ExamGecko
Search Search Login
Home Home / ISC / CISSP

ISC CISSP Practice Test - Questions Answers, Page 93

Question list
Search
Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

Which of the following are all elements of a disaster recovery plan (DRP)?
All of the following items should be included in a Business Impact Analysis (BIA) questionnaire EXCEPT questions that
Which of the following would BEST support effective testing of patch compatibility when patches are applied to an organization's systems?
An organization is preparing to achieve General Data Protection Regulation (GDPR) compliance. The Chief Information Security Officer (CISO) is reviewing data protection methods. Which of the following is the BEST data protection method?
In what phase of the System Development Life Cycle (SDLC) should security training for the development team begin?
Which part of an operating system (OS) is responsible for providing security interfaces among the hardware, OS, and other parts of the computing system?
What balance MUST be considered when web application developers determine how informative application error messages should be constructed?
Backup information that is critical to the organization is identified through a
Data remanence refers to which of the following?
When reviewing vendor certifications for handling and processing of company data, which of the following is the BEST Service Organization Controls (SOC) certification for the vendor to possess?

Question 921

Report
Export
Collapse

Which of the following BEST describes the objectives of the Business Impact Analysis (BIA)?

A.
Identifying the events and environmental factors that can adversely affect an organization
A.
Identifying the events and environmental factors that can adversely affect an organization
Answers
B.
Identifying what is important and critical based on disruptions that can affect the organization.
B.
Identifying what is important and critical based on disruptions that can affect the organization.
Answers
C.
Establishing the need for a Business Continuity Plan (BCP) based on threats that can affect an organization
C.
Establishing the need for a Business Continuity Plan (BCP) based on threats that can affect an organization
Answers
D.
Preparing a program to create an organizational awareness for executing the Business Continuity Plan (BCP)
D.
Preparing a program to create an organizational awareness for executing the Business Continuity Plan (BCP)
Answers
Suggested answer: B

Question 922

Report
Export
Collapse

The application owner of a system that handles confidential data leaves an organization. It is anticipated that a replacement will be hired in approximately six months. During that time, which of the following should the organization do?

A.
Gram temporary access to the former application owner's account
A.
Gram temporary access to the former application owner's account
Answers
B.
Assign a temporary application owner to the system.
B.
Assign a temporary application owner to the system.
Answers
C.
Restrict access to the system until a replacement application owner rs hired.
C.
Restrict access to the system until a replacement application owner rs hired.
Answers
D.
Prevent changes to the confidential data until a replacement application owner is hired.
D.
Prevent changes to the confidential data until a replacement application owner is hired.
Answers
Suggested answer: B

Question 923

Report
Export
Collapse

Which Redundant Array c/ Independent Disks (RAID) Level does the following diagram represent?

A.
RAID 0
A.
RAID 0
Answers
B.
RAID 1
B.
RAID 1
Answers
C.
RAID 5
C.
RAID 5
Answers
D.
RAID 10
D.
RAID 10
Answers
Suggested answer: D

Question 924

Report
Export
Collapse

Which of the following is used to ensure that data mining activities Will NOT reveal sensitive data?

A.
Implement two-factor authentication on the underlying infrastructure.
A.
Implement two-factor authentication on the underlying infrastructure.
Answers
B.
Encrypt data at the field level and tightly control encryption keys.
B.
Encrypt data at the field level and tightly control encryption keys.
Answers
C.
Preprocess the databases to see if inn ...... can be disclosed from the learned patterns.
C.
Preprocess the databases to see if inn ...... can be disclosed from the learned patterns.
Answers
D.
Implement the principle of least privilege on data elements so a reduced number of users can access the database.
D.
Implement the principle of least privilege on data elements so a reduced number of users can access the database.
Answers
Suggested answer: D

Question 925

Report
Export
Collapse

Why are packet filtering routers used in low-risk environments?

A.
They are high-resolution source discrimination and identification tools.
A.
They are high-resolution source discrimination and identification tools.
Answers
B.
They are fast and flexible, and protect against Internet Protocol (IP) spoofing.
B.
They are fast and flexible, and protect against Internet Protocol (IP) spoofing.
Answers
C.
They are fast, flexible, and transparent.
C.
They are fast, flexible, and transparent.
Answers
D.
They enforce strong user authentication and audit tog generation.
D.
They enforce strong user authentication and audit tog generation.
Answers
Suggested answer: B

Question 926

Report
Export
Collapse

Which of the following protocols will allow the encrypted transfer of content on the Internet?

A.
Server Message Block (SMB)
A.
Server Message Block (SMB)
Answers
B.
Secure copy
B.
Secure copy
Answers
C.
Hypertext Transfer Protocol (HTTP)
C.
Hypertext Transfer Protocol (HTTP)
Answers
D.
Remote copy
D.
Remote copy
Answers
Suggested answer: B

Question 927

Report
Export
Collapse

What requirement MUST be met during internal security audits to ensure that all information provided is expressed as an objective assessment without risk of retaliation?

A.
The auditor must be independent and report directly to the management.
A.
The auditor must be independent and report directly to the management.
Answers
B.
The auditor must utilize automated tools to back their findings.
B.
The auditor must utilize automated tools to back their findings.
Answers
C.
The auditor must work closely with both the information Technology (IT) and security sections of an organization.
C.
The auditor must work closely with both the information Technology (IT) and security sections of an organization.
Answers
D.
The auditor must perform manual reviews of systems and processes.
D.
The auditor must perform manual reviews of systems and processes.
Answers
Suggested answer: A

Question 928

Report
Export
Collapse

In order to support the least privilege security principle when a resource is transferring within the organization from a production support system administration role to a developer role, what changes should be made to the resource's access to the production operating system (OS) directory structure?

A.
From Read Only privileges to No Access Privileges
A.
From Read Only privileges to No Access Privileges
Answers
B.
From Author privileges to Administrator privileges
B.
From Author privileges to Administrator privileges
Answers
C.
From Administrator privileges to No Access privileges
C.
From Administrator privileges to No Access privileges
Answers
D.
From No Access Privileges to Author privileges
D.
From No Access Privileges to Author privileges
Answers
Suggested answer: C

Question 929

Report
Export
Collapse

What is the FINAL step in the waterfall method for contingency planning?

A.
Maintenance
A.
Maintenance
Answers
B.
Testing
B.
Testing
Answers
C.
Implementation
C.
Implementation
Answers
D.
Training
D.
Training
Answers
Suggested answer: A

Question 930

Report
Export
Collapse

Which of the following is a security weakness in the evaluation of common criteria (CC) products?

A.
The manufacturer can state what configuration of the product is to be evaluated.
A.
The manufacturer can state what configuration of the product is to be evaluated.
Answers
B.
The product can be evaluated by labs m other countries.
B.
The product can be evaluated by labs m other countries.
Answers
C.
The Target of Evaluation's (TOE) testing environment is identical to the operating environment
C.
The Target of Evaluation's (TOE) testing environment is identical to the operating environment
Answers
D.
The evaluations are expensive and time-consuming to perform.
D.
The evaluations are expensive and time-consuming to perform.
Answers
Suggested answer: A
Total 1.482 questions
Go to page: of 149
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms