ExamGecko
Search Search Login
Home Home / ISC / CISSP

ISC CISSP Practice Test - Questions Answers, Page 64

Question list
Search
Search

List of questions

Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

Which of the following are all elements of a disaster recovery plan (DRP)?
All of the following items should be included in a Business Impact Analysis (BIA) questionnaire EXCEPT questions that
Which of the following would BEST support effective testing of patch compatibility when patches are applied to an organization's systems?
An organization is preparing to achieve General Data Protection Regulation (GDPR) compliance. The Chief Information Security Officer (CISO) is reviewing data protection methods. Which of the following is the BEST data protection method?
In what phase of the System Development Life Cycle (SDLC) should security training for the development team begin?
What balance MUST be considered when web application developers determine how informative application error messages should be constructed?
Which part of an operating system (OS) is responsible for providing security interfaces among the hardware, OS, and other parts of the computing system?
Backup information that is critical to the organization is identified through a
Data remanence refers to which of the following?
With what frequency should monitoring of a control occur when implementing Information Security Continuous Monitoring (ISCM) solutions?

Question 631

Report
Export
Collapse

Which of the following is a characteristic of a challenge/response authentication process?

A.
Using a password history blacklist
A.
Using a password history blacklist
Answers
B.
Transmitting a hash based on the user's password
B.
Transmitting a hash based on the user's password
Answers
C.
Presenting distorted gravies of text for authentication
C.
Presenting distorted gravies of text for authentication
Answers
D.
Requiring the use of non-consecutive numeric characters
D.
Requiring the use of non-consecutive numeric characters
Answers
Suggested answer: C

Question 632

Report
Export
Collapse

Which of the following is the PRIMARY risk associated with Extensible Markup Language (XML) applications?

A.
Users can manipulate the code.
A.
Users can manipulate the code.
Answers
B.
The stack data structure cannot be replicated.
B.
The stack data structure cannot be replicated.
Answers
C.
The stack data structure is repetitive.
C.
The stack data structure is repetitive.
Answers
D.
Potential sensitive data leakage.
D.
Potential sensitive data leakage.
Answers
Suggested answer: A

Question 633

Report
Export
Collapse

Activity to baseline, tailor, and scope security controls tikes place dring which National Institute of Standards and Technology (NIST) Risk Management Framework (RMF) step?

A.
Authorize IS.
A.
Authorize IS.
Answers
B.
Assess security controls.
B.
Assess security controls.
Answers
C.
Categorize Information system (IS).
C.
Categorize Information system (IS).
Answers
D.
Select security controls.
D.
Select security controls.
Answers
Suggested answer: D

Question 634

Report
Export
Collapse

A large corporation is locking for a solution to automate access based on where on request is coming from, who the user is, what device they are connecting with, and what time of day they are attempting this access. What type of solution would suit their needs?

A.
Discretionary Access Control (DAC)
A.
Discretionary Access Control (DAC)
Answers
B.
Role Based Access Control (RBAC)
B.
Role Based Access Control (RBAC)
Answers
C.
Mandater Access Control (MAC)
C.
Mandater Access Control (MAC)
Answers
D.
Network Access Control (NAC)
D.
Network Access Control (NAC)
Answers
Suggested answer: D

Question 635

Report
Export
Collapse

Which one of the following is an advantage of an effective release control strategy from a configuration control standpoint?

A.
Ensures that there is no loss of functionality between releases
A.
Ensures that there is no loss of functionality between releases
Answers
B.
Allows for future enhancements to existing features
B.
Allows for future enhancements to existing features
Answers
C.
Enforces backward compatibility between releases
C.
Enforces backward compatibility between releases
Answers
D.
Ensures that a trace for all deliverables is maintained and auditable
D.
Ensures that a trace for all deliverables is maintained and auditable
Answers
Suggested answer: C

Question 636

Report
Export
Collapse

When adopting software as a service (Saas), which security responsibility will remain with remain with the adopting organization?

A.
Physical security
A.
Physical security
Answers
B.
Data classification
B.
Data classification
Answers
C.
Network control
C.
Network control
Answers
D.
Application layer control
D.
Application layer control
Answers
Suggested answer: B

Question 637

Report
Export
Collapse

Secure real-time transport protocol (SRTP) provides security for which of the following?

A.
time sensitive e-communication
A.
time sensitive e-communication
Answers
B.
Voice communication
B.
Voice communication
Answers
C.
Satellite communication
C.
Satellite communication
Answers
D.
Network Communication for real-time operating systems
D.
Network Communication for real-time operating systems
Answers
Suggested answer: B

Question 638

Report
Export
Collapse

Which of the following authorization standards is built to handle Application Programming Interface (API) access for Federated Identity Management (FIM)?

A.
Security Assertion Markup Language (SAML)
A.
Security Assertion Markup Language (SAML)
Answers
B.
Open Authentication (OAUTH)
B.
Open Authentication (OAUTH)
Answers
C.
Remote Authentication Dial-in User service (RADIUS)
C.
Remote Authentication Dial-in User service (RADIUS)
Answers
D.
Terminal Access Control Access Control System Plus (TACACS+)
D.
Terminal Access Control Access Control System Plus (TACACS+)
Answers
Suggested answer: B

Question 639

Report
Export
Collapse

Which programming methodology allows a programmer to use pre-determined blocks of code end consequently reducing development time and programming costs?

A.
Application security
A.
Application security
Answers
B.
Object oriented
B.
Object oriented
Answers
C.
Blocked algorithm
C.
Blocked algorithm
Answers
D.
Assembly language
D.
Assembly language
Answers
Suggested answer: B

Question 640

Report
Export
Collapse

Why do certificate Authorities (CA) add value to the security of electronic commerce transactions?

A.
They maintain the certificate revocation list.
A.
They maintain the certificate revocation list.
Answers
B.
They maintain the private keys of transition parties.
B.
They maintain the private keys of transition parties.
Answers
C.
They verify the transaction parties' private keys.
C.
They verify the transaction parties' private keys.
Answers
D.
They provide a secure communication enamel to the transaction parties.
D.
They provide a secure communication enamel to the transaction parties.
Answers
Suggested answer: D
Total 1.482 questions
Go to page: of 149
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms