ExamGecko
Login
Home / ISC / CISSP / List of questions
Ask Question

ISC CISSP Practice Test - Questions Answers, Page 58

List of questions

Question 571

Report Export Collapse

During examination of Internet history records, the following string occurs within a Unique Resource Locator (URL): http://www.companysite.com/products/products.asp?productid=123 or 1=1 What type of attack does this indicate?

Directory traversal
Directory traversal
Structured Query Language (SQL) injection
Structured Query Language (SQL) injection
Cross-Site Scripting (XSS)
Cross-Site Scripting (XSS)
Shellcode injection
Shellcode injection
Suggested answer: C
asked 18/09/2024
GIORGOS KELAIDIS
36 questions

Question 572

Report Export Collapse

The core component of Role Based Access Control (RBAC) must be constructed of defined data elements.

Which elements are required?

Users, permissions, operations, and protected objects
Users, permissions, operations, and protected objects
Roles, accounts, permissions, and protected objects
Roles, accounts, permissions, and protected objects
Users, roles, operations, and protected objects
Users, roles, operations, and protected objects
Roles, operations, accounts, and protected objects
Roles, operations, accounts, and protected objects
Suggested answer: C
asked 18/09/2024
Waleed Bahadaq
44 questions

Question 573

Report Export Collapse

Which of the following is the BEST metric to obtain when gaining support for an Identify and Access Management (IAM) solution?

Application connection successes resulting in data leakage
Application connection successes resulting in data leakage
Administrative costs for restoring systems after connection failure
Administrative costs for restoring systems after connection failure
Employee system timeouts from implementing wrong limits
Employee system timeouts from implementing wrong limits
Help desk costs required to support password reset requests
Help desk costs required to support password reset requests
Suggested answer: D
asked 18/09/2024
L Zsolt
42 questions

Question 574

Report Export Collapse

In an organization where Network Access Control (NAC) has been deployed, a device trying to connect to the network is being placed into an isolated domain. What could be done on this device in order to obtain proper connectivity?

Connect the device to another network jack
Connect the device to another network jack
Apply remediation's according to security requirements
Apply remediation's according to security requirements
Apply Operating System (OS) patches
Apply Operating System (OS) patches
Change the Message Authentication Code (MAC) address of the network interface
Change the Message Authentication Code (MAC) address of the network interface
Suggested answer: B
asked 18/09/2024
stephen mark
38 questions

Question 575

Report Export Collapse

What is the second step in the identity and access provisioning lifecycle?

Provisioning
Provisioning
Review
Review
Approval
Approval
Revocation
Revocation
Suggested answer: B
asked 18/09/2024
Aimé Tameti
45 questions

Question 576

Report Export Collapse

Which of the following MUST be scalable to address security concerns raised by the integration of third-party identity services?

Mandatory Access Controls (MAC)
Mandatory Access Controls (MAC)
Enterprise security architecture
Enterprise security architecture
Enterprise security procedures
Enterprise security procedures
Role Based Access Controls (RBAC)
Role Based Access Controls (RBAC)
Suggested answer: C
asked 18/09/2024
Kevin Collins
36 questions

Question 577

Report Export Collapse

Which of the following is a common feature of an Identity as a Service (IDaaS) solution?

Single Sign-On (SSO) authentication support
Single Sign-On (SSO) authentication support
Privileged user authentication support
Privileged user authentication support
Password reset service support
Password reset service support
Terminal Access Controller Access Control System (TACACS) authentication support
Terminal Access Controller Access Control System (TACACS) authentication support
Suggested answer: A
asked 18/09/2024
Prenolan Kamiah
45 questions

Question 578

Report Export Collapse

An organization's security policy delegates to the data owner the ability to assign which user roles have access to a particular resource. What type of authorization mechanism is being used?

Discretionary Access Control (DAC)
Discretionary Access Control (DAC)
Role Based Access Control (RBAC)
Role Based Access Control (RBAC)
Media Access Control (MAC)
Media Access Control (MAC)
Mandatory Access Control (MAC)
Mandatory Access Control (MAC)
Suggested answer: A
asked 18/09/2024
Bruno Soriano
38 questions

Question 579

Report Export Collapse

Extensible Authentication Protocol-Message Digest 5 (EAP-MD5) only provides which of the following?

Mutual authentication
Mutual authentication
Server authentication
Server authentication
User authentication
User authentication
Streaming ciphertext data
Streaming ciphertext data
Suggested answer: C
asked 18/09/2024
Ronald de Groot
49 questions

Question 580

Report Export Collapse

Which type of test would an organization perform in order to locate and target exploitable defects?

Penetration
Penetration
System
System
Performance
Performance
Vulnerability
Vulnerability
Suggested answer: A
asked 18/09/2024
107 gleann na ri charles
37 questions
Total 1.482 questions
Go to page: of 149
Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

Which Open Systems Interconnection (OSI) layer(s) BEST corresponds to the network access layer in the Transmission Control Protocol/Internet Protocol (TCP/IP) model?
All of the following items should be included in a Business Impact Analysis (BIA) questionnaire EXCEPT questions that
An organization is preparing to achieve General Data Protection Regulation (GDPR) compliance. The Chief Information Security Officer (CISO) is reviewing data protection methods. Which of the following is the BEST data protection method?
Which one of the following would cause an immediate review and possible change to the security policies of an organization?
Which of the following are all elements of a disaster recovery plan (DRP)?
What is the MAIN reason for testing a Disaster Recovery Plan (DRP)?
Which of the following BEST describes the objectives of the Business Impact Analysis (BIA)?
Which of the following would BEST support effective testing of patch compatibility when patches are applied to an organization's systems?
Which part of an operating system (OS) is responsible for providing security interfaces among the hardware, OS, and other parts of the computing system?
In what phase of the System Development Life Cycle (SDLC) should security training for the development team begin?