ExamGecko
Login
Home / ISC / CISSP / List of questions
Ask Question

ISC CISSP Practice Test - Questions Answers, Page 63

List of questions

Question 621

Report Export Collapse

Which of the following is the BEST way to reduce the impact of an externally sourced flood attack?

Have the service provider block the soiree address.
Have the service provider block the soiree address.
Have the soiree service provider block the address.
Have the soiree service provider block the address.
Block the source address at the firewall.
Block the source address at the firewall.
Block all inbound traffic until the flood ends.
Block all inbound traffic until the flood ends.
Suggested answer: C
asked 18/09/2024
Mashudu Abraham
40 questions

Question 622

Report Export Collapse

Which of the following is the BEST Identity-as-a-Service (IDaaS) solution for validating users?

Single Sign-On (SSO)
Single Sign-On (SSO)
Security Assertion Markup Language (SAML)
Security Assertion Markup Language (SAML)
Lightweight Directory Access Protocol (LDAP)
Lightweight Directory Access Protocol (LDAP)
Open Authentication (OAuth)
Open Authentication (OAuth)
Suggested answer: B
asked 18/09/2024
Seth Frizzell
43 questions

Question 623

Report Export Collapse

When conducting a security assessment of access controls, which activity is part of the data analysis phase?

Present solutions to address audit exceptions.
Present solutions to address audit exceptions.
Conduct statistical sampling of data transactions.
Conduct statistical sampling of data transactions.
Categorize and identify evidence gathered during the audit.
Categorize and identify evidence gathered during the audit.
Collect logs and reports.
Collect logs and reports.
Suggested answer: C
asked 18/09/2024
Philippe Chretien
46 questions

Question 624

Report Export Collapse

Which of the following is used to support the of defense in depth during development phase of a software product?

Security auditing
Security auditing
Polyinstantiation
Polyinstantiation
Maintenance
Maintenance
Known vulnerability list
Known vulnerability list
Suggested answer: B
asked 18/09/2024
Roger Berger
31 questions

Question 625

Report Export Collapse

When a system changes significantly, who is PRIMARILY responsible for assessing the security impact?

Chief Information Security Officer (CISO)
Chief Information Security Officer (CISO)
Information System Owner
Information System Owner
Information System Security Officer (ISSO)
Information System Security Officer (ISSO)
Authorizing Official
Authorizing Official
Suggested answer: B
asked 18/09/2024
Ramakrishnan Subramanian
39 questions

Question 626

Report Export Collapse

When selecting a disk encryption technology, which of the following MUST also be assured to be encrypted?

Master Boot Record (MBR)
Master Boot Record (MBR)
Pre-boot environment
Pre-boot environment
Basic Input Output System (BIOS)
Basic Input Output System (BIOS)
Hibernation file
Hibernation file
Suggested answer: A
asked 18/09/2024
Vicky Mukhy
37 questions

Question 627

Report Export Collapse

Which of the following attacks is dependent upon the compromise of a secondary target in order to reach the primary target?

Watering hole
Watering hole
Brute force
Brute force
Spear phishing
Spear phishing
Address Resolution Protocol (ARP) poisoning
Address Resolution Protocol (ARP) poisoning
Suggested answer: D
asked 18/09/2024
Francesco D'Agostino
40 questions

Question 628

Report Export Collapse

Additional padding may be added to toe Encapsulating Security Protocol (ESP) b trailer to provide which of the following?

Access control
Access control
Partial traffic flow confidentiality
Partial traffic flow confidentiality
Protection against replay attack
Protection against replay attack
Data origin authentication
Data origin authentication
Suggested answer: C
asked 18/09/2024
Henny Smit
44 questions

Question 629

Report Export Collapse

Company A is evaluating new software to replace an in-house developed application. During the acquisition process. Company A specified the security retirement, as well as the functional requirements. Company B responded to the acquisition request with their flagship product that runs on an Operating System (OS) that Company A has never used nor evaluated. The flagship product meets all security -and functional requirements as defined by Company A.

Based upon Company B's response, what step should Company A take?

Move ahead with the acpjisition process, and purchase the flagship software
Move ahead with the acpjisition process, and purchase the flagship software
Conduct a security review of the OS
Conduct a security review of the OS
Perform functionality testing
Perform functionality testing
Enter into contract negotiations ensuring Service Level Agreements (SLA) are established to include security patching
Enter into contract negotiations ensuring Service Level Agreements (SLA) are established to include security patching
Suggested answer: B
asked 18/09/2024
JUAN LUIS BERMUDEZ MAYORAL
33 questions

Question 630

Report Export Collapse

What is maintained by using write blocking devices whan forensic evidence is examined?

Inventory
Inventory
lntegrity
lntegrity
Confidentiality
Confidentiality
Availability
Availability
Suggested answer: B
asked 18/09/2024
HAZEM SHAIKHANI
47 questions
Total 1.482 questions
Go to page: of 149
Open VPLUS File
Convert VPLUS to PDF

Related questions

Which Open Systems Interconnection (OSI) layer(s) BEST corresponds to the network access layer in the Transmission Control Protocol/Internet Protocol (TCP/IP) model?
All of the following items should be included in a Business Impact Analysis (BIA) questionnaire EXCEPT questions that
An organization is preparing to achieve General Data Protection Regulation (GDPR) compliance. The Chief Information Security Officer (CISO) is reviewing data protection methods. Which of the following is the BEST data protection method?
Which one of the following would cause an immediate review and possible change to the security policies of an organization?
Which of the following are all elements of a disaster recovery plan (DRP)?
What is the MAIN reason for testing a Disaster Recovery Plan (DRP)?
Which of the following BEST describes the objectives of the Business Impact Analysis (BIA)?
Which of the following would BEST support effective testing of patch compatibility when patches are applied to an organization's systems?
Which part of an operating system (OS) is responsible for providing security interfaces among the hardware, OS, and other parts of the computing system?
In what phase of the System Development Life Cycle (SDLC) should security training for the development team begin?