ExamGecko
Search Search Login
Home Home / ISC / CISSP

ISC CISSP Practice Test - Questions Answers, Page 74

Question list
Search
Search

List of questions

Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

Which of the following are all elements of a disaster recovery plan (DRP)?
All of the following items should be included in a Business Impact Analysis (BIA) questionnaire EXCEPT questions that
Which of the following would BEST support effective testing of patch compatibility when patches are applied to an organization's systems?
An organization is preparing to achieve General Data Protection Regulation (GDPR) compliance. The Chief Information Security Officer (CISO) is reviewing data protection methods. Which of the following is the BEST data protection method?
Which part of an operating system (OS) is responsible for providing security interfaces among the hardware, OS, and other parts of the computing system?
In what phase of the System Development Life Cycle (SDLC) should security training for the development team begin?
What balance MUST be considered when web application developers determine how informative application error messages should be constructed?
Backup information that is critical to the organization is identified through a
Data remanence refers to which of the following?
When assessing an organization's security policy according to standards established by the International Organization for Standardization (ISO) 27001 and 27002, when can management responsibilities be defined?

Question 731

Report
Export
Collapse

Individuals have been identified and determined as having a need-to-know for the information.

Which of the following access control methods MUST include a consistent set of rules for controlling and limiting access?

A.
Attribute Based Access Control (ABAC)
A.
Attribute Based Access Control (ABAC)
Answers
B.
Role-Based Access Control (RBAC)
B.
Role-Based Access Control (RBAC)
Answers
C.
Discretionary Access Control (DAC)
C.
Discretionary Access Control (DAC)
Answers
D.
Mandatory Access Control (MAC)
D.
Mandatory Access Control (MAC)
Answers
Suggested answer: D

Question 732

Report
Export
Collapse

When can a security program be considered effective?

A.
Audits are rec/party performed and reviewed.
A.
Audits are rec/party performed and reviewed.
Answers
B.
Vulnerabilities are proactively identified.
B.
Vulnerabilities are proactively identified.
Answers
C.
Risk is lowered to an acceptable level.
C.
Risk is lowered to an acceptable level.
Answers
D.
Badges are regulatory performed and validated
D.
Badges are regulatory performed and validated
Answers
Suggested answer: C

Question 733

Report
Export
Collapse

Which of the following is the MOST important activity an organization performs to ensure that securiy is part of the overall organization culture?

A.
Ensue security policies are issued to all employees
A.
Ensue security policies are issued to all employees
Answers
B.
Perform formal reviews of security Incidents.
B.
Perform formal reviews of security Incidents.
Answers
C.
Manage a program of security audits.
C.
Manage a program of security audits.
Answers
D.
Work with senior management to meet business goals.
D.
Work with senior management to meet business goals.
Answers
Suggested answer: C

Question 734

Report
Export
Collapse

What is the PRIMARY benefit of analyzing the partition layout of a hard disk volume when performing forensic analysis?

A.
Sectors which are not assigned to a perform may contain data that was purposely hidden.
A.
Sectors which are not assigned to a perform may contain data that was purposely hidden.
Answers
B.
Volume address information for he hard disk may have been modified.
B.
Volume address information for he hard disk may have been modified.
Answers
C.
partition tables which are not completely utilized may contain data that was purposely hidden
C.
partition tables which are not completely utilized may contain data that was purposely hidden
Answers
D.
Physical address information for the hard disk may have been modified.
D.
Physical address information for the hard disk may have been modified.
Answers
Suggested answer: A

Question 735

Report
Export
Collapse

Which of the following System and Organization Controls (SOC) report types should an organization request if they require a period of time report covering security and availability for a particular system?

A.
SOC 1 Type1
A.
SOC 1 Type1
Answers
B.
SOC 1Type2
B.
SOC 1Type2
Answers
C.
SOC 2 Type 1
C.
SOC 2 Type 1
Answers
D.
SOC 2 Type 2
D.
SOC 2 Type 2
Answers
Suggested answer: D

Question 736

Report
Export
Collapse

Which of the following is the MOST important action regarding authentication?

A.
Granting access rights
A.
Granting access rights
Answers
B.
Enrolling in the system
B.
Enrolling in the system
Answers
C.
Establishing audit controls
C.
Establishing audit controls
Answers
D.
Obtaining executive authorization
D.
Obtaining executive authorization
Answers
Suggested answer: B

Question 737

Report
Export
Collapse

Which of the following is the BEST statement for a professional to include as port of business continuity (BC) procedure?

A.
A full data backup must be done upon management request.
A.
A full data backup must be done upon management request.
Answers
B.
An incremental data backup must be done upon management request.
B.
An incremental data backup must be done upon management request.
Answers
C.
A full data backup must be done based on the needs of the business.
C.
A full data backup must be done based on the needs of the business.
Answers
D.
In incremental data backup must be done after each system change.
D.
In incremental data backup must be done after each system change.
Answers
Suggested answer: D

Question 738

Report
Export
Collapse

Additional padding may be added to the Encapsulating security protocol (ESP) trailer to provide which of the following?

A.
Data origin authentication
A.
Data origin authentication
Answers
B.
Partial traffic flow confidentiality
B.
Partial traffic flow confidentiality
Answers
C.
protection ao>ainst replay attack
C.
protection ao>ainst replay attack
Answers
D.
Access control
D.
Access control
Answers
Suggested answer: C

Question 739

Report
Export
Collapse

After a breach incident, investigators narrowed the attack to a specific network administrator's credentials. However, there was no evidence to determine how the hackers obtained the credentials.

Much of the following actions could have BEST avoided the above breach per the investigation described above?

A.
A periodic review of network access loos
A.
A periodic review of network access loos
Answers
B.
A periodic review of active users en the network
B.
A periodic review of active users en the network
Answers
C.
A periodic review of all privileged accounts actions
C.
A periodic review of all privileged accounts actions
Answers
D.
A periodic review of password strength of all users across the organization
D.
A periodic review of password strength of all users across the organization
Answers
Suggested answer: C

Question 740

Report
Export
Collapse

Which of the following is a characteristic of convert security testing?

A.
Induces less risk than over testing
A.
Induces less risk than over testing
Answers
B.
Tests staff knowledge and Implementation of the organization's security policy
B.
Tests staff knowledge and Implementation of the organization's security policy
Answers
C.
Focuses an Identifying vulnerabilities
C.
Focuses an Identifying vulnerabilities
Answers
D.
Tests and validates all security controls in the organization
D.
Tests and validates all security controls in the organization
Answers
Suggested answer: B
Total 1.482 questions
Go to page: of 149
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms