ExamGecko
Search Search Login
Home Home / ISC / CISSP

ISC CISSP Practice Test - Questions Answers, Page 86

Question list
Search
Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

Which of the following are all elements of a disaster recovery plan (DRP)?
All of the following items should be included in a Business Impact Analysis (BIA) questionnaire EXCEPT questions that
Which of the following would BEST support effective testing of patch compatibility when patches are applied to an organization's systems?
An organization is preparing to achieve General Data Protection Regulation (GDPR) compliance. The Chief Information Security Officer (CISO) is reviewing data protection methods. Which of the following is the BEST data protection method?
In what phase of the System Development Life Cycle (SDLC) should security training for the development team begin?
What balance MUST be considered when web application developers determine how informative application error messages should be constructed?
Which part of an operating system (OS) is responsible for providing security interfaces among the hardware, OS, and other parts of the computing system?
Backup information that is critical to the organization is identified through a
Data remanence refers to which of the following?
With what frequency should monitoring of a control occur when implementing Information Security Continuous Monitoring (ISCM) solutions?

Question 851

Report
Export
Collapse

When would an organization review a Business Continuity Management (BCM) system?

A.
When major changes occur on systems
A.
When major changes occur on systems
Answers
B.
When personnel changes occur
B.
When personnel changes occur
Answers
C.
Before and after Disaster Recovery (DR) tests
C.
Before and after Disaster Recovery (DR) tests
Answers
D.
At planned intervals
D.
At planned intervals
Answers
Suggested answer: D

Question 852

Report
Export
Collapse

Which of the following is a characteristic of the independent testing of a program?

A.
Independent testing increases the likelihood that a test will expose the effect of a hidden feature.
A.
Independent testing increases the likelihood that a test will expose the effect of a hidden feature.
Answers
B.
Independent testing decreases the likelihood that a test will expose the effect of a hidden feature.
B.
Independent testing decreases the likelihood that a test will expose the effect of a hidden feature.
Answers
C.
Independent testing teams help decrease the cost of creating test data and system design specification.
C.
Independent testing teams help decrease the cost of creating test data and system design specification.
Answers
D.
Independent testing teams help identify functional requirements and Service Level Agreements (SLA)
D.
Independent testing teams help identify functional requirements and Service Level Agreements (SLA)
Answers
Suggested answer: A

Question 853

Report
Export
Collapse

Which of the following MUST be considered when developing business rules for a data loss prevention (DLP) solution?

A.
Data availability
A.
Data availability
Answers
B.
Data sensitivity
B.
Data sensitivity
Answers
C.
Data ownership
C.
Data ownership
Answers
D.
Data integrity
D.
Data integrity
Answers
Suggested answer: B

Question 854

Report
Export
Collapse

What is the BEST approach for maintaining ethics when a security professional is unfamiliar with the culture of a country and is asked to perform a questionable task?

A.
Exercise due diligence when deciding to circumvent host government requests.
A.
Exercise due diligence when deciding to circumvent host government requests.
Answers
B.
Become familiar with the means in which the code of ethics is applied and considered.
B.
Become familiar with the means in which the code of ethics is applied and considered.
Answers
C.
Complete the assignment based on the customer's wishes.
C.
Complete the assignment based on the customer's wishes.
Answers
D.
Execute according to the professional's comfort level with the code of ethics.
D.
Execute according to the professional's comfort level with the code of ethics.
Answers
Suggested answer: B

Question 855

Report
Export
Collapse

Which of the following activities is MOST likely to be performed during a vulnerability assessment?

A.
Establish caller authentication procedures to verify the identities of users.
A.
Establish caller authentication procedures to verify the identities of users.
Answers
B.
Analyze the environment by conducting interview sessions with relevant parties.
B.
Analyze the environment by conducting interview sessions with relevant parties.
Answers
C.
Document policy exceptions required to access systems in non-compliant areas.
C.
Document policy exceptions required to access systems in non-compliant areas.
Answers
D.
Review professorial credentials of the vulnerability assessment team or vendor.
D.
Review professorial credentials of the vulnerability assessment team or vendor.
Answers
Suggested answer: D

Question 856

Report
Export
Collapse

Which of the following is the BEST defense against password guessing?

A.
Limit external connections to the network.
A.
Limit external connections to the network.
Answers
B.
Disable the account after a limited number of unsuccessful attempts.
B.
Disable the account after a limited number of unsuccessful attempts.
Answers
C.
Force the password to be changed after an invalid password has been entered.
C.
Force the password to be changed after an invalid password has been entered.
Answers
D.
Require a combination of letters, numbers, and special characters in the password.
D.
Require a combination of letters, numbers, and special characters in the password.
Answers
Suggested answer: D

Question 857

Report
Export
Collapse

Why would a security architect specify that a default route pointing to a sinkhole be injected into internal networks?

A.
To have firewalls route all network traffic
A.
To have firewalls route all network traffic
Answers
B.
To detect the traffic destined to non-existent network destinations
B.
To detect the traffic destined to non-existent network destinations
Answers
C.
To exercise authority over the network department
C.
To exercise authority over the network department
Answers
D.
To re-inject the route into external networks
D.
To re-inject the route into external networks
Answers
Suggested answer: B

Question 858

Report
Export
Collapse

Which one of the following documentation should be included in a Disaster Recovery (DR) package?

A.
Source code, compiled code, firmware updates, operational log book and manuals.
A.
Source code, compiled code, firmware updates, operational log book and manuals.
Answers
B.
Data encrypted in original format, auditable transaction data, and recovery instructions for future extraction on demand.
B.
Data encrypted in original format, auditable transaction data, and recovery instructions for future extraction on demand.
Answers
C.
Hardware configuration instructions, hardware configuration software, an operating system image, a data restoration option, media retrieval instructions, ...
C.
Hardware configuration instructions, hardware configuration software, an operating system image, a data restoration option, media retrieval instructions, ...
Answers
D.
System configuration including hardware, software, hardware, interfaces, software Application Programming Interface (API) configuration, data structure, ....
D.
System configuration including hardware, software, hardware, interfaces, software Application Programming Interface (API) configuration, data structure, ....
Answers
Suggested answer: C

Question 859

Report
Export
Collapse

How long should the records on a project be retained?

A.
For the duration of the project, or at the discretion of the record owner
A.
For the duration of the project, or at the discretion of the record owner
Answers
B.
Until they are no longer useful or required by policy
B.
Until they are no longer useful or required by policy
Answers
C.
Until five years after the project ends, then move to archives
C.
Until five years after the project ends, then move to archives
Answers
D.
For the duration of the organization fiscal year
D.
For the duration of the organization fiscal year
Answers
Suggested answer: B

Question 860

Report
Export
Collapse

Which of the following phases involves researching a target's configuration from public sources when performing a penetration test?

A.
Information gathering
A.
Information gathering
Answers
B.
Social engineering
B.
Social engineering
Answers
C.
Target selection
C.
Target selection
Answers
D.
Traffic enumeration
D.
Traffic enumeration
Answers
Suggested answer: A
Total 1.482 questions
Go to page: of 149
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms