ExamGecko
Login
Home / ISC / CISSP / List of questions
Ask Question

ISC CISSP Practice Test - Questions Answers, Page 7

List of questions

Question 61

Report Export Collapse

What is the BEST approach to addressing security issues in legacy web applications?

Debug the security issues
Debug the security issues
Migrate to newer, supported applications where possible
Migrate to newer, supported applications where possible
Conduct a security assessment
Conduct a security assessment
Protect the legacy application with a web application firewall
Protect the legacy application with a web application firewall
Suggested answer: D
asked 18/09/2024
Henri Sanrame
38 questions

Question 62

Report Export Collapse

Which of the following is a web application control that should be put into place to prevent exploitation of Operating System (OS) bugs?

Check arguments in function calls
Check arguments in function calls
Test for the security patch level of the environment
Test for the security patch level of the environment
Include logging functions
Include logging functions
Digitally sign each application module
Digitally sign each application module
Suggested answer: B
asked 18/09/2024
Mahdi Far
38 questions

Question 63

Report Export Collapse

Which of the following methods protects Personally Identifiable Information (PII) by use of a full replacement of the data element?

Transparent Database Encryption (TDE)
Transparent Database Encryption (TDE)
Column level database encryption
Column level database encryption
Volume encryption
Volume encryption
Data tokenization
Data tokenization
Suggested answer: D
asked 18/09/2024
Katrina Allangba
43 questions

Question 64

Report Export Collapse

Which of the following elements MUST a compliant EU-US Safe Harbor Privacy Policy contain?

An of how long the data subject's collected information will be retained for and how it will be eventually disposed.
An of how long the data subject's collected information will be retained for and how it will be eventually disposed.
An of who can be contacted at the organization collecting the information if corrections are required by the data subject.
An of who can be contacted at the organization collecting the information if corrections are required by the data subject.
An of the regulatory frameworks and compliance standards the information collecting organization adheres to.
An of the regulatory frameworks and compliance standards the information collecting organization adheres to.
An of all the technologies employed by the collecting organization in gathering information on the data subject.
An of all the technologies employed by the collecting organization in gathering information on the data subject.
Suggested answer: B
asked 18/09/2024
Robert Endicott
47 questions

Question 65

Report Export Collapse

What is the MOST effective countermeasure to a malicious code attack against a mobile system?

Sandbox
Sandbox
Change control
Change control
Memory management
Memory management
Public-Key Infrastructure (PKI)
Public-Key Infrastructure (PKI)
Suggested answer: A
asked 18/09/2024
mustapha amraui
41 questions

Question 66

Report Export Collapse

Which of the following is the BEST mitigation from phishing attacks?

Network activity monitoring
Network activity monitoring
Security awareness training
Security awareness training
Corporate policy and procedures
Corporate policy and procedures
Strong file and directory permissions
Strong file and directory permissions
Suggested answer: B
asked 18/09/2024
Matthew Wagner
35 questions

Question 67

Report Export Collapse

Which of the following is a physical security control that protects Automated Teller Machines (ATM) from skimming?

Anti-tampering
Anti-tampering
Secure card reader
Secure card reader
Radio Frequency (RF) scanner
Radio Frequency (RF) scanner
Intrusion Prevention System (IPS)
Intrusion Prevention System (IPS)
Suggested answer: A
asked 18/09/2024
Thomas Schmitt
49 questions

Question 68

Report Export Collapse

Which of the following is an essential element of a privileged identity lifecycle management?

Regularly perform account re-validation and approval
Regularly perform account re-validation and approval
Account provisioning based on multi-factor authentication
Account provisioning based on multi-factor authentication
Frequently review performed activities and request justification
Frequently review performed activities and request justification
Account information to be provided by supervisor or line manager
Account information to be provided by supervisor or line manager
Suggested answer: A
asked 18/09/2024
Morris Djavaheri
32 questions

Question 69

Report Export Collapse

Which of the following is ensured when hashing files during chain of custody handling?

Availability
Availability
Accountability
Accountability
Integrity
Integrity
Non-repudiation
Non-repudiation
Suggested answer: C
asked 18/09/2024
Olive Wang
44 questions

Question 70

Report Export Collapse

Which Hyper Text Markup Language 5 (HTML5) option presents a security challenge for network data leakage prevention and/or monitoring?

Cross Origin Resource Sharing (CORS)
Cross Origin Resource Sharing (CORS)
WebSockets
WebSockets
Document Object Model (DOM) trees
Document Object Model (DOM) trees
Web Interface Definition Language (IDL)
Web Interface Definition Language (IDL)
Suggested answer: B
asked 18/09/2024
Jessy Kevin NGANE OBAME
36 questions
Total 1.482 questions
Go to page: of 149
Open VPLUS File
Convert VPLUS to PDF

Related questions

Which Open Systems Interconnection (OSI) layer(s) BEST corresponds to the network access layer in the Transmission Control Protocol/Internet Protocol (TCP/IP) model?
All of the following items should be included in a Business Impact Analysis (BIA) questionnaire EXCEPT questions that
An organization is preparing to achieve General Data Protection Regulation (GDPR) compliance. The Chief Information Security Officer (CISO) is reviewing data protection methods. Which of the following is the BEST data protection method?
Which one of the following would cause an immediate review and possible change to the security policies of an organization?
Which of the following are all elements of a disaster recovery plan (DRP)?
What is the MAIN reason for testing a Disaster Recovery Plan (DRP)?
Which of the following BEST describes the objectives of the Business Impact Analysis (BIA)?
Which of the following would BEST support effective testing of patch compatibility when patches are applied to an organization's systems?
Which part of an operating system (OS) is responsible for providing security interfaces among the hardware, OS, and other parts of the computing system?
In what phase of the System Development Life Cycle (SDLC) should security training for the development team begin?