ExamGecko
Search Search Login
Home Home / ISC / CISSP

ISC CISSP Practice Test - Questions Answers, Page 92

Question list
Search
Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

Which of the following are all elements of a disaster recovery plan (DRP)?
All of the following items should be included in a Business Impact Analysis (BIA) questionnaire EXCEPT questions that
Which of the following would BEST support effective testing of patch compatibility when patches are applied to an organization's systems?
An organization is preparing to achieve General Data Protection Regulation (GDPR) compliance. The Chief Information Security Officer (CISO) is reviewing data protection methods. Which of the following is the BEST data protection method?
In what phase of the System Development Life Cycle (SDLC) should security training for the development team begin?
What balance MUST be considered when web application developers determine how informative application error messages should be constructed?
Which part of an operating system (OS) is responsible for providing security interfaces among the hardware, OS, and other parts of the computing system?
Backup information that is critical to the organization is identified through a
Data remanence refers to which of the following?
With what frequency should monitoring of a control occur when implementing Information Security Continuous Monitoring (ISCM) solutions?

Question 911

Report
Export
Collapse

What is the HIGHEST priority in agile development?

A.
Selecting appropriate coding language
A.
Selecting appropriate coding language
Answers
B.
Managing costs of product delivery
B.
Managing costs of product delivery
Answers
C.
Early and continuous delivery of software
C.
Early and continuous delivery of software
Answers
D.
Maximizing the amount of code delivered
D.
Maximizing the amount of code delivered
Answers
Suggested answer: C

Question 912

Report
Export
Collapse

Which of the following is included in the Global System for Mobile Communications (GSM) security framework?

A.
Public-Key Infrastructure (PKI)
A.
Public-Key Infrastructure (PKI)
Answers
B.
Symmetric key cryptography
B.
Symmetric key cryptography
Answers
C.
Digital signatures
C.
Digital signatures
Answers
D.
Biometric authentication
D.
Biometric authentication
Answers
Suggested answer: C

Question 913

Report
Export
Collapse

Which of the following is the reason that transposition ciphers are easily recognizable?

A.
Key
A.
Key
Answers
B.
Block
B.
Block
Answers
C.
Stream
C.
Stream
Answers
D.
Character
D.
Character
Answers
Suggested answer: B

Question 914

Report
Export
Collapse

How is it possible to extract private keys securely stored on a cryptographic smartcard?

A.
Bluebugging
A.
Bluebugging
Answers
B.
Focused ion-beam
B.
Focused ion-beam
Answers
C.
Bluejacking
C.
Bluejacking
Answers
D.
Power analysis
D.
Power analysis
Answers
Suggested answer: D

Question 915

Report
Export
Collapse

Which of the following is an important requirement when designing a secure remote access system?

A.
Configure a Demilitarized Zone (DMZ) to ensure that user and service traffic is separated.
A.
Configure a Demilitarized Zone (DMZ) to ensure that user and service traffic is separated.
Answers
B.
Provide privileged access rights to computer files and systems.
B.
Provide privileged access rights to computer files and systems.
Answers
C.
Ensure that logging and audit controls are included.
C.
Ensure that logging and audit controls are included.
Answers
D.
Reduce administrative overhead through password self service.
D.
Reduce administrative overhead through password self service.
Answers
Suggested answer: C

Question 916

Report
Export
Collapse

Which of the following is the BEST way to mitigate circumvention of access controls?

A.
Multi-layer access controls working in isolation
A.
Multi-layer access controls working in isolation
Answers
B.
Multi-vendor approach to technology implementation
B.
Multi-vendor approach to technology implementation
Answers
C.
Multi-layer firewall architecture with Internet Protocol (IP) filtering enabled
C.
Multi-layer firewall architecture with Internet Protocol (IP) filtering enabled
Answers
D.
Multi-layer access controls with diversification of technologies
D.
Multi-layer access controls with diversification of technologies
Answers
Suggested answer: D

Question 917

Report
Export
Collapse

Which one of the following can be used to detect an anomaly in a system by keeping track of the state of files that do not normally change?\

A.
System logs
A.
System logs
Answers
B.
Anti-spyware
B.
Anti-spyware
Answers
C.
Integrity checker
C.
Integrity checker
Answers
D.
Firewall logs
D.
Firewall logs
Answers
Suggested answer: C

Question 918

Report
Export
Collapse

Which of the following is the MOST effective preventative method to identify security flaws in software?

A.
Monitor performance in production environments.
A.
Monitor performance in production environments.
Answers
B.
Perform a structured code review.
B.
Perform a structured code review.
Answers
C.
Perform application penetration testing.
C.
Perform application penetration testing.
Answers
D.
Use automated security vulnerability testing tods.
D.
Use automated security vulnerability testing tods.
Answers
Suggested answer: B

Question 919

Report
Export
Collapse

Which of the following BEST describes botnets?

A.
Computer systems on the Internet that are set up to trap people who attempt to penetrate other computer system
A.
Computer systems on the Internet that are set up to trap people who attempt to penetrate other computer system
Answers
B.
Set of related programs that protects the resources of a private network from other networks
B.
Set of related programs that protects the resources of a private network from other networks
Answers
C.
Small network inserted in a neutral zone between an organization's private network and the outside public network
C.
Small network inserted in a neutral zone between an organization's private network and the outside public network
Answers
D.
Groups of computers that are used to launch destructive attacks
D.
Groups of computers that are used to launch destructive attacks
Answers
Suggested answer: D

Question 920

Report
Export
Collapse
A.
Require the cloud 1AM provider to use declarative security instead of programmatic authentication checks.
A.
Require the cloud 1AM provider to use declarative security instead of programmatic authentication checks.
Answers
B.
Integrate a Web-Application Firewall (WAF) In reverie-proxy mode in front of the service provider.
B.
Integrate a Web-Application Firewall (WAF) In reverie-proxy mode in front of the service provider.
Answers
C.
Apply Transport layer Security (TLS) to the cloud-based authentication checks.
C.
Apply Transport layer Security (TLS) to the cloud-based authentication checks.
Answers
D.
Install an on-premise Authentication Gateway Service (AGS) In front of the service provider.
D.
Install an on-premise Authentication Gateway Service (AGS) In front of the service provider.
Answers
Suggested answer: D
Total 1.482 questions
Go to page: of 149
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms