ExamGecko
Search Search Login
Home Home / ISC / CISSP

ISC CISSP Practice Test - Questions Answers, Page 52

Question list
Search
Search

List of questions

Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

Which of the following are all elements of a disaster recovery plan (DRP)?
All of the following items should be included in a Business Impact Analysis (BIA) questionnaire EXCEPT questions that
Which of the following would BEST support effective testing of patch compatibility when patches are applied to an organization's systems?
An organization is preparing to achieve General Data Protection Regulation (GDPR) compliance. The Chief Information Security Officer (CISO) is reviewing data protection methods. Which of the following is the BEST data protection method?
In what phase of the System Development Life Cycle (SDLC) should security training for the development team begin?
What balance MUST be considered when web application developers determine how informative application error messages should be constructed?
Which part of an operating system (OS) is responsible for providing security interfaces among the hardware, OS, and other parts of the computing system?
Backup information that is critical to the organization is identified through a
Data remanence refers to which of the following?
With what frequency should monitoring of a control occur when implementing Information Security Continuous Monitoring (ISCM) solutions?

Question 511

Report
Export
Collapse

Which factors MUST be considered when classifying information and supporting assets for risk management, legal discovery, and compliance?

A.
System owner roles and responsibilities, data handling standards, storage and secure development lifecycle requirements
A.
System owner roles and responsibilities, data handling standards, storage and secure development lifecycle requirements
Answers
B.
Data stewardship roles, data handling and storage standards, data lifecycle requirements
B.
Data stewardship roles, data handling and storage standards, data lifecycle requirements
Answers
C.
Compliance office roles and responsibilities, classified material handling standards, storage system lifecycle requirements
C.
Compliance office roles and responsibilities, classified material handling standards, storage system lifecycle requirements
Answers
D.
System authorization roles and responsibilities, cloud computing standards, lifecycle requirements
D.
System authorization roles and responsibilities, cloud computing standards, lifecycle requirements
Answers
Suggested answer: B

Question 512

Report
Export
Collapse

When network management is outsourced to third parties, which of the following is the MOST effective method of protecting critical data assets?

A.
Log all activities associated with sensitive systems
A.
Log all activities associated with sensitive systems
Answers
B.
Provide links to security policies
B.
Provide links to security policies
Answers
C.
Confirm that confidentially agreements are signed
C.
Confirm that confidentially agreements are signed
Answers
D.
Employ strong access controls
D.
Employ strong access controls
Answers
Suggested answer: D

Question 513

Report
Export
Collapse

Which of the following is the MOST appropriate action when reusing media that contains sensitive data?

A.
Erase
A.
Erase
Answers
B.
Sanitize
B.
Sanitize
Answers
C.
Encrypt
C.
Encrypt
Answers
D.
Degauss
D.
Degauss
Answers
Suggested answer: B

Question 514

Report
Export
Collapse

An organization recently conducted a review of the security of its network applications. One of the vulnerabilities found was that the session key used in encrypting sensitive information to a third party server had been hard-coded in the client and server applications. Which of the following would be MOST effective in mitigating this vulnerability?

A.
Diffle-Hellman (DH) algorithm
A.
Diffle-Hellman (DH) algorithm
Answers
B.
Elliptic Curve Cryptography (ECC) algorithm
B.
Elliptic Curve Cryptography (ECC) algorithm
Answers
C.
Digital Signature algorithm (DSA)
C.
Digital Signature algorithm (DSA)
Answers
D.
Rivest-Shamir-Adleman (RSA) algorithm
D.
Rivest-Shamir-Adleman (RSA) algorithm
Answers
Suggested answer: D

Question 515

Report
Export
Collapse

Which of the following methods of suppressing a fire is environmentally friendly and the MOST appropriate for a data center?

A.
Inert gas fire suppression system
A.
Inert gas fire suppression system
Answers
B.
Halon gas fire suppression system
B.
Halon gas fire suppression system
Answers
C.
Dry-pipe sprinklers
C.
Dry-pipe sprinklers
Answers
D.
Wet-pipe sprinklers
D.
Wet-pipe sprinklers
Answers
Suggested answer: A

Question 516

Report
Export
Collapse

Unused space in a disk cluster is important in media analysis because it may contain which of the following?

A.
Residual data that has not been overwritten
A.
Residual data that has not been overwritten
Answers
B.
Hidden viruses and Trojan horses
B.
Hidden viruses and Trojan horses
Answers
C.
Information about the File Allocation table (FAT)
C.
Information about the File Allocation table (FAT)
Answers
D.
Information about patches and upgrades to the system
D.
Information about patches and upgrades to the system
Answers
Suggested answer: A

Question 517

Report
Export
Collapse

A company seizes a mobile device suspected of being used in committing fraud. What would be the BEST method used by a forensic examiner to isolate the powered-on device from the network and preserve the evidence?

A.
Put the device in airplane mode
A.
Put the device in airplane mode
Answers
B.
Suspend the account with the telecommunication provider
B.
Suspend the account with the telecommunication provider
Answers
C.
Remove the SIM card
C.
Remove the SIM card
Answers
D.
Turn the device off
D.
Turn the device off
Answers
Suggested answer: A

Question 518

Report
Export
Collapse

Which of the following is MOST appropriate for protecting confidentially of data stored on a hard drive?

A.
Triple Data Encryption Standard (3DES)
A.
Triple Data Encryption Standard (3DES)
Answers
B.
Advanced Encryption Standard (AES)
B.
Advanced Encryption Standard (AES)
Answers
C.
Message Digest 5 (MD5)
C.
Message Digest 5 (MD5)
Answers
D.
Secure Hash Algorithm 2(SHA-2)
D.
Secure Hash Algorithm 2(SHA-2)
Answers
Suggested answer: B

Question 519

Report
Export
Collapse

Which of the following is the MOST effective method to mitigate Cross-Site Scripting (XSS) attacks?

A.
Use Software as a Service (SaaS)
A.
Use Software as a Service (SaaS)
Answers
B.
Whitelist input validation
B.
Whitelist input validation
Answers
C.
Require client certificates
C.
Require client certificates
Answers
D.
Validate data output
D.
Validate data output
Answers
Suggested answer: B

Question 520

Report
Export
Collapse

What is the MOST significant benefit of an application upgrade that replaces randomly generated session keys with certificate based encryption for communications with backend servers?

A.
Non-repudiation
A.
Non-repudiation
Answers
B.
Efficiency
B.
Efficiency
Answers
C.
Confidentially
C.
Confidentially
Answers
D.
Privacy
D.
Privacy
Answers
Suggested answer: A
Total 1.482 questions
Go to page: of 149
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms