Define additional security controls directly after the merger
Include a procurement officer in the merger team
Include a procurement officer in the merger team
Verify all contracts before a merger occurs
Verify all contracts before a merger occurs
Assign a compliancy officer to review the merger conditions
Assign a compliancy officer to review the merger conditions
Suggested answer: D
asked 18/09/2024
Aurelio Chavez
53 questions

Question 508

Report Export Collapse

Which of the following is a direct monetary cost of a security incident?

Morale
Morale
Reputation
Reputation
Equipment
Equipment
Information
Information
Suggested answer: C
asked 18/09/2024
Maris Romans
35 questions

Question 509

Report Export Collapse

Which of the following would MINIMIZE the ability of an attacker to exploit a buffer overflow?

Memory review
Memory review
Code review
Code review
Message division
Message division
Buffer division
Buffer division
Suggested answer: B
asked 18/09/2024
Chris Houck
36 questions

Question 510

Report Export Collapse

Which of the following mechanisms will BEST prevent a Cross-Site Request Forgery (CSRF) attack?

parameterized database queries
parameterized database queries
whitelist input values
whitelist input values
synchronized session tokens
synchronized session tokens
use strong ciphers
use strong ciphers
Suggested answer: C
asked 18/09/2024
Bonnie Lau
36 questions
Total 1.482 questions
Go to page: of 149
Open VPLUS File
Convert VPLUS to PDF

Related questions

Which Open Systems Interconnection (OSI) layer(s) BEST corresponds to the network access layer in the Transmission Control Protocol/Internet Protocol (TCP/IP) model?
All of the following items should be included in a Business Impact Analysis (BIA) questionnaire EXCEPT questions that
An organization is preparing to achieve General Data Protection Regulation (GDPR) compliance. The Chief Information Security Officer (CISO) is reviewing data protection methods. Which of the following is the BEST data protection method?
Which one of the following would cause an immediate review and possible change to the security policies of an organization?
Which of the following are all elements of a disaster recovery plan (DRP)?
What is the MAIN reason for testing a Disaster Recovery Plan (DRP)?
Which of the following BEST describes the objectives of the Business Impact Analysis (BIA)?
Which of the following would BEST support effective testing of patch compatibility when patches are applied to an organization's systems?
Which part of an operating system (OS) is responsible for providing security interfaces among the hardware, OS, and other parts of the computing system?
In what phase of the System Development Life Cycle (SDLC) should security training for the development team begin?