ExamGecko
Login
Home / ISC / CISSP / List of questions
Ask Question

ISC CISSP Practice Test - Questions Answers, Page 64

List of questions

Question 631

Report
Export
Collapse

Which of the following is a characteristic of a challenge/response authentication process?

Using a password history blacklist
Using a password history blacklist
Transmitting a hash based on the user's password
Transmitting a hash based on the user's password
Presenting distorted gravies of text for authentication
Presenting distorted gravies of text for authentication
Requiring the use of non-consecutive numeric characters
Requiring the use of non-consecutive numeric characters
Suggested answer: C
asked 18/09/2024
Rodrigo Serrano dos Santos
38 questions

Question 632

Report
Export
Collapse

Which of the following is the PRIMARY risk associated with Extensible Markup Language (XML) applications?

Users can manipulate the code.
Users can manipulate the code.
The stack data structure cannot be replicated.
The stack data structure cannot be replicated.
The stack data structure is repetitive.
The stack data structure is repetitive.
Potential sensitive data leakage.
Potential sensitive data leakage.
Suggested answer: A
asked 18/09/2024
Franziska Kreuz
36 questions

Question 633

Report
Export
Collapse

Activity to baseline, tailor, and scope security controls tikes place dring which National Institute of Standards and Technology (NIST) Risk Management Framework (RMF) step?

Authorize IS.
Authorize IS.
Assess security controls.
Assess security controls.
Categorize Information system (IS).
Categorize Information system (IS).
Select security controls.
Select security controls.
Suggested answer: D
asked 18/09/2024
Syed Hasan Rizvi
29 questions

Question 634

Report
Export
Collapse

A large corporation is locking for a solution to automate access based on where on request is coming from, who the user is, what device they are connecting with, and what time of day they are attempting this access. What type of solution would suit their needs?

Discretionary Access Control (DAC)
Discretionary Access Control (DAC)
Role Based Access Control (RBAC)
Role Based Access Control (RBAC)
Mandater Access Control (MAC)
Mandater Access Control (MAC)
Network Access Control (NAC)
Network Access Control (NAC)
Suggested answer: D
asked 18/09/2024
Nidal Allamadani
45 questions

Question 635

Report
Export
Collapse

Which one of the following is an advantage of an effective release control strategy from a configuration control standpoint?

Ensures that there is no loss of functionality between releases
Ensures that there is no loss of functionality between releases
Allows for future enhancements to existing features
Allows for future enhancements to existing features
Enforces backward compatibility between releases
Enforces backward compatibility between releases
Ensures that a trace for all deliverables is maintained and auditable
Ensures that a trace for all deliverables is maintained and auditable
Suggested answer: C
asked 18/09/2024
Tebogo Maphafo
36 questions

Question 636

Report
Export
Collapse

When adopting software as a service (Saas), which security responsibility will remain with remain with the adopting organization?

Physical security
Physical security
Data classification
Data classification
Network control
Network control
Application layer control
Application layer control
Suggested answer: B
asked 18/09/2024
long tran
33 questions

Question 637

Report
Export
Collapse

Secure real-time transport protocol (SRTP) provides security for which of the following?

time sensitive e-communication
time sensitive e-communication
Voice communication
Voice communication
Satellite communication
Satellite communication
Network Communication for real-time operating systems
Network Communication for real-time operating systems
Suggested answer: B
asked 18/09/2024
OLUSEGUN IJAOLA
28 questions

Question 638

Report
Export
Collapse

Which of the following authorization standards is built to handle Application Programming Interface (API) access for Federated Identity Management (FIM)?

Security Assertion Markup Language (SAML)
Security Assertion Markup Language (SAML)
Open Authentication (OAUTH)
Open Authentication (OAUTH)
Remote Authentication Dial-in User service (RADIUS)
Remote Authentication Dial-in User service (RADIUS)
Terminal Access Control Access Control System Plus (TACACS+)
Terminal Access Control Access Control System Plus (TACACS+)
Suggested answer: B
asked 18/09/2024
Tyler Henderson
35 questions

Question 639

Report
Export
Collapse

Which programming methodology allows a programmer to use pre-determined blocks of code end consequently reducing development time and programming costs?

Application security
Application security
Object oriented
Object oriented
Blocked algorithm
Blocked algorithm
Assembly language
Assembly language
Suggested answer: B
asked 18/09/2024
Arlind Tereziu
41 questions

Question 640

Report
Export
Collapse

Why do certificate Authorities (CA) add value to the security of electronic commerce transactions?

They maintain the certificate revocation list.
They maintain the certificate revocation list.
They maintain the private keys of transition parties.
They maintain the private keys of transition parties.
They verify the transaction parties' private keys.
They verify the transaction parties' private keys.
They provide a secure communication enamel to the transaction parties.
They provide a secure communication enamel to the transaction parties.
Suggested answer: D
asked 18/09/2024
Kristian Gutierrez
47 questions
Total 1.482 questions
Go to page: of 149
Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

Which Open Systems Interconnection (OSI) layer(s) BEST corresponds to the network access layer in the Transmission Control Protocol/Internet Protocol (TCP/IP) model?
All of the following items should be included in a Business Impact Analysis (BIA) questionnaire EXCEPT questions that
An organization is preparing to achieve General Data Protection Regulation (GDPR) compliance. The Chief Information Security Officer (CISO) is reviewing data protection methods. Which of the following is the BEST data protection method?
Which one of the following would cause an immediate review and possible change to the security policies of an organization?
Which of the following are all elements of a disaster recovery plan (DRP)?
What is the MAIN reason for testing a Disaster Recovery Plan (DRP)?
Which of the following BEST describes the objectives of the Business Impact Analysis (BIA)?
Which of the following would BEST support effective testing of patch compatibility when patches are applied to an organization's systems?
Which part of an operating system (OS) is responsible for providing security interfaces among the hardware, OS, and other parts of the computing system?
In what phase of the System Development Life Cycle (SDLC) should security training for the development team begin?