ExamGecko
Search Search Login
Home Home / ISC / CISSP

ISC CISSP Practice Test - Questions Answers, Page 94

Question list
Search
Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

Which of the following are all elements of a disaster recovery plan (DRP)?
All of the following items should be included in a Business Impact Analysis (BIA) questionnaire EXCEPT questions that
Which of the following would BEST support effective testing of patch compatibility when patches are applied to an organization's systems?
An organization is preparing to achieve General Data Protection Regulation (GDPR) compliance. The Chief Information Security Officer (CISO) is reviewing data protection methods. Which of the following is the BEST data protection method?
In what phase of the System Development Life Cycle (SDLC) should security training for the development team begin?
Which part of an operating system (OS) is responsible for providing security interfaces among the hardware, OS, and other parts of the computing system?
What balance MUST be considered when web application developers determine how informative application error messages should be constructed?
Backup information that is critical to the organization is identified through a
Data remanence refers to which of the following?
When reviewing vendor certifications for handling and processing of company data, which of the following is the BEST Service Organization Controls (SOC) certification for the vendor to possess?

Question 931

Report
Export
Collapse

What is the second phase of public key infrastructure (PKI) key/certificate life-cycle management?

A.
Implementation Phase
A.
Implementation Phase
Answers
B.
Cancellation Phase
B.
Cancellation Phase
Answers
C.
Initialization Phase
C.
Initialization Phase
Answers
D.
Issued Phase
D.
Issued Phase
Answers
Suggested answer: A

Question 932

Report
Export
Collapse

Which of the following BEST describes the standard used to exchange authorization information between different identity management systems?

A.
Security Assertion Markup Language (SAML)
A.
Security Assertion Markup Language (SAML)
Answers
B.
Service Oriented Architecture (SOA)
B.
Service Oriented Architecture (SOA)
Answers
C.
Extensible Markup Language (XML)
C.
Extensible Markup Language (XML)
Answers
D.
Wireless Authentication Protocol (WAP)
D.
Wireless Authentication Protocol (WAP)
Answers
Suggested answer: A

Question 933

Report
Export
Collapse
A.
Obtain information security management approval.
A.
Obtain information security management approval.
Answers
B.
Maintain the integrity of the application.
B.
Maintain the integrity of the application.
Answers
C.
Obtain feedback before implementation.
C.
Obtain feedback before implementation.
Answers
D.
Identify vulnerabilities.
D.
Identify vulnerabilities.
Answers
Suggested answer: D

Question 934

Report
Export
Collapse

The security team has been tasked with performing an interface test against a frontend external facing application and needs to verify that all input fields protect against invalid input. Which of the following BEST assists this process?

A.
Application fuzzing
A.
Application fuzzing
Answers
B.
Instruction set simulation
B.
Instruction set simulation
Answers
C.
Regression testing
C.
Regression testing
Answers
D.
Sanity testing
D.
Sanity testing
Answers
Suggested answer: A

Question 935

Report
Export
Collapse

Which of the following is the FIRST step during digital identity provisioning?

A.
Authorizing the entity for resource access
A.
Authorizing the entity for resource access
Answers
B.
Synchronizing directories
B.
Synchronizing directories
Answers
C.
Issuing an initial random password
C.
Issuing an initial random password
Answers
D.
Creating the entity record with the correct attributes
D.
Creating the entity record with the correct attributes
Answers
Suggested answer: D

Question 936

Report
Export
Collapse

Physical Access Control Systems (PACS) allow authorized security personnel to manage and monitor access control for subjects through which function?

A.
Remote access administration
A.
Remote access administration
Answers
B.
Personal Identity Verification (PIV)
B.
Personal Identity Verification (PIV)
Answers
C.
Access Control List (ACL)
C.
Access Control List (ACL)
Answers
D.
Privileged Identity Management (PIM)
D.
Privileged Identity Management (PIM)
Answers
Suggested answer: B

Question 937

Report
Export
Collapse

In a large company, a system administrator needs to assign users access to files using Role Based Access Control (RBAC). Which option Is an example of RBAC?

A.
Mowing users access to files based on their group membership
A.
Mowing users access to files based on their group membership
Answers
B.
Allowing users access to files based on username
B.
Allowing users access to files based on username
Answers
C.
Allowing users access to files based on the users location at time of access
C.
Allowing users access to files based on the users location at time of access
Answers
D.
Allowing users access to files based on the file type
D.
Allowing users access to files based on the file type
Answers
Suggested answer: A

Question 938

Report
Export
Collapse

During a Disaster Recovery (DR) simulation, it is discovered that the shared recovery site lacks adequate data restoration capabilities to support the implementation of multiple plans simultaneously. What would be impacted by this fact if left unchanged?

A.
Recovery Point Objective (RPO)
A.
Recovery Point Objective (RPO)
Answers
B.
Recovery Time Objective (RTO)
B.
Recovery Time Objective (RTO)
Answers
C.
Business Impact Analysis (BIA)
C.
Business Impact Analysis (BIA)
Answers
D.
Return on Investment (ROI)
D.
Return on Investment (ROI)
Answers
Suggested answer: A

Question 939

Report
Export
Collapse

What is the MAIN objective of risk analysis in Disaster Recovery (DR) planning?

A.
Establish Maximum Tolerable Downtime (MTD) Information Systems (IS).
A.
Establish Maximum Tolerable Downtime (MTD) Information Systems (IS).
Answers
B.
Define the variable cost for extended downtime scenarios.
B.
Define the variable cost for extended downtime scenarios.
Answers
C.
Identify potential threats to business availability.
C.
Identify potential threats to business availability.
Answers
D.
Establish personnel requirements for various downtime scenarios.
D.
Establish personnel requirements for various downtime scenarios.
Answers
Suggested answer: C

Question 940

Report
Export
Collapse

The adoption of an enterprise-wide Business Continuity (BC) program requires which of the following?

A.
Good communication throughout the organization
A.
Good communication throughout the organization
Answers
B.
A completed Business Impact Analysis (BIA)
B.
A completed Business Impact Analysis (BIA)
Answers
C.
Formation of Disaster Recovery (DR) project team
C.
Formation of Disaster Recovery (DR) project team
Answers
D.
Well-documented information asset classification
D.
Well-documented information asset classification
Answers
Suggested answer: D
Total 1.482 questions
Go to page: of 149
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms