ExamGecko
Search Search Login
Home Home / ISC / CISSP

ISC CISSP Practice Test - Questions Answers, Page 88

Question list
Search
Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

Which of the following are all elements of a disaster recovery plan (DRP)?
All of the following items should be included in a Business Impact Analysis (BIA) questionnaire EXCEPT questions that
Which of the following would BEST support effective testing of patch compatibility when patches are applied to an organization's systems?
An organization is preparing to achieve General Data Protection Regulation (GDPR) compliance. The Chief Information Security Officer (CISO) is reviewing data protection methods. Which of the following is the BEST data protection method?
In what phase of the System Development Life Cycle (SDLC) should security training for the development team begin?
What balance MUST be considered when web application developers determine how informative application error messages should be constructed?
Which part of an operating system (OS) is responsible for providing security interfaces among the hardware, OS, and other parts of the computing system?
Backup information that is critical to the organization is identified through a
Data remanence refers to which of the following?
With what frequency should monitoring of a control occur when implementing Information Security Continuous Monitoring (ISCM) solutions?

Question 871

Report
Export
Collapse

Which of the following is used to support the concept of defense in depth during the development phase of a software product?

A.
Maintenance hooks
A.
Maintenance hooks
Answers
B.
Polyinstiation
B.
Polyinstiation
Answers
C.
Known vulnerability list
C.
Known vulnerability list
Answers
D.
Security auditing
D.
Security auditing
Answers
Suggested answer: B

Question 872

Report
Export
Collapse

An organization is considering outsourcing applications and data to a Cloud Service Provider (CSP). Which of the following is the MOST important concern regarding privacy?

A.
The CSP determines data criticality.
A.
The CSP determines data criticality.
Answers
B.
The CSP provides end-to-end encryption services.
B.
The CSP provides end-to-end encryption services.
Answers
C.
The CSP's privacy policy may be developer by the organization.
C.
The CSP's privacy policy may be developer by the organization.
Answers
D.
The CSP may not be subject to the organization's country legation.
D.
The CSP may not be subject to the organization's country legation.
Answers
Suggested answer: D

Question 873

Report
Export
Collapse

Individual access to a network is BEST determined based on

A.
risk matrix.
A.
risk matrix.
Answers
B.
value of the data.
B.
value of the data.
Answers
C.
business need.
C.
business need.
Answers
D.
data classification.
D.
data classification.
Answers
Suggested answer: C

Question 874

Report
Export
Collapse

The MAIN task of promoting security for Personal Computers (PC) is

A.
understanding the technical controls and ensuring they are correctly installed.
A.
understanding the technical controls and ensuring they are correctly installed.
Answers
B.
understanding the required systems and patching processes for different Operating Systems (OS).
B.
understanding the required systems and patching processes for different Operating Systems (OS).
Answers
C.
making sure that users are using only valid, authorized software, so that the chance of virus infection
C.
making sure that users are using only valid, authorized software, so that the chance of virus infection
Answers
D.
making users understand the risks to the machines and data, so they will take appropriate steps to project them.
D.
making users understand the risks to the machines and data, so they will take appropriate steps to project them.
Answers
Suggested answer: C

Question 875

Report
Export
Collapse

The Secure Shell (SSH) version 2 protocol supports.

A.
availability, accountability, compression, and integrity,
A.
availability, accountability, compression, and integrity,
Answers
B.
authentication, availability, confidentiality, and integrity.
B.
authentication, availability, confidentiality, and integrity.
Answers
C.
accountability, compression, confidentiality, and integrity.
C.
accountability, compression, confidentiality, and integrity.
Answers
D.
authentication, compression, confidentiality, and integrity.
D.
authentication, compression, confidentiality, and integrity.
Answers
Suggested answer: D

Question 876

Report
Export
Collapse

What protocol is often used between gateway hosts on the Internet' To control the scope of a Business Continuity Management (BCM) system, a security practitioner should identify which of the following?

A.
Size, nature, and complexity of the organization
A.
Size, nature, and complexity of the organization
Answers
B.
Business needs of the security organization
B.
Business needs of the security organization
Answers
C.
All possible risks
C.
All possible risks
Answers
D.
Adaptation model for future recovery planning
D.
Adaptation model for future recovery planning
Answers
Suggested answer: B

Question 877

Report
Export
Collapse

Which of the following management processes allots ONLY those services required for users to accomplish their tasks, change default user passwords, and set servers to retrieve antivirus updates?

A.
Compliance
A.
Compliance
Answers
B.
Configuration
B.
Configuration
Answers
C.
Identity
C.
Identity
Answers
D.
Patch
D.
Patch
Answers
Suggested answer: B

Question 878

Report
Export
Collapse

Which of the following practices provides the development team with a definition of security and identification of threats in designing software?

A.
Penetration testing
A.
Penetration testing
Answers
B.
Stakeholder review
B.
Stakeholder review
Answers
C.
Threat modeling
C.
Threat modeling
Answers
D.
Requirements review
D.
Requirements review
Answers
Suggested answer: C

Question 879

Report
Export
Collapse

Which of the following is a peor entity authentication method for Point-to-Point Protocol (PPP)?

A.
Challenge Handshake Authentication Protocol (CHAP)
A.
Challenge Handshake Authentication Protocol (CHAP)
Answers
B.
Message Authentication Code (MAC)
B.
Message Authentication Code (MAC)
Answers
C.
Transport Layer Security (TLS) handshake protocol
C.
Transport Layer Security (TLS) handshake protocol
Answers
D.
Challenge-response authentication mechanism
D.
Challenge-response authentication mechanism
Answers
Suggested answer: A

Question 880

Report
Export
Collapse

What form of attack could this represent?

A.
A Denial of Service (DoS) attack against the gateway router because the router can no longer accept packets from
A.
A Denial of Service (DoS) attack against the gateway router because the router can no longer accept packets from
Answers
B.
A transport layer attack that prevents the resolution of 10.102.10.6 address
B.
A transport layer attack that prevents the resolution of 10.102.10.6 address
Answers
C.
A Denial of Service (DoS) attack against 10.102.10.2 because it cannot respond correctly to ARP requests
C.
A Denial of Service (DoS) attack against 10.102.10.2 because it cannot respond correctly to ARP requests
Answers
D.
A masquerading attack that sends packets intended for 10.102.10.6 to 10.102.10.2
D.
A masquerading attack that sends packets intended for 10.102.10.6 to 10.102.10.2
Answers
Suggested answer: D
Total 1.482 questions
Go to page: of 149
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms