ExamGecko
Search Search Login
Home Home / ISC / CISSP

ISC CISSP Practice Test - Questions Answers, Page 75

Question list
Search
Search

List of questions

Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

Which of the following are all elements of a disaster recovery plan (DRP)?
All of the following items should be included in a Business Impact Analysis (BIA) questionnaire EXCEPT questions that
Which of the following would BEST support effective testing of patch compatibility when patches are applied to an organization's systems?
An organization is preparing to achieve General Data Protection Regulation (GDPR) compliance. The Chief Information Security Officer (CISO) is reviewing data protection methods. Which of the following is the BEST data protection method?
Which part of an operating system (OS) is responsible for providing security interfaces among the hardware, OS, and other parts of the computing system?
In what phase of the System Development Life Cycle (SDLC) should security training for the development team begin?
What balance MUST be considered when web application developers determine how informative application error messages should be constructed?
Backup information that is critical to the organization is identified through a
Data remanence refers to which of the following?
When assessing an organization's security policy according to standards established by the International Organization for Standardization (ISO) 27001 and 27002, when can management responsibilities be defined?

Question 741

Report
Export
Collapse

copyright provides protection for which of the following?

A.
Discoveries of natural phenomena
A.
Discoveries of natural phenomena
Answers
B.
New and non-obvious invention
B.
New and non-obvious invention
Answers
C.
A particular expression of an idea
C.
A particular expression of an idea
Answers
D.
Ideas expressed n literary works
D.
Ideas expressed n literary works
Answers
Suggested answer: C

Question 742

Report
Export
Collapse

An organization is required to comply with the Payment Card Industry Data Security Standard (PCIDSS), what is the MOST effective approach to safeguard digital and paper media that contains cardholder data?

A.
Use and regularity update antivirus software.
A.
Use and regularity update antivirus software.
Answers
B.
Maintain strict control over storage of media
B.
Maintain strict control over storage of media
Answers
C.
Mandate encryption of cardholder data.
C.
Mandate encryption of cardholder data.
Answers
D.
Configure firewall rules to protect the data.
D.
Configure firewall rules to protect the data.
Answers
Suggested answer: C

Question 743

Report
Export
Collapse

A vehicle of a private courier company that transports backup data for offsite storage was robbed while in transport backup data for offsite was robbed while in transit. The incident management team is now responsible to estimate the robbery, which of the following would help the incident management team to MOST effectively analyze the business impact of the robbery?

A.
Log of backup administrative actions
A.
Log of backup administrative actions
Answers
B.
Log of the transported media and its classification marking
B.
Log of the transported media and its classification marking
Answers
C.
Log of the transported media and Its detailed contents
C.
Log of the transported media and Its detailed contents
Answers
D.
Log of backed up data and their respective data custodians
D.
Log of backed up data and their respective data custodians
Answers
Suggested answer: B

Question 744

Report
Export
Collapse

When should an application invoke re-authentication in addition to initial user authentication?

A.
At the application sign-off
A.
At the application sign-off
Answers
B.
Periodically during a session
B.
Periodically during a session
Answers
C.
After a period of inactivity
C.
After a period of inactivity
Answers
D.
For each business process
D.
For each business process
Answers
Suggested answer: C

Question 745

Report
Export
Collapse

Which of the following is the MOST important reason for timely installation of software patches?

A.
Attackers may be conducting network analysis.
A.
Attackers may be conducting network analysis.
Answers
B.
Patches ere only available for a specific time.
B.
Patches ere only available for a specific time.
Answers
C.
Attackers reverse engineer the exploit from the patch.
C.
Attackers reverse engineer the exploit from the patch.
Answers
D.
Patches may not be compatible with proprietary software
D.
Patches may not be compatible with proprietary software
Answers
Suggested answer: C

Question 746

Report
Export
Collapse

Which of the following is a method of attacking internet (IP) v6 Layer 3 and Layer 4 ?

A.
Synchronize sequence numbers (SVN) flooding
A.
Synchronize sequence numbers (SVN) flooding
Answers
B.
Internet Control Message Protocol (IOP) flooring
B.
Internet Control Message Protocol (IOP) flooring
Answers
C.
Domain Name Server [DNS) cache poisoning
C.
Domain Name Server [DNS) cache poisoning
Answers
D.
Media Access Control (MAC) flooding
D.
Media Access Control (MAC) flooding
Answers
Suggested answer: A

Question 747

Report
Export
Collapse

Which of the following would present the higher annualized loss expectancy (ALE)?

A.
Fire
A.
Fire
Answers
B.
Earthquake
B.
Earthquake
Answers
C.
Windstorm
C.
Windstorm
Answers
D.
Flood
D.
Flood
Answers
Suggested answer: A

Question 748

Report
Export
Collapse

An organization wants to enable uses to authenticate across multiple security domains. To accomplish this they have decided to use Federated Identity Management (F1M). Which of the following is used behind the scenes in a FIM deployment?

A.
Standard Generalized Markup Language (SGML)
A.
Standard Generalized Markup Language (SGML)
Answers
B.
Extensible Markup Language (XML)
B.
Extensible Markup Language (XML)
Answers
C.
Security Assertion Markup Language (SAML)
C.
Security Assertion Markup Language (SAML)
Answers
D.
Transaction Authority Markup Language (XAML)
D.
Transaction Authority Markup Language (XAML)
Answers
Suggested answer: C

Question 749

Report
Export
Collapse

Which of the following is the GREATEST security risk associated with the user of identity as a service (IDaaS) when an organization its own software?

A.
Incompatibility with Federated Identity Management (FIM)
A.
Incompatibility with Federated Identity Management (FIM)
Answers
B.
Increased likelihood of confidentiality breach
B.
Increased likelihood of confidentiality breach
Answers
C.
Denial of access due to reduced availability
C.
Denial of access due to reduced availability
Answers
D.
Security Assertion Markup Language (SAM) integration
D.
Security Assertion Markup Language (SAM) integration
Answers
Suggested answer: B

Question 750

Report
Export
Collapse

In the common criteria (CC) for information technology (IT) security evaluation, increasing Evaluation Assurance Levels (EAL) results in which of the following?

A.
Increased functionality
A.
Increased functionality
Answers
B.
Increased interoperability
B.
Increased interoperability
Answers
C.
Increase in resource requirement
C.
Increase in resource requirement
Answers
D.
Increase in evaluated systems
D.
Increase in evaluated systems
Answers
Suggested answer: B
Total 1.482 questions
Go to page: of 149
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms