ExamGecko
Search Search Login
Home Home / ISC / CISSP

ISC CISSP Practice Test - Questions Answers, Page 67

Question list
Search
Search

List of questions

Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

Which of the following are all elements of a disaster recovery plan (DRP)?
All of the following items should be included in a Business Impact Analysis (BIA) questionnaire EXCEPT questions that
Which of the following would BEST support effective testing of patch compatibility when patches are applied to an organization's systems?
An organization is preparing to achieve General Data Protection Regulation (GDPR) compliance. The Chief Information Security Officer (CISO) is reviewing data protection methods. Which of the following is the BEST data protection method?
In what phase of the System Development Life Cycle (SDLC) should security training for the development team begin?
What balance MUST be considered when web application developers determine how informative application error messages should be constructed?
Which part of an operating system (OS) is responsible for providing security interfaces among the hardware, OS, and other parts of the computing system?
Backup information that is critical to the organization is identified through a
Data remanence refers to which of the following?
With what frequency should monitoring of a control occur when implementing Information Security Continuous Monitoring (ISCM) solutions?

Question 661

Report
Export
Collapse

When deploying en Intrusion Detection System (IDS) on a high-volume network, the need to distribute the load across multiple sensors would create which technical problem?

A.
Session continuity
A.
Session continuity
Answers
B.
Proxy authentication failure
B.
Proxy authentication failure
Answers
C.
Sensor overload
C.
Sensor overload
Answers
D.
Synchronized sensor updates
D.
Synchronized sensor updates
Answers
Suggested answer: A

Question 662

Report
Export
Collapse

How can a security engineer maintain network separation from a secure environment while allowing remote users to work in the secure environment?

A.
Use a Virtual Local Area Network (VLAN) to segment the network
A.
Use a Virtual Local Area Network (VLAN) to segment the network
Answers
B.
Implement a bastion host
B.
Implement a bastion host
Answers
C.
Install anti-virus on all enceinte
C.
Install anti-virus on all enceinte
Answers
D.
Enforce port security on access switches
D.
Enforce port security on access switches
Answers
Suggested answer: A

Question 663

Report
Export
Collapse

Which of the following is the MOST important consideration that must be taken into account when deploying an enterprise patching solution that includes mobile devices?

A.
Service provider(s) utilized by the organization
A.
Service provider(s) utilized by the organization
Answers
B.
Whether it will impact personal use
B.
Whether it will impact personal use
Answers
C.
Number of mobile users in the organization
C.
Number of mobile users in the organization
Answers
D.
Feasibility of downloads due to available bandwidth
D.
Feasibility of downloads due to available bandwidth
Answers
Suggested answer: C

Question 664

Report
Export
Collapse

Which of the following is the weakest form of protection for an application that handles Personally Identifiable Information (PII)?

A.
Transport Layer Security (TLS)
A.
Transport Layer Security (TLS)
Answers
B.
Ron Rivest Cipher 4 (RC4) encryption
B.
Ron Rivest Cipher 4 (RC4) encryption
Answers
C.
Security Assertion Markup Language (SAML)
C.
Security Assertion Markup Language (SAML)
Answers
D.
Multifactor authentication
D.
Multifactor authentication
Answers
Suggested answer: B

Question 665

Report
Export
Collapse

Which is the MOST effective countermeasure to prevent electromagnetic emanations on unshielded data cable?

A.
Move cable are away from exterior facing windows
A.
Move cable are away from exterior facing windows
Answers
B.
Encase exposed cable runs in metal conduit
B.
Encase exposed cable runs in metal conduit
Answers
C.
Enable Power over Ethernet (PoE) to increase voltage
C.
Enable Power over Ethernet (PoE) to increase voltage
Answers
D.
Bundle exposed cables together to disguise their signals
D.
Bundle exposed cables together to disguise their signals
Answers
Suggested answer: B

Question 666

Report
Export
Collapse

Which of the following is the MOST significant benefit to implementing a third-party federated identity architecture?

A.
Attribute assertions as agencies can request a larger set of attributes to fulfill service delivery
A.
Attribute assertions as agencies can request a larger set of attributes to fulfill service delivery
Answers
B.
Data decrease related to storing personal information
B.
Data decrease related to storing personal information
Answers
C.
Reduction in operational costs to the agency
C.
Reduction in operational costs to the agency
Answers
D.
Enable business objectives so departments can focus on mission rather than the business of identity management
D.
Enable business objectives so departments can focus on mission rather than the business of identity management
Answers
Suggested answer: C

Question 667

Report
Export
Collapse

A criminal organization is planning an attack on a government network. Which of the following is the MOST severe attack to the network availability?

A.
Network management communications is disrupted by attacker
A.
Network management communications is disrupted by attacker
Answers
B.
Operator loses control of network devices to attacker
B.
Operator loses control of network devices to attacker
Answers
C.
Sensitive information is gathered on the network topology by attacker
C.
Sensitive information is gathered on the network topology by attacker
Answers
D.
Network is flooded with communication traffic by attacker
D.
Network is flooded with communication traffic by attacker
Answers
Suggested answer: B

Question 668

Report
Export
Collapse

Limiting the processor, memory, and Input/output (I/O) capabilities of mobile code is known as

A.
code restriction.
A.
code restriction.
Answers
B.
on-demand compile.
B.
on-demand compile.
Answers
C.
sandboxing.
C.
sandboxing.
Answers
D.
compartmentalization.
D.
compartmentalization.
Answers
Suggested answer: C

Question 669

Report
Export
Collapse

Which of the following security testing strategies is BEST suited for companies with low to moderate security maturity?

A.
Load Testing
A.
Load Testing
Answers
B.
White-box testing
B.
White-box testing
Answers
C.
Black -box testing
C.
Black -box testing
Answers
D.
Performance testing
D.
Performance testing
Answers
Suggested answer: B

Question 670

Report
Export
Collapse

Which of the following are core categories of malicious attack against Internet of Things (IOT) devices?

A.
Packet capture and false data injection
A.
Packet capture and false data injection
Answers
B.
Packet capture and brute force attack
B.
Packet capture and brute force attack
Answers
C.
Node capture 3nd Structured Query Langue (SQL) injection
C.
Node capture 3nd Structured Query Langue (SQL) injection
Answers
D.
Node capture and false data injection
D.
Node capture and false data injection
Answers
Suggested answer: D
Total 1.482 questions
Go to page: of 149
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms