ExamGecko
Search Search Login
Home Home / ISC / CISSP

ISC CISSP Practice Test - Questions Answers, Page 62

Question list
Search
Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

Which of the following are all elements of a disaster recovery plan (DRP)?
All of the following items should be included in a Business Impact Analysis (BIA) questionnaire EXCEPT questions that
Which of the following would BEST support effective testing of patch compatibility when patches are applied to an organization's systems?
An organization is preparing to achieve General Data Protection Regulation (GDPR) compliance. The Chief Information Security Officer (CISO) is reviewing data protection methods. Which of the following is the BEST data protection method?
In what phase of the System Development Life Cycle (SDLC) should security training for the development team begin?
What balance MUST be considered when web application developers determine how informative application error messages should be constructed?
Which part of an operating system (OS) is responsible for providing security interfaces among the hardware, OS, and other parts of the computing system?
Backup information that is critical to the organization is identified through a
Data remanence refers to which of the following?
With what frequency should monitoring of a control occur when implementing Information Security Continuous Monitoring (ISCM) solutions?

Question 611

Report
Export
Collapse

Which of the following is the MOST important security goal when performing application interface testing?

A.
Confirm that all platforms are supported and function properly
A.
Confirm that all platforms are supported and function properly
Answers
B.
Evaluate whether systems or components pass data and control correctly to one another
B.
Evaluate whether systems or components pass data and control correctly to one another
Answers
C.
Verify compatibility of software, hardware, and network connections
C.
Verify compatibility of software, hardware, and network connections
Answers
D.
Examine error conditions related to external interfaces to prevent application details leakage
D.
Examine error conditions related to external interfaces to prevent application details leakage
Answers
Suggested answer: B

Question 612

Report
Export
Collapse

Which of the following is the MOST common method of memory protection?

A.
Compartmentalization
A.
Compartmentalization
Answers
B.
Segmentation
B.
Segmentation
Answers
C.
Error correction
C.
Error correction
Answers
D.
Virtual Local Area Network (VLAN) tagging
D.
Virtual Local Area Network (VLAN) tagging
Answers
Suggested answer: B

Question 613

Report
Export
Collapse

Attack trees are MOST useful for which of the following?

A.
Determining system security scopes
A.
Determining system security scopes
Answers
B.
Generating attack libraries
B.
Generating attack libraries
Answers
C.
Enumerating threats
C.
Enumerating threats
Answers
D.
Evaluating Denial of Service (DoS) attacks
D.
Evaluating Denial of Service (DoS) attacks
Answers
Suggested answer: C

Question 614

Report
Export
Collapse

Which of the following techniques is known to be effective in spotting resource exhaustion problems, especially with resources such as processes, memory, and connections?

A.
Automated dynamic analysis
A.
Automated dynamic analysis
Answers
B.
Automated static analysis
B.
Automated static analysis
Answers
C.
Manual code review
C.
Manual code review
Answers
D.
Fuzzing
D.
Fuzzing
Answers
Suggested answer: A

Question 615

Report
Export
Collapse

Which one of the following is an advantage of an effective release control strategy form a configuration control standpoint?

A.
Ensures that a trace for all deliverables is maintained and auditable
A.
Ensures that a trace for all deliverables is maintained and auditable
Answers
B.
Enforces backward compatibility between releases
B.
Enforces backward compatibility between releases
Answers
C.
Ensures that there is no loss of functionality between releases
C.
Ensures that there is no loss of functionality between releases
Answers
D.
Allows for future enhancements to existing features
D.
Allows for future enhancements to existing features
Answers
Suggested answer: A

Question 616

Report
Export
Collapse

The design review for an application has been completed and is ready for release. What technique should an organization use to assure application integrity?

A.
Application authentication
A.
Application authentication
Answers
B.
Input validation
B.
Input validation
Answers
C.
Digital signing
C.
Digital signing
Answers
D.
Device encryption
D.
Device encryption
Answers
Suggested answer: B

Question 617

Report
Export
Collapse

What is the BEST location in a network to place Virtual Private Network (VPN) devices when an internal review reveals network design flaws in remote access?

A.
In a dedicated Demilitarized Zone (DMZ)
A.
In a dedicated Demilitarized Zone (DMZ)
Answers
B.
In its own separate Virtual Local Area Network (VLAN)
B.
In its own separate Virtual Local Area Network (VLAN)
Answers
C.
At the Internet Service Provider (ISP)
C.
At the Internet Service Provider (ISP)
Answers
D.
Outside the external firewall
D.
Outside the external firewall
Answers
Suggested answer: B

Question 618

Report
Export
Collapse

Which of the following access management procedures would minimize the possibility of an organization's employees retaining access to secure werk areas after they change roles?

A.
User access modification
A.
User access modification
Answers
B.
user access recertification
B.
user access recertification
Answers
C.
User access termination
C.
User access termination
Answers
D.
User access provisioning
D.
User access provisioning
Answers
Suggested answer: B

Question 619

Report
Export
Collapse

What Is the FIRST step in establishing an information security program?

A.
Establish an information security policy.
A.
Establish an information security policy.
Answers
B.
Identify factors affecting information security.
B.
Identify factors affecting information security.
Answers
C.
Establish baseline security controls.
C.
Establish baseline security controls.
Answers
D.
Identify critical security infrastructure.
D.
Identify critical security infrastructure.
Answers
Suggested answer: A

Question 620

Report
Export
Collapse

Which of the following is MOST effective in detecting information hiding in Transmission Control Protocol/internet Protocol (TCP/IP) traffic?

A.
Stateful inspection firewall
A.
Stateful inspection firewall
Answers
B.
Application-level firewall
B.
Application-level firewall
Answers
C.
Content-filtering proxy
C.
Content-filtering proxy
Answers
D.
Packet-filter firewall
D.
Packet-filter firewall
Answers
Suggested answer: A
Total 1.482 questions
Go to page: of 149
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms