ExamGecko
Search Search Login
Home Home / ISC / CISSP

ISC CISSP Practice Test - Questions Answers, Page 63

Question list
Search
Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

Which of the following are all elements of a disaster recovery plan (DRP)?
All of the following items should be included in a Business Impact Analysis (BIA) questionnaire EXCEPT questions that
Which of the following would BEST support effective testing of patch compatibility when patches are applied to an organization's systems?
An organization is preparing to achieve General Data Protection Regulation (GDPR) compliance. The Chief Information Security Officer (CISO) is reviewing data protection methods. Which of the following is the BEST data protection method?
In what phase of the System Development Life Cycle (SDLC) should security training for the development team begin?
What balance MUST be considered when web application developers determine how informative application error messages should be constructed?
Which part of an operating system (OS) is responsible for providing security interfaces among the hardware, OS, and other parts of the computing system?
Backup information that is critical to the organization is identified through a
Data remanence refers to which of the following?
With what frequency should monitoring of a control occur when implementing Information Security Continuous Monitoring (ISCM) solutions?

Question 621

Report
Export
Collapse

Which of the following is the BEST way to reduce the impact of an externally sourced flood attack?

A.
Have the service provider block the soiree address.
A.
Have the service provider block the soiree address.
Answers
B.
Have the soiree service provider block the address.
B.
Have the soiree service provider block the address.
Answers
C.
Block the source address at the firewall.
C.
Block the source address at the firewall.
Answers
D.
Block all inbound traffic until the flood ends.
D.
Block all inbound traffic until the flood ends.
Answers
Suggested answer: C

Question 622

Report
Export
Collapse

Which of the following is the BEST Identity-as-a-Service (IDaaS) solution for validating users?

A.
Single Sign-On (SSO)
A.
Single Sign-On (SSO)
Answers
B.
Security Assertion Markup Language (SAML)
B.
Security Assertion Markup Language (SAML)
Answers
C.
Lightweight Directory Access Protocol (LDAP)
C.
Lightweight Directory Access Protocol (LDAP)
Answers
D.
Open Authentication (OAuth)
D.
Open Authentication (OAuth)
Answers
Suggested answer: B

Question 623

Report
Export
Collapse

When conducting a security assessment of access controls, which activity is part of the data analysis phase?

A.
Present solutions to address audit exceptions.
A.
Present solutions to address audit exceptions.
Answers
B.
Conduct statistical sampling of data transactions.
B.
Conduct statistical sampling of data transactions.
Answers
C.
Categorize and identify evidence gathered during the audit.
C.
Categorize and identify evidence gathered during the audit.
Answers
D.
Collect logs and reports.
D.
Collect logs and reports.
Answers
Suggested answer: C

Question 624

Report
Export
Collapse

Which of the following is used to support the of defense in depth during development phase of a software product?

A.
Security auditing
A.
Security auditing
Answers
B.
Polyinstantiation
B.
Polyinstantiation
Answers
C.
Maintenance
C.
Maintenance
Answers
D.
Known vulnerability list
D.
Known vulnerability list
Answers
Suggested answer: B

Question 625

Report
Export
Collapse

When a system changes significantly, who is PRIMARILY responsible for assessing the security impact?

A.
Chief Information Security Officer (CISO)
A.
Chief Information Security Officer (CISO)
Answers
B.
Information System Owner
B.
Information System Owner
Answers
C.
Information System Security Officer (ISSO)
C.
Information System Security Officer (ISSO)
Answers
D.
Authorizing Official
D.
Authorizing Official
Answers
Suggested answer: B

Question 626

Report
Export
Collapse

When selecting a disk encryption technology, which of the following MUST also be assured to be encrypted?

A.
Master Boot Record (MBR)
A.
Master Boot Record (MBR)
Answers
B.
Pre-boot environment
B.
Pre-boot environment
Answers
C.
Basic Input Output System (BIOS)
C.
Basic Input Output System (BIOS)
Answers
D.
Hibernation file
D.
Hibernation file
Answers
Suggested answer: A

Question 627

Report
Export
Collapse

Which of the following attacks is dependent upon the compromise of a secondary target in order to reach the primary target?

A.
Watering hole
A.
Watering hole
Answers
B.
Brute force
B.
Brute force
Answers
C.
Spear phishing
C.
Spear phishing
Answers
D.
Address Resolution Protocol (ARP) poisoning
D.
Address Resolution Protocol (ARP) poisoning
Answers
Suggested answer: D

Question 628

Report
Export
Collapse

Additional padding may be added to toe Encapsulating Security Protocol (ESP) b trailer to provide which of the following?

A.
Access control
A.
Access control
Answers
B.
Partial traffic flow confidentiality
B.
Partial traffic flow confidentiality
Answers
C.
Protection against replay attack
C.
Protection against replay attack
Answers
D.
Data origin authentication
D.
Data origin authentication
Answers
Suggested answer: C

Question 629

Report
Export
Collapse

Company A is evaluating new software to replace an in-house developed application. During the acquisition process. Company A specified the security retirement, as well as the functional requirements. Company B responded to the acquisition request with their flagship product that runs on an Operating System (OS) that Company A has never used nor evaluated. The flagship product meets all security -and functional requirements as defined by Company A.

Based upon Company B's response, what step should Company A take?

A.
Move ahead with the acpjisition process, and purchase the flagship software
A.
Move ahead with the acpjisition process, and purchase the flagship software
Answers
B.
Conduct a security review of the OS
B.
Conduct a security review of the OS
Answers
C.
Perform functionality testing
C.
Perform functionality testing
Answers
D.
Enter into contract negotiations ensuring Service Level Agreements (SLA) are established to include security patching
D.
Enter into contract negotiations ensuring Service Level Agreements (SLA) are established to include security patching
Answers
Suggested answer: B

Question 630

Report
Export
Collapse

What is maintained by using write blocking devices whan forensic evidence is examined?

A.
Inventory
A.
Inventory
Answers
B.
lntegrity
B.
lntegrity
Answers
C.
Confidentiality
C.
Confidentiality
Answers
D.
Availability
D.
Availability
Answers
Suggested answer: B
Total 1.482 questions
Go to page: of 149
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms