ExamGecko

ISC CISSP Practice Test - Questions Answers, Page 80

Question list
Search
Search

List of questions

Search

Question 791

Report
Export
Collapse

Functional security testing is MOST critical during which phase of the system development life cycle (SDLC)?

A.
Operations / Maintenance
A.
Operations / Maintenance
Answers
B.
Implementation
B.
Implementation
Answers
C.
Acquisition / Development
C.
Acquisition / Development
Answers
D.
Initiation
D.
Initiation
Answers
Suggested answer: B
asked 18/09/2024
Jeff Benson
44 questions

Question 792

Report
Export
Collapse

What is the threat modeling order using process for Attack simu-lation and threat analysis (PASTA)?

A.
Application decomposition, threat analysis, vulnerability detection, attack enumeration, risk/impact analysis
A.
Application decomposition, threat analysis, vulnerability detection, attack enumeration, risk/impact analysis
Answers
B.
Threat analysis, vulnerability detection, application decomposition, attack enumeration, risk/Impact analysis
B.
Threat analysis, vulnerability detection, application decomposition, attack enumeration, risk/Impact analysis
Answers
C.
Risk/impact analysis, application decomposition, threat analysis, vulnerability detection, attack enumeration
C.
Risk/impact analysis, application decomposition, threat analysis, vulnerability detection, attack enumeration
Answers
D.
Application decomposition, threat analysis, risk/impact analysis, vulnerability detection, attack enumeration
D.
Application decomposition, threat analysis, risk/impact analysis, vulnerability detection, attack enumeration
Answers
Suggested answer: A
asked 18/09/2024
alvaro Vasconcelos
35 questions

Question 793

Report
Export
Collapse

Which is the RECOMMENDED configuration mode for sensors for an intrusion prevention system (IPS) if the prevention capabilities will be used?

A.
Active
A.
Active
Answers
B.
Passive
B.
Passive
Answers
C.
Inline
C.
Inline
Answers
D.
Span
D.
Span
Answers
Suggested answer: C
asked 18/09/2024
Luis Maciel
42 questions

Question 794

Report
Export
Collapse

An organization implements a remote access server (RAS), Once users connect to the server, digital certificates are used to authenticate their identity. What type of extensible Authentication protocol (EAP) would the organization use during this authentication?

A.
Message Digest 5 (MD5)
A.
Message Digest 5 (MD5)
Answers
B.
Subscriber Identity Module (SIM)
B.
Subscriber Identity Module (SIM)
Answers
C.
Lightweight Extensible Authentication Protocol (EAP)
C.
Lightweight Extensible Authentication Protocol (EAP)
Answers
D.
Transport layer security (TLS)
D.
Transport layer security (TLS)
Answers
Suggested answer: D
asked 18/09/2024
carlos miyares
22 questions

Question 795

Report
Export
Collapse

An analysis finds unusual activity coming from a computer that was thrown away several months prior, which of the following steps ensure the proper removal of the system?

A.
Deactivation
A.
Deactivation
Answers
B.
Decommission
B.
Decommission
Answers
C.
Deploy
C.
Deploy
Answers
D.
Procure
D.
Procure
Answers
Suggested answer: B
asked 18/09/2024
Brent Varona
25 questions

Question 796

Report
Export
Collapse

As a security manger which of the following is the MOST effective practice for providing value to an organization?

A.
Assess business risk and apply security resources accordingly
A.
Assess business risk and apply security resources accordingly
Answers
B.
Coordinate security implementations with internal audit
B.
Coordinate security implementations with internal audit
Answers
C.
Achieve compliance regardless of related technical issues
C.
Achieve compliance regardless of related technical issues
Answers
D.
Identify confidential information and protect it
D.
Identify confidential information and protect it
Answers
Suggested answer: D
asked 18/09/2024
Fai Malali
30 questions

Question 797

Report
Export
Collapse

Which of the following BEST provides for non-repudiation od user account actions?

A.
Centralized authentication system
A.
Centralized authentication system
Answers
B.
File auditing system
B.
File auditing system
Answers
C.
Managed Intrusion Detection System (IDS)
C.
Managed Intrusion Detection System (IDS)
Answers
D.
Centralized logging system
D.
Centralized logging system
Answers
Suggested answer: D
asked 18/09/2024
Jonaid Alam
36 questions

Question 798

Report
Export
Collapse

What type of access control determines the authorization to resource based on pre-defined job titles within an organization?

A.
Role-Based Access Control (RBAC)
A.
Role-Based Access Control (RBAC)
Answers
B.
Role-based access control
B.
Role-based access control
Answers
C.
Non-discretionary access control
C.
Non-discretionary access control
Answers
D.
Discretionary Access Control (DAC)
D.
Discretionary Access Control (DAC)
Answers
Suggested answer: A
asked 18/09/2024
Sasha Grib
33 questions

Question 799

Report
Export
Collapse

As users switch roles within an organization, their accounts are given additional permissions to perform the duties of their new position. After a recent audit, it was discovered that many of these accounts maintained their old permissions as well. The obsolete permissions identified by the audit have been remediated and accounts have only the appropriate permissions to complete their jobs.

Which of the following is the BEST way to prevent access privilege creep?

A.
Implementing Identity and Access Management (IAM) solution
A.
Implementing Identity and Access Management (IAM) solution
Answers
B.
Time-based review and certification
B.
Time-based review and certification
Answers
C.
Internet audit
C.
Internet audit
Answers
D.
Trigger-based review and certification
D.
Trigger-based review and certification
Answers
Suggested answer: A
asked 18/09/2024
Carlos Roberto
52 questions

Question 800

Report
Export
Collapse

Continuity of operations is BEST supported by which of the following?

A.
Confidentiality, availability, and reliability
A.
Confidentiality, availability, and reliability
Answers
B.
Connectivity, reliability, and redundancy
B.
Connectivity, reliability, and redundancy
Answers
C.
Connectivity, reliability, and recovery
C.
Connectivity, reliability, and recovery
Answers
D.
Confidentiality, integrity, and availability
D.
Confidentiality, integrity, and availability
Answers
Suggested answer: B
asked 18/09/2024
Russell Ang
34 questions
Total 1.482 questions
Go to page: of 149