ExamGecko
Login
Home / ISC / CISSP / List of questions
Ask Question

ISC CISSP Practice Test - Questions Answers, Page 6

List of questions

Question 51

Report Export Collapse

When is a Business Continuity Plan (BCP) considered to be valid?

When it has been validated by the Business Continuity (BC) manager
When it has been validated by the Business Continuity (BC) manager
When it has been validated by the board of directors
When it has been validated by the board of directors
When it has been validated by all threat scenarios
When it has been validated by all threat scenarios
When it has been validated by realistic exercises
When it has been validated by realistic exercises
Suggested answer: D
asked 18/09/2024
Garvey Butler
50 questions

Question 52

Report Export Collapse

Recovery strategies of a Disaster Recovery planning (DRIP) MUST be aligned with which of the following?

Hardware and software compatibility issues
Hardware and software compatibility issues
Applications' critically and downtime tolerance
Applications' critically and downtime tolerance
Budget constraints and requirements
Budget constraints and requirements
Cost/benefit analysis and business objectives
Cost/benefit analysis and business objectives
Suggested answer: D
asked 18/09/2024
Angelica Caldeo
46 questions

Question 53

Report Export Collapse

Which of the following is the FIRST step in the incident response process?

Determine the cause of the incident
Determine the cause of the incident
Disconnect the system involved from the network
Disconnect the system involved from the network
Isolate and contain the system involved
Isolate and contain the system involved
Investigate all symptoms to confirm the incident
Investigate all symptoms to confirm the incident
Suggested answer: D
asked 18/09/2024
Camilo Garrido Lizana
34 questions

Question 54

Report Export Collapse

A continuous information security monitoring program can BEST reduce risk through which of the following?

Collecting security events and correlating them to identify anomalies
Collecting security events and correlating them to identify anomalies
Facilitating system-wide visibility into the activities of critical user accounts
Facilitating system-wide visibility into the activities of critical user accounts
Encompassing people, process, and technology
Encompassing people, process, and technology
Logging both scheduled and unscheduled system changes
Logging both scheduled and unscheduled system changes
Suggested answer: B
asked 18/09/2024
ftere yagoglu
35 questions

Question 55

Report Export Collapse

What would be the MOST cost effective solution for a Disaster Recovery (DR) site given that the organization's systems cannot be unavailable for more than 24 hours?

Warm site
Warm site
Hot site
Hot site
Mirror site
Mirror site
Cold site
Cold site
Suggested answer: A
asked 18/09/2024
Michael Craig
48 questions

Question 56

Report Export Collapse

A Java program is being developed to read a file from computer A and write it to computer B, using a third computer C. The program is not working as expected. What is the MOST probable security feature of Java preventing the program from operating as intended?

Least privilege
Least privilege
Privilege escalation
Privilege escalation
Defense in depth
Defense in depth
Privilege bracketing
Privilege bracketing
Suggested answer: A
asked 18/09/2024
None None
45 questions

Question 57

Report Export Collapse

Which of the following is the PRIMARY risk with using open source software in a commercial software construction?

Lack of software documentation
Lack of software documentation
License agreements requiring release of modified code
License agreements requiring release of modified code
Expiration of the license agreement
Expiration of the license agreement
Costs associated with support of the software
Costs associated with support of the software
Suggested answer: D
asked 18/09/2024
Reydel Tabares Castro
51 questions

Question 58

Report Export Collapse

When in the Software Development Life Cycle (SDLC) MUST software security functional requirements be defined?

After the system preliminary design has been developed and the data security categorization has been performed
After the system preliminary design has been developed and the data security categorization has been performed
After the vulnerability analysis has been performed and before the system detailed design begins
After the vulnerability analysis has been performed and before the system detailed design begins
After the system preliminary design has been developed and before the data security categorization begins
After the system preliminary design has been developed and before the data security categorization begins
After the business functional analysis and the data security categorization have been performed
After the business functional analysis and the data security categorization have been performed
Suggested answer: D
asked 18/09/2024
Timothy Smith
41 questions

Question 59

Report Export Collapse

Which of the following is the BEST method to prevent malware from being introduced into a production environment?

Purchase software from a limited list of retailers
Purchase software from a limited list of retailers
Verify the hash key or certificate key of all updates
Verify the hash key or certificate key of all updates
Do not permit programs, patches, or updates from the Internet
Do not permit programs, patches, or updates from the Internet
Test all new software in a segregated environment
Test all new software in a segregated environment
Suggested answer: D
asked 18/09/2024
Ankit Singh
39 questions

Question 60

Report Export Collapse

The configuration management and control task of the certification and accreditation process is incorporated in which phase of the System Development Life Cycle (SDLC)?

System acquisition and development
System acquisition and development
System operations and maintenance
System operations and maintenance
System initiation
System initiation
System implementation
System implementation
Suggested answer: A
Explanation:

Reference https://online.concordiA.edu/computer-science/system-development-life-cycle-phases/

asked 18/09/2024
Renats Fasulins
43 questions
Total 1.482 questions
Go to page: of 149
Open VPLUS File
Convert VPLUS to PDF

Related questions

Which Open Systems Interconnection (OSI) layer(s) BEST corresponds to the network access layer in the Transmission Control Protocol/Internet Protocol (TCP/IP) model?
All of the following items should be included in a Business Impact Analysis (BIA) questionnaire EXCEPT questions that
An organization is preparing to achieve General Data Protection Regulation (GDPR) compliance. The Chief Information Security Officer (CISO) is reviewing data protection methods. Which of the following is the BEST data protection method?
Which one of the following would cause an immediate review and possible change to the security policies of an organization?
Which of the following are all elements of a disaster recovery plan (DRP)?
What is the MAIN reason for testing a Disaster Recovery Plan (DRP)?
Which of the following BEST describes the objectives of the Business Impact Analysis (BIA)?
Which of the following would BEST support effective testing of patch compatibility when patches are applied to an organization's systems?
Which part of an operating system (OS) is responsible for providing security interfaces among the hardware, OS, and other parts of the computing system?
In what phase of the System Development Life Cycle (SDLC) should security training for the development team begin?