ExamGecko
Search Search Login
Home Home / ISC / CISSP

ISC CISSP Practice Test - Questions Answers, Page 71

Question list
Search
Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

Which of the following are all elements of a disaster recovery plan (DRP)?
All of the following items should be included in a Business Impact Analysis (BIA) questionnaire EXCEPT questions that
Which of the following would BEST support effective testing of patch compatibility when patches are applied to an organization's systems?
An organization is preparing to achieve General Data Protection Regulation (GDPR) compliance. The Chief Information Security Officer (CISO) is reviewing data protection methods. Which of the following is the BEST data protection method?
Which part of an operating system (OS) is responsible for providing security interfaces among the hardware, OS, and other parts of the computing system?
In what phase of the System Development Life Cycle (SDLC) should security training for the development team begin?
What balance MUST be considered when web application developers determine how informative application error messages should be constructed?
Backup information that is critical to the organization is identified through a
Data remanence refers to which of the following?
When assessing an organization's security policy according to standards established by the International Organization for Standardization (ISO) 27001 and 27002, when can management responsibilities be defined?

Question 701

Report
Export
Collapse

If a content management system (CMC) is implemented, which one of the following would occur?

A.
Developers would no longer have access to production systems
A.
Developers would no longer have access to production systems
Answers
B.
The applications placed into production would be secure
B.
The applications placed into production would be secure
Answers
C.
Patching the systems would be completed more quickly
C.
Patching the systems would be completed more quickly
Answers
D.
The test and production systems would be running the same software
D.
The test and production systems would be running the same software
Answers
Suggested answer: D

Question 702

Report
Export
Collapse

Which of the following is the BEST identity-as-a-service (IDaaS) solution for validating users?

A.
Lightweight Directory Access Protocol (LDAP)
A.
Lightweight Directory Access Protocol (LDAP)
Answers
B.
Security Assertion Markup Language (SAM.)
B.
Security Assertion Markup Language (SAM.)
Answers
C.
Single Sign-on (SSO)
C.
Single Sign-on (SSO)
Answers
D.
Open Authentication (OAuth)
D.
Open Authentication (OAuth)
Answers
Suggested answer: A

Question 703

Report
Export
Collapse

Which layer handle packet fragmentation and reassembly in the Open system interconnection (OSI) Reference model?

A.
Session
A.
Session
Answers
B.
Transport
B.
Transport
Answers
C.
Data Link
C.
Data Link
Answers
D.
Network
D.
Network
Answers
Suggested answer: B

Question 704

Report
Export
Collapse

What is the most effective form of media sanitization to ensure residual data cannot be retrieved?

A.
Clearing
A.
Clearing
Answers
B.
Destroying
B.
Destroying
Answers
C.
Purging
C.
Purging
Answers
D.
Disposal
D.
Disposal
Answers
Suggested answer: B

Question 705

Report
Export
Collapse

Why is lexical obfuscation in software development discouraged by many organizations?

A.
Problems writing test cases
A.
Problems writing test cases
Answers
B.
Problems recovering systems after disaster
B.
Problems recovering systems after disaster
Answers
C.
Problems compiling the code
C.
Problems compiling the code
Answers
D.
Problems maintaining data connections
D.
Problems maintaining data connections
Answers
Suggested answer: C

Question 706

Report
Export
Collapse

What steps can be taken to prepare personally identifiable information (PII) for processing by a third party?

A.
It is not necessary to protect PII as long as it is in the hands of the provider.
A.
It is not necessary to protect PII as long as it is in the hands of the provider.
Answers
B.
A security agreement with a Cloud Service Provider (CSP) was required so there is no concern.
B.
A security agreement with a Cloud Service Provider (CSP) was required so there is no concern.
Answers
C.
The personal information should be maintained separately connected with a one-way reference.
C.
The personal information should be maintained separately connected with a one-way reference.
Answers
D.
The personal information can be hashed and then the data can be sent to an outside processor.
D.
The personal information can be hashed and then the data can be sent to an outside processor.
Answers
Suggested answer: C

Question 707

Report
Export
Collapse

Why are mobile devices something difficult to investigate in a forensic examination?

A.
There are no forensics tools available for examination.
A.
There are no forensics tools available for examination.
Answers
B.
They may have proprietary software installed to protect them.
B.
They may have proprietary software installed to protect them.
Answers
C.
They may contain cryptographic protection.
C.
They may contain cryptographic protection.
Answers
D.
They have password-based security at logon.
D.
They have password-based security at logon.
Answers
Suggested answer: B

Question 708

Report
Export
Collapse

Which of the following is a characteristic of a challenge/response authentication process?

A.
Presenting distorted graphics of text for authentication
A.
Presenting distorted graphics of text for authentication
Answers
B.
Transmitting a hash based on the user's password
B.
Transmitting a hash based on the user's password
Answers
C.
Using a password history blacklist
C.
Using a password history blacklist
Answers
D.
Requiring the use of non-consecutive numeric characters
D.
Requiring the use of non-consecutive numeric characters
Answers
Suggested answer: A

Question 709

Report
Export
Collapse

Which of the following features is MOST effective in mitigating against theft of data on a corporate mobile device Which has stolen?

A.
Whole device encryption with key escrow
A.
Whole device encryption with key escrow
Answers
B.
Mobile Device Management (MDMJ with device wipe
B.
Mobile Device Management (MDMJ with device wipe
Answers
C.
Mobile device tracking with geolocation
C.
Mobile device tracking with geolocation
Answers
D.
Virtual Private Network (VPN) with traffic encryption
D.
Virtual Private Network (VPN) with traffic encryption
Answers
Suggested answer: B

Question 710

Report
Export
Collapse

Which of the following will help identify the source internet protocol (IP) address of malware being exected on a computer?

A.
List of open network connections
A.
List of open network connections
Answers
B.
Display Transmission Control Protocol/Internet Protocol (TCP/IP) network configuration information.
B.
Display Transmission Control Protocol/Internet Protocol (TCP/IP) network configuration information.
Answers
C.
List of running processes
C.
List of running processes
Answers
D.
Display the Address Resolution Protocol (APP) table.
D.
Display the Address Resolution Protocol (APP) table.
Answers
Suggested answer: A
Total 1.482 questions
Go to page: of 149
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms