ExamGecko
Login
Home / ISC / CISSP / List of questions
Ask Question

ISC CISSP Practice Test - Questions Answers, Page 8

List of questions

Question 71

Report Export Collapse

Which of the following statements is TRUE of black box testing?

Only the functional specifications are known to the test planner.
Only the functional specifications are known to the test planner.
Only the source code and the design documents are known to the test planner.
Only the source code and the design documents are known to the test planner.
Only the source code and functional specifications are known to the test planner.
Only the source code and functional specifications are known to the test planner.
Only the design documents and the functional specifications are known to the test planner.
Only the design documents and the functional specifications are known to the test planner.
Suggested answer: A
asked 18/09/2024
Slawomir Marcjanski
38 questions

Question 72

Report Export Collapse

A software scanner identifies a region within a binary image having high entropy. What does this MOST likely indicate?

Encryption routines
Encryption routines
Random number generator
Random number generator
Obfuscated code
Obfuscated code
Botnet command and control
Botnet command and control
Suggested answer: C
asked 18/09/2024
Dominic Lugg
48 questions

Question 73

Report Export Collapse

Which of the following is a limitation of the Common Vulnerability Scoring System (CVSS) as it relates to conducting code review?

It has normalized severity ratings.
It has normalized severity ratings.
It has many worksheets and practices to implement.
It has many worksheets and practices to implement.
It aims to calculate the risk of published vulnerabilities.
It aims to calculate the risk of published vulnerabilities.
It requires a robust risk management framework to be put in place.
It requires a robust risk management framework to be put in place.
Suggested answer: C
asked 18/09/2024
Sivagami Narayanan
53 questions

Question 74

Report Export Collapse

Which of the following is the MOST important consideration when storing and processing Personally Identifiable Information (PII)?

Encrypt and hash all PII to avoid disclosure and tampering.
Encrypt and hash all PII to avoid disclosure and tampering.
Store PII for no more than one year.
Store PII for no more than one year.
Avoid storing PII in a Cloud Service Provider.
Avoid storing PII in a Cloud Service Provider.
Adherence to collection limitation laws and regulations.
Adherence to collection limitation laws and regulations.
Suggested answer: D
asked 18/09/2024
Francis Sailer
49 questions

Question 75

Report Export Collapse

Which of the following assessment metrics is BEST used to understand a system's vulnerability to potential exploits?

Determining the probability that the system functions safely during any time period
Determining the probability that the system functions safely during any time period
Quantifying the system's available services
Quantifying the system's available services
Identifying the number of security flaws within the system
Identifying the number of security flaws within the system
Measuring the system's integrity in the presence of failure
Measuring the system's integrity in the presence of failure
Suggested answer: C
asked 18/09/2024
Martine Cornax
41 questions

Question 76

Report Export Collapse

Which of the following is an effective method for avoiding magnetic media data remanence?

Degaussing
Degaussing
Encryption
Encryption
Data Loss Prevention (DLP)
Data Loss Prevention (DLP)
Authentication
Authentication
Suggested answer: A
asked 18/09/2024
Bashar Deeb
54 questions

Question 77

Report Export Collapse

Which of the following MUST be part of a contract to support electronic discovery of data stored in a cloud environment?

Integration with organizational directory services for authentication
Integration with organizational directory services for authentication
Tokenization of data
Tokenization of data
Accommodation of hybrid deployment models
Accommodation of hybrid deployment models
Identification of data location
Identification of data location
Suggested answer: D
asked 18/09/2024
Stefan Hupfloher
54 questions

Question 78

Report Export Collapse

When transmitting information over public networks, the decision to encrypt it should be based on

the estimated monetary value of the information.
the estimated monetary value of the information.
whether there are transient nodes relaying the transmission.
whether there are transient nodes relaying the transmission.
the level of confidentiality of the information.
the level of confidentiality of the information.
the volume of the information.
the volume of the information.
Suggested answer: C
asked 18/09/2024
Tina Christiansen
33 questions

Question 79

Report Export Collapse

Logical access control programs are MOST effective when they are

approved by external auditors.
approved by external auditors.
combined with security token technology.
combined with security token technology.
maintained by computer security officers.
maintained by computer security officers.
made part of the operating system.
made part of the operating system.
Suggested answer: D
asked 18/09/2024
mahdis khaledi
50 questions

Question 80

Report Export Collapse

Which one of the following considerations has the LEAST impact when considering transmission security?

Network availability
Network availability
Data integrity
Data integrity
Network bandwidth
Network bandwidth
Node locations
Node locations
Suggested answer: C
asked 18/09/2024
Jose Leonardo
30 questions
Total 1.482 questions
Go to page: of 149
Open VPLUS File
Convert VPLUS to PDF

Related questions

Which Open Systems Interconnection (OSI) layer(s) BEST corresponds to the network access layer in the Transmission Control Protocol/Internet Protocol (TCP/IP) model?
All of the following items should be included in a Business Impact Analysis (BIA) questionnaire EXCEPT questions that
An organization is preparing to achieve General Data Protection Regulation (GDPR) compliance. The Chief Information Security Officer (CISO) is reviewing data protection methods. Which of the following is the BEST data protection method?
Which one of the following would cause an immediate review and possible change to the security policies of an organization?
Which of the following are all elements of a disaster recovery plan (DRP)?
What is the MAIN reason for testing a Disaster Recovery Plan (DRP)?
Which of the following BEST describes the objectives of the Business Impact Analysis (BIA)?
Which of the following would BEST support effective testing of patch compatibility when patches are applied to an organization's systems?
Which part of an operating system (OS) is responsible for providing security interfaces among the hardware, OS, and other parts of the computing system?
In what phase of the System Development Life Cycle (SDLC) should security training for the development team begin?