ExamGecko
Search Search Login
Home Home / ISC / CISSP

ISC CISSP Practice Test - Questions Answers, Page 82

Question list
Search
Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

Which of the following are all elements of a disaster recovery plan (DRP)?
All of the following items should be included in a Business Impact Analysis (BIA) questionnaire EXCEPT questions that
Which of the following would BEST support effective testing of patch compatibility when patches are applied to an organization's systems?
An organization is preparing to achieve General Data Protection Regulation (GDPR) compliance. The Chief Information Security Officer (CISO) is reviewing data protection methods. Which of the following is the BEST data protection method?
Which part of an operating system (OS) is responsible for providing security interfaces among the hardware, OS, and other parts of the computing system?
In what phase of the System Development Life Cycle (SDLC) should security training for the development team begin?
What balance MUST be considered when web application developers determine how informative application error messages should be constructed?
Backup information that is critical to the organization is identified through a
Data remanence refers to which of the following?
When assessing an organization's security policy according to standards established by the International Organization for Standardization (ISO) 27001 and 27002, when can management responsibilities be defined?

Question 811

Report
Export
Collapse

Which of the following is the PRIMARY reason a sniffer operating on a network is collecting packets only from its own host?

A.
An Intrusion Detection System (IDS) has dropped the packets.
A.
An Intrusion Detection System (IDS) has dropped the packets.
Answers
B.
The network is connected using switches.
B.
The network is connected using switches.
Answers
C.
The network is connected using hubs.
C.
The network is connected using hubs.
Answers
D.
The network's firewall does not allow sniffing.
D.
The network's firewall does not allow sniffing.
Answers
Suggested answer: A

Question 812

Report
Export
Collapse

Which of the following is the final phase of the identity and access provisioning lifecycle?

A.
Recertification
A.
Recertification
Answers
B.
Revocation
B.
Revocation
Answers
C.
Removal
C.
Removal
Answers
D.
Validation
D.
Validation
Answers
Suggested answer: B

Explanation:

Reference:

https://books.google.com.pk/books?id=W2TvAgAAQBAJ&pg=PA256&lpg=PA256&dq=process+in+the+access+provisioning+lifecycle+that+will+MOST+likely+identify+access+aggregation+issues&source=bl&ots=OBJo9fbGP3&sig=ACfU3U1eAWDu3q4EoiusrOi_hvtu6WyaIg&hl=en&sa=X&ved=2ahUKEwiu-Mac0anpAhXIxIUKHQi2BFsQ6AEwAXoECBAQAQ#v=onepage&q=process%20in%20the%20access%20provisioning%20lifecycle%20that%20will%20MOST%20likely%20identify%20access%20aggregation%20issues&f=false

Question 813

Report
Export
Collapse

Which of the following is mobile device remote fingerprinting?

A.
Installing an application to retrieve common characteristics of the device
A.
Installing an application to retrieve common characteristics of the device
Answers
B.
Storing information about a remote device in a cookie file
B.
Storing information about a remote device in a cookie file
Answers
C.
Identifying a device based on common characteristics shared by all devices of a certain type
C.
Identifying a device based on common characteristics shared by all devices of a certain type
Answers
D.
Retrieving the serial number of the mobile device
D.
Retrieving the serial number of the mobile device
Answers
Suggested answer: C

Question 814

Report
Export
Collapse

Which of the following trust services principles refers to the accessibility of information used by the systems, products, or services offered to a third-party provider's customers?

A.
Security
A.
Security
Answers
B.
Privacy
B.
Privacy
Answers
C.
Access
C.
Access
Answers
D.
Availability
D.
Availability
Answers
Suggested answer: C

Explanation:

Reference:

https://www.aicpa.org/content/dam/aicpa/interestareas/frc/assuranceadvisoryservices/downloadabledocuments/trust-services-criteria.pdf

Question 815

Report
Export
Collapse

Which of the following open source software issues pose the MOST risk to an application?

A.
The software is beyond end of life and the vendor is out of business.
A.
The software is beyond end of life and the vendor is out of business.
Answers
B.
The software is not used or popular in the development community.
B.
The software is not used or popular in the development community.
Answers
C.
The software has multiple Common Vulnerabilities and Exposures (CVE) and only some are remediated.
C.
The software has multiple Common Vulnerabilities and Exposures (CVE) and only some are remediated.
Answers
D.
The software has multiple Common Vulnerabilities and Exposures (CVE) but the CVEs are classified as low risks.
D.
The software has multiple Common Vulnerabilities and Exposures (CVE) but the CVEs are classified as low risks.
Answers
Suggested answer: D

Question 816

Report
Export
Collapse

Which of the following is the PRIMARY mechanism used to limit the range of objects available to a given subject within different execution domains?

A.
Process isolation
A.
Process isolation
Answers
B.
Data hiding and abstraction
B.
Data hiding and abstraction
Answers
C.
Use of discrete layering and Application Programming Interfaces (API)
C.
Use of discrete layering and Application Programming Interfaces (API)
Answers
D.
Virtual Private Network (VPN)
D.
Virtual Private Network (VPN)
Answers
Suggested answer: C

Explanation:

Reference:

https://books.google.com.pk/books?id=LnjxBwAAQBAJ&pg=PT504&lpg=PT504&dq=CISSP+mechanism+used+to+limit+the+range+of+objects+available+to+a+given+subject+within+different+execution+domains&source=bl&ots=VLJY4mkZy&sig=ACfU3U1adsKRObtT_l3tYTCLfHjS6gvLtg&hl=en&sa=X&ved=2ahUKEwi_jIPw16npAhWsxoUKHVoSA4AQ6AEwAHoECBMQAQ#v=onepage&q=CISSP%20mechanism%20used%20to%20limit%20the%20range%20of%20objects%20available%20to%20a%20given%20subject%20within%20different%20execution%20domains&f=false

Question 817

Report
Export
Collapse

Once the types of information have been identified, who should an information security practitioner work with to ensure that the information is properly categorized?

A.
Information Owner (IO)
A.
Information Owner (IO)
Answers
B.
System Administrator
B.
System Administrator
Answers
C.
Business Continuity (BC) Manager
C.
Business Continuity (BC) Manager
Answers
D.
Chief Information Officer (CIO)
D.
Chief Information Officer (CIO)
Answers
Suggested answer: A

Question 818

Report
Export
Collapse

What should be the FIRST action for a security administrator who detects an intrusion on the network based on precursors and other indicators?

A.
Isolate and contain the intrusion.
A.
Isolate and contain the intrusion.
Answers
B.
Notify system and application owners.
B.
Notify system and application owners.
Answers
C.
Apply patches to the Operating Systems (OS).
C.
Apply patches to the Operating Systems (OS).
Answers
D.
Document and verify the intrusion.
D.
Document and verify the intrusion.
Answers
Suggested answer: C

Explanation:

Reference: https://securityintelligence.com/dont-dwell-on-it-how-to-detect-a-breach-on-yournetwork-more-efficiently/

Question 819

Report
Export
Collapse

Which of the following needs to be taken into account when assessing vulnerability?

A.
Risk identification and validation
A.
Risk identification and validation
Answers
B.
Threat mapping
B.
Threat mapping
Answers
C.
Risk acceptance criteria
C.
Risk acceptance criteria
Answers
D.
Safeguard selection
D.
Safeguard selection
Answers
Suggested answer: A

Explanation:

Reference:

https://books.google.com.pk/books?id=9gCn86CmsNQC&pg=PA478&lpg=PA478&dq=CISSP+taken+into+account+when+assessing+vulnerability&source=bl&ots=riGvVpNN7I&sig=ACfU3U1isazG0OJlZdAAy91LvAW_rbXdAQ&hl=en&sa=X&ved=2ahUKEwj6p9vg4qnpAhUNxYUKHdODDZ4Q6AEwDHoECBMQAQ#v=onepage&q=CISSP%20taken%20into%20account%20when%20assessing%20vulnerability&f=false

Question 820

Report
Export
Collapse

For the purpose of classification, which of the following is used to divide trust domain and trust boundaries?

A.
Network architecture
A.
Network architecture
Answers
B.
Integrity
B.
Integrity
Answers
C.
Identity Management (IdM)
C.
Identity Management (IdM)
Answers
D.
Confidentiality management
D.
Confidentiality management
Answers
Suggested answer: A
Total 1.482 questions
Go to page: of 149
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms