ExamGecko
Search Search Login
Home Home / ISC / CISSP

ISC CISSP Practice Test - Questions Answers, Page 90

Question list
Search
Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

Which of the following are all elements of a disaster recovery plan (DRP)?
All of the following items should be included in a Business Impact Analysis (BIA) questionnaire EXCEPT questions that
Which of the following would BEST support effective testing of patch compatibility when patches are applied to an organization's systems?
An organization is preparing to achieve General Data Protection Regulation (GDPR) compliance. The Chief Information Security Officer (CISO) is reviewing data protection methods. Which of the following is the BEST data protection method?
In what phase of the System Development Life Cycle (SDLC) should security training for the development team begin?
What balance MUST be considered when web application developers determine how informative application error messages should be constructed?
Which part of an operating system (OS) is responsible for providing security interfaces among the hardware, OS, and other parts of the computing system?
Backup information that is critical to the organization is identified through a
Data remanence refers to which of the following?
With what frequency should monitoring of a control occur when implementing Information Security Continuous Monitoring (ISCM) solutions?

Question 891

Report
Export
Collapse

What is the BEST method if an investigator wishes to analyze a hard drive which may be used as evidence?

A.
Leave the hard drive in place and use only verified and authenticated Operating Systems (OS) utilities ...
A.
Leave the hard drive in place and use only verified and authenticated Operating Systems (OS) utilities ...
Answers
B.
Log into the system and immediately make a copy of all relevant files to a Write Once, Read Many ...
B.
Log into the system and immediately make a copy of all relevant files to a Write Once, Read Many ...
Answers
C.
Remove the hard drive from the system and make a copy of the hard drive's contents using imaging hardware.
C.
Remove the hard drive from the system and make a copy of the hard drive's contents using imaging hardware.
Answers
D.
Use a separate bootable device to make a copy of the hard drive before booting the system and analyzing the hard drive.
D.
Use a separate bootable device to make a copy of the hard drive before booting the system and analyzing the hard drive.
Answers
Suggested answer: C

Question 892

Report
Export
Collapse

Which of the following provides the GREATEST level of data security for a Virtual Private Network (VPN) connection?

A.
Internet Protocol Payload Compression (IPComp)
A.
Internet Protocol Payload Compression (IPComp)
Answers
B.
Internet Protocol Security (IPSec)
B.
Internet Protocol Security (IPSec)
Answers
C.
Extensible Authentication Protocol (EAP)
C.
Extensible Authentication Protocol (EAP)
Answers
D.
Remote Authentication Dial-In User Service (RADIUS)
D.
Remote Authentication Dial-In User Service (RADIUS)
Answers
Suggested answer: B

Question 893

Report
Export
Collapse
A.
The signer verifies that the software being loaded is the software originated by the signer.
A.
The signer verifies that the software being loaded is the software originated by the signer.
Answers
B.
The vendor certifies the software being loaded is free of malicious code and that it was originated by the signer.
B.
The vendor certifies the software being loaded is free of malicious code and that it was originated by the signer.
Answers
C.
The signer verifies that the software being loaded is free of malicious code.
C.
The signer verifies that the software being loaded is free of malicious code.
Answers
D.
Both vendor and the signer certify the software being loaded is free of malicious code and it was originated by the signer.
D.
Both vendor and the signer certify the software being loaded is free of malicious code and it was originated by the signer.
Answers
Suggested answer: A

Question 894

Report
Export
Collapse

What is the PRIMARY objective for conducting an internal security audit?

A.
Verify that all systems and Standard Operating Procedures (SOP) are properly documented.
A.
Verify that all systems and Standard Operating Procedures (SOP) are properly documented.
Answers
B.
Verify that all personnel supporting a system are knowledgeable of their responsibilities.
B.
Verify that all personnel supporting a system are knowledgeable of their responsibilities.
Answers
C.
Verify that security controls are established following best practices.
C.
Verify that security controls are established following best practices.
Answers
D.
Verify that applicable security controls are implemented and effective.
D.
Verify that applicable security controls are implemented and effective.
Answers
Suggested answer: D

Question 895

Report
Export
Collapse

What is the PRIMARY purpose for an organization to conduct a security audit?

A.
To ensure the organization is adhering to a well-defined standard
A.
To ensure the organization is adhering to a well-defined standard
Answers
B.
To ensure the organization is applying security controls to mitigate identified risks
B.
To ensure the organization is applying security controls to mitigate identified risks
Answers
C.
To ensure the organization is configuring information systems efficiently
C.
To ensure the organization is configuring information systems efficiently
Answers
D.
To ensure the organization is documenting findings
D.
To ensure the organization is documenting findings
Answers
Suggested answer: A

Question 896

Report
Export
Collapse

Which testing method requires very limited or no information about the network infrastructure?

A.
While box
A.
While box
Answers
B.
Static
B.
Static
Answers
C.
Black box
C.
Black box
Answers
D.
Stress
D.
Stress
Answers
Suggested answer: C

Question 897

Report
Export
Collapse

Which of the following is a MAJOR concern when there is a need to preserve or retain information for future retrieval?

A.
Laws and regulations may change in the interim, making it unnecessary to retain the information.
A.
Laws and regulations may change in the interim, making it unnecessary to retain the information.
Answers
B.
The expense of retaining the information could become untenable for the organization.
B.
The expense of retaining the information could become untenable for the organization.
Answers
C.
The organization may lose track of the information and not dispose of it securely.
C.
The organization may lose track of the information and not dispose of it securely.
Answers
D.
The technology needed to retrieve the information may not be available in the future.
D.
The technology needed to retrieve the information may not be available in the future.
Answers
Suggested answer: C

Question 898

Report
Export
Collapse

Which of the following types of data would be MOST difficult to detect by a forensic examiner?

A.
Slack space data
A.
Slack space data
Answers
B.
Steganographic data
B.
Steganographic data
Answers
C.
File system deleted data
C.
File system deleted data
Answers
D.
Data stored with a different file type extension
D.
Data stored with a different file type extension
Answers
Suggested answer: C

Question 899

Report
Export
Collapse

Following a penetration test, what should an organization do FIRST?

A.
Review all security policies and procedures.
A.
Review all security policies and procedures.
Answers
B.
Ensure staff is trained in security.
B.
Ensure staff is trained in security.
Answers
C.
Determine if you need to conduct a full security assessment.
C.
Determine if you need to conduct a full security assessment.
Answers
D.
Evaluate the problems identified in the test result.
D.
Evaluate the problems identified in the test result.
Answers
Suggested answer: D

Question 900

Report
Export
Collapse

An Intrusion Detection System (IDS) is based on the general hypothesis that a security violation is associated with a pattern of system usage which can be

A.
differentiated from a normal usage pattern.
A.
differentiated from a normal usage pattern.
Answers
B.
used to detect known violations.
B.
used to detect known violations.
Answers
C.
used to detect a masquerader.
C.
used to detect a masquerader.
Answers
D.
differentiated to detect all security violations.
D.
differentiated to detect all security violations.
Answers
Suggested answer: A
Total 1.482 questions
Go to page: of 149
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms