ExamGecko
Search Search Login
Home Home / ISC / CISSP

ISC CISSP Practice Test - Questions Answers, Page 61

Question list
Search
Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

Which of the following are all elements of a disaster recovery plan (DRP)?
All of the following items should be included in a Business Impact Analysis (BIA) questionnaire EXCEPT questions that
Which of the following would BEST support effective testing of patch compatibility when patches are applied to an organization's systems?
An organization is preparing to achieve General Data Protection Regulation (GDPR) compliance. The Chief Information Security Officer (CISO) is reviewing data protection methods. Which of the following is the BEST data protection method?
In what phase of the System Development Life Cycle (SDLC) should security training for the development team begin?
What balance MUST be considered when web application developers determine how informative application error messages should be constructed?
Which part of an operating system (OS) is responsible for providing security interfaces among the hardware, OS, and other parts of the computing system?
Backup information that is critical to the organization is identified through a
Data remanence refers to which of the following?
With what frequency should monitoring of a control occur when implementing Information Security Continuous Monitoring (ISCM) solutions?

Question 601

Report
Export
Collapse

What is the MAIN purpose of a change management policy?

A.
To assure management that changes to the Information Technology (IT) infrastructure are necessary
A.
To assure management that changes to the Information Technology (IT) infrastructure are necessary
Answers
B.
To identify the changes that may be made to the Information Technology (IT) infrastructure
B.
To identify the changes that may be made to the Information Technology (IT) infrastructure
Answers
C.
To verify that changes to the Information Technology (IT) infrastructure are approved
C.
To verify that changes to the Information Technology (IT) infrastructure are approved
Answers
D.
To determine the necessary for implementing modifications to the Information Technology (IT) infrastructure
D.
To determine the necessary for implementing modifications to the Information Technology (IT) infrastructure
Answers
Suggested answer: C

Question 602

Report
Export
Collapse

Who is responsible for the protection of information when it is shared with or provided to other organizations?

A.
Systems owner
A.
Systems owner
Answers
B.
Authorizing Official (AO)
B.
Authorizing Official (AO)
Answers
C.
Information owner
C.
Information owner
Answers
D.
Security officer
D.
Security officer
Answers
Suggested answer: C

Question 603

Report
Export
Collapse

Which of the following is the MOST challenging issue in apprehending cyber criminals?

A.
They often use sophisticated method to commit a crime.
A.
They often use sophisticated method to commit a crime.
Answers
B.
It is often hard to collect and maintain integrity of digital evidence.
B.
It is often hard to collect and maintain integrity of digital evidence.
Answers
C.
The crime is often committed from a different jurisdiction.
C.
The crime is often committed from a different jurisdiction.
Answers
D.
There is often no physical evidence involved.
D.
There is often no physical evidence involved.
Answers
Suggested answer: C

Question 604

Report
Export
Collapse

Which of the following are important criteria when designing procedures and acceptance criteria for acquired software?

A.
Code quality, security, and origin
A.
Code quality, security, and origin
Answers
B.
Architecture, hardware, and firmware
B.
Architecture, hardware, and firmware
Answers
C.
Data quality, provenance, and scaling
C.
Data quality, provenance, and scaling
Answers
D.
Distributed, agile, and bench testing
D.
Distributed, agile, and bench testing
Answers
Suggested answer: A

Question 605

Report
Export
Collapse

Which of the following steps should be performed FIRST when purchasing Commercial Off-The-Shelf (COTS) software?

A.
undergo a security assessment as part of authorization process
A.
undergo a security assessment as part of authorization process
Answers
B.
establish a risk management strategy
B.
establish a risk management strategy
Answers
C.
harden the hosting server, and perform hosting and application vulnerability scans
C.
harden the hosting server, and perform hosting and application vulnerability scans
Answers
D.
establish policies and procedures on system and services acquisition
D.
establish policies and procedures on system and services acquisition
Answers
Suggested answer: D

Question 606

Report
Export
Collapse

An organization has outsourced its financial transaction processing to a Cloud Service Provider (CSP) who will provide them with Software as a Service (SaaS). If there was a data breach who is responsible for monetary losses?

A.
The Data Protection Authority (DPA)
A.
The Data Protection Authority (DPA)
Answers
B.
The Cloud Service Provider (CSP)
B.
The Cloud Service Provider (CSP)
Answers
C.
The application developers
C.
The application developers
Answers
D.
The data owner
D.
The data owner
Answers
Suggested answer: B

Question 607

Report
Export
Collapse

What is the PRIMARY role of a scrum master in agile development?

A.
To choose the primary development language
A.
To choose the primary development language
Answers
B.
To choose the integrated development environment
B.
To choose the integrated development environment
Answers
C.
To match the software requirements to the delivery plan
C.
To match the software requirements to the delivery plan
Answers
D.
To project manage the software delivery
D.
To project manage the software delivery
Answers
Suggested answer: D

Question 608

Report
Export
Collapse

What capability would typically be included in a commercially available software package designed for access control?

A.
Password encryption
A.
Password encryption
Answers
B.
File encryption
B.
File encryption
Answers
C.
Source library control
C.
Source library control
Answers
D.
File authentication
D.
File authentication
Answers
Suggested answer: A

Question 609

Report
Export
Collapse

An organization plan on purchasing a custom software product developed by a small vendor to support its business model. Which unique consideration should be made part of the contractual agreement potential long-term risks associated with creating this dependency?

A.
A source code escrow clause
A.
A source code escrow clause
Answers
B.
Right to request an independent review of the software source code
B.
Right to request an independent review of the software source code
Answers
C.
Due diligence form requesting statements of compliance with security requirements
C.
Due diligence form requesting statements of compliance with security requirements
Answers
D.
Access to the technical documentation
D.
Access to the technical documentation
Answers
Suggested answer: B

Question 610

Report
Export
Collapse

When developing solutions for mobile devices, in which phase of the Software Development Life Cycle (SDLC) should technical limitations related to devices be specified?

A.
Implementation
A.
Implementation
Answers
B.
Initiation
B.
Initiation
Answers
C.
Review
C.
Review
Answers
D.
Development
D.
Development
Answers
Suggested answer: A
Total 1.482 questions
Go to page: of 149
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms