ExamGecko
Search Search Login
Home Home / ISC / CISSP

ISC CISSP Practice Test - Questions Answers, Page 79

Question list
Search
Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

Which of the following are all elements of a disaster recovery plan (DRP)?
All of the following items should be included in a Business Impact Analysis (BIA) questionnaire EXCEPT questions that
Which of the following would BEST support effective testing of patch compatibility when patches are applied to an organization's systems?
An organization is preparing to achieve General Data Protection Regulation (GDPR) compliance. The Chief Information Security Officer (CISO) is reviewing data protection methods. Which of the following is the BEST data protection method?
Which part of an operating system (OS) is responsible for providing security interfaces among the hardware, OS, and other parts of the computing system?
In what phase of the System Development Life Cycle (SDLC) should security training for the development team begin?
What balance MUST be considered when web application developers determine how informative application error messages should be constructed?
Backup information that is critical to the organization is identified through a
Data remanence refers to which of the following?
When assessing an organization's security policy according to standards established by the International Organization for Standardization (ISO) 27001 and 27002, when can management responsibilities be defined?

Question 781

Report
Export
Collapse

Which of the following media is LEAST problematic with data remanence?

A.
Dynamic Random Access Memory (DRAM)
A.
Dynamic Random Access Memory (DRAM)
Answers
B.
Electrically Erasable Programming Read-Only Memory (BPRCM)
B.
Electrically Erasable Programming Read-Only Memory (BPRCM)
Answers
C.
Flash memory
C.
Flash memory
Answers
D.
Magnetic disk
D.
Magnetic disk
Answers
Suggested answer: A

Question 782

Report
Export
Collapse

Which open standard could l large corporation deploy for authorization services for single sign-on (SSO) use across multiple internal and external application?

A.
Terminal Access Controller Access Control System (TACACS)
A.
Terminal Access Controller Access Control System (TACACS)
Answers
B.
Security Assertion Markup Language (SAML)
B.
Security Assertion Markup Language (SAML)
Answers
C.
Lightweight Directory Access Protocol (LDAP)
C.
Lightweight Directory Access Protocol (LDAP)
Answers
D.
Active Directory Federation Services (ADFS)
D.
Active Directory Federation Services (ADFS)
Answers
Suggested answer: B

Question 783

Report
Export
Collapse

Which of the following statements is TRUE regarding equivalence class testing?

A.
Test inputs are obtained from the derived boundaries of the given functional specifications.
A.
Test inputs are obtained from the derived boundaries of the given functional specifications.
Answers
B.
It is characterized by the stateless behavior of a process implemented in a function.
B.
It is characterized by the stateless behavior of a process implemented in a function.
Answers
C.
An entire partition can be covered by considering only one representative value from that partition.
C.
An entire partition can be covered by considering only one representative value from that partition.
Answers
D.
It is useful for testing communications protocols and graphical user interfaces.
D.
It is useful for testing communications protocols and graphical user interfaces.
Answers
Suggested answer: C

Question 784

Report
Export
Collapse

A large corporation is looking for a solution to automate access based on where the request is coming from, who the user is, what device they are connecting with, and what and time of day they are attempting this access. What type of solution would suit their needs?

A.
Mandatory Access Control (MAC)
A.
Mandatory Access Control (MAC)
Answers
B.
Network Access Control (NAC)
B.
Network Access Control (NAC)
Answers
C.
Role Based Access Control (RBAC)
C.
Role Based Access Control (RBAC)
Answers
D.
Discretionary Access Control (DAC)
D.
Discretionary Access Control (DAC)
Answers
Suggested answer: B

Question 785

Report
Export
Collapse

Which of the following techniques is MOST useful when dealing with Advanced persistent Threat (APT) intrusions on live virtualized environments?

A.
Antivirus operations
A.
Antivirus operations
Answers
B.
Reverse engineering
B.
Reverse engineering
Answers
C.
Memory forensics
C.
Memory forensics
Answers
D.
Logfile analysis
D.
Logfile analysis
Answers
Suggested answer: B

Question 786

Report
Export
Collapse

Which of the following MUST an organization do to effectively communicate is security strategy to all affected parties?

A.
Involve representatives from each key organizational area.
A.
Involve representatives from each key organizational area.
Answers
B.
Provide regular updates to the board of directors.
B.
Provide regular updates to the board of directors.
Answers
C.
Notify staff of changes to the strategy.
C.
Notify staff of changes to the strategy.
Answers
D.
Remove potential communication barriers.
D.
Remove potential communication barriers.
Answers
Suggested answer: C

Question 787

Report
Export
Collapse

When using Security Assertion markup language (SAML), it is assumed that the principal subject

A.
accepts persistent cookies from the system.
A.
accepts persistent cookies from the system.
Answers
B.
allows Secure Sockets Layer (SSL) for data exchanges.
B.
allows Secure Sockets Layer (SSL) for data exchanges.
Answers
C.
is on a system that supports remote authorization.
C.
is on a system that supports remote authorization.
Answers
D.
enrolls with at least one identity provider.
D.
enrolls with at least one identity provider.
Answers
Suggested answer: D

Question 788

Report
Export
Collapse

A client has reviewed a vulnerability assessment report and has stated it is inaccurate. The client states that the vulnerabilities listed are not valid because the host's Operating system (OS) was not properly detected.

Where in the vulnerability assessment process did the error MOST likely occur?

A.
Enumeration
A.
Enumeration
Answers
B.
Detection
B.
Detection
Answers
C.
Reporting
C.
Reporting
Answers
D.
Discovery
D.
Discovery
Answers
Suggested answer: A

Question 789

Report
Export
Collapse

Which of the below strategies would MOST comprehensively address the risk of malicious insiders leaking sensitive information?

A.
Data Loss Protection (DIP), firewalls, data classification
A.
Data Loss Protection (DIP), firewalls, data classification
Answers
B.
Least privilege access, Data Loss Protection (DLP), physical access controls
B.
Least privilege access, Data Loss Protection (DLP), physical access controls
Answers
C.
Staff vetting, least privilege access, Data Loss Protection (DLP)
C.
Staff vetting, least privilege access, Data Loss Protection (DLP)
Answers
D.
Background checks, data encryption, web proxies
D.
Background checks, data encryption, web proxies
Answers
Suggested answer: B

Question 790

Report
Export
Collapse

What is the FIRST step required in establishing a records retention program?

A.
Identify and inventory all records storage locations.
A.
Identify and inventory all records storage locations.
Answers
B.
Classify records based on sensitivity.
B.
Classify records based on sensitivity.
Answers
C.
Identify and inventory all records.
C.
Identify and inventory all records.
Answers
D.
Draft a records retention policy.
D.
Draft a records retention policy.
Answers
Suggested answer: D
Total 1.482 questions
Go to page: of 149
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms