ExamGecko
Search Search Login
Home Home / ISC / CISSP

ISC CISSP Practice Test - Questions Answers, Page 53

Question list
Search
Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

Which of the following are all elements of a disaster recovery plan (DRP)?
All of the following items should be included in a Business Impact Analysis (BIA) questionnaire EXCEPT questions that
Which of the following would BEST support effective testing of patch compatibility when patches are applied to an organization's systems?
An organization is preparing to achieve General Data Protection Regulation (GDPR) compliance. The Chief Information Security Officer (CISO) is reviewing data protection methods. Which of the following is the BEST data protection method?
In what phase of the System Development Life Cycle (SDLC) should security training for the development team begin?
What balance MUST be considered when web application developers determine how informative application error messages should be constructed?
Which part of an operating system (OS) is responsible for providing security interfaces among the hardware, OS, and other parts of the computing system?
Backup information that is critical to the organization is identified through a
Data remanence refers to which of the following?
With what frequency should monitoring of a control occur when implementing Information Security Continuous Monitoring (ISCM) solutions?

Question 521

Report
Export
Collapse

A user has infected a computer with malware by connecting a Universal Serial Bus (USB) storage device.

Which of the following is MOST effective to mitigate future infections?

A.
Develop a written organizational policy prohibiting unauthorized USB devices
A.
Develop a written organizational policy prohibiting unauthorized USB devices
Answers
B.
Train users on the dangers of transferring data in USB devices
B.
Train users on the dangers of transferring data in USB devices
Answers
C.
Implement centralized technical control of USB port connections
C.
Implement centralized technical control of USB port connections
Answers
D.
Encrypt removable USB devices containing data at rest
D.
Encrypt removable USB devices containing data at rest
Answers
Suggested answer: C

Question 522

Report
Export
Collapse

Which of the following MUST be in place to recognize a system attack?

A.
Stateful firewall
A.
Stateful firewall
Answers
B.
Distributed antivirus
B.
Distributed antivirus
Answers
C.
Log analysis
C.
Log analysis
Answers
D.
Passive honeypot
D.
Passive honeypot
Answers
Suggested answer: C

Question 523

Report
Export
Collapse

Which of the following is the GREATEST benefit of implementing a Role Based Access Control (RBAC) system?

A.
Integration using Lightweight Directory Access Protocol (LDAP)
A.
Integration using Lightweight Directory Access Protocol (LDAP)
Answers
B.
Form-based user registration process
B.
Form-based user registration process
Answers
C.
Integration with the organizations Human Resources (HR) system
C.
Integration with the organizations Human Resources (HR) system
Answers
D.
A considerably simpler provisioning process
D.
A considerably simpler provisioning process
Answers
Suggested answer: D

Question 524

Report
Export
Collapse

Which Identity and Access Management (IAM) process can be used to maintain the principle of least privilege?

A.
identity provisioning
A.
identity provisioning
Answers
B.
access recovery
B.
access recovery
Answers
C.
multi-factor authentication (MFA)
C.
multi-factor authentication (MFA)
Answers
D.
user access review
D.
user access review
Answers
Suggested answer: A

Question 525

Report
Export
Collapse

A minimal implementation of endpoint security includes which of the following?

A.
Trusted platforms
A.
Trusted platforms
Answers
B.
Host-based firewalls
B.
Host-based firewalls
Answers
C.
Token-based authentication
C.
Token-based authentication
Answers
D.
Wireless Access Points (AP)
D.
Wireless Access Points (AP)
Answers
Suggested answer: B

Question 526

Report
Export
Collapse

What is the expected outcome of security awareness in support of a security awareness program?

A.
Awareness activities should be used to focus on security concerns and respond to those concerns accordingly
A.
Awareness activities should be used to focus on security concerns and respond to those concerns accordingly
Answers
B.
Awareness is not an activity or part of the training but rather a state of persistence to support the program
B.
Awareness is not an activity or part of the training but rather a state of persistence to support the program
Answers
C.
Awareness is training. The purpose of awareness presentations is to broaden attention of security.
C.
Awareness is training. The purpose of awareness presentations is to broaden attention of security.
Answers
D.
Awareness is not training. The purpose of awareness presentation is simply to focus attention on security.
D.
Awareness is not training. The purpose of awareness presentation is simply to focus attention on security.
Answers
Suggested answer: C

Question 527

Report
Export
Collapse

Which security modes is MOST commonly used in a commercial environment because it protects the integrity of financial and accounting data?

A.
Biba
A.
Biba
Answers
B.
Graham-Denning
B.
Graham-Denning
Answers
C.
Clark-Wilson
C.
Clark-Wilson
Answers
D.
Beil-LaPadula
D.
Beil-LaPadula
Answers
Suggested answer: C

Question 528

Report
Export
Collapse

Why is planning in Disaster Recovery (DR) an interactive process?

A.
It details off-site storage plans
A.
It details off-site storage plans
Answers
B.
It identifies omissions in the plan
B.
It identifies omissions in the plan
Answers
C.
It defines the objectives of the plan
C.
It defines the objectives of the plan
Answers
D.
It forms part of the awareness process
D.
It forms part of the awareness process
Answers
Suggested answer: C

Question 529

Report
Export
Collapse

Mandatory Access Controls (MAC) are based on:

A.
security classification and security clearance
A.
security classification and security clearance
Answers
B.
data segmentation and data classification
B.
data segmentation and data classification
Answers
C.
data labels and user access permissions
C.
data labels and user access permissions
Answers
D.
user roles and data encryption
D.
user roles and data encryption
Answers
Suggested answer: A

Question 530

Report
Export
Collapse

What is the foundation of cryptographic functions?

A.
Encryption
A.
Encryption
Answers
B.
Cipher
B.
Cipher
Answers
C.
Hash
C.
Hash
Answers
D.
Entropy
D.
Entropy
Answers
Suggested answer: D
Total 1.482 questions
Go to page: of 149
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms