ExamGecko
Search Search Login
Home Home / ISC / CISSP

ISC CISSP Practice Test - Questions Answers, Page 95

Question list
Search
Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

Which of the following are all elements of a disaster recovery plan (DRP)?
All of the following items should be included in a Business Impact Analysis (BIA) questionnaire EXCEPT questions that
Which of the following would BEST support effective testing of patch compatibility when patches are applied to an organization's systems?
An organization is preparing to achieve General Data Protection Regulation (GDPR) compliance. The Chief Information Security Officer (CISO) is reviewing data protection methods. Which of the following is the BEST data protection method?
In what phase of the System Development Life Cycle (SDLC) should security training for the development team begin?
What balance MUST be considered when web application developers determine how informative application error messages should be constructed?
Which part of an operating system (OS) is responsible for providing security interfaces among the hardware, OS, and other parts of the computing system?
Backup information that is critical to the organization is identified through a
Data remanence refers to which of the following?
With what frequency should monitoring of a control occur when implementing Information Security Continuous Monitoring (ISCM) solutions?

Question 941

Report
Export
Collapse

A security professional is assessing the risk in an application and does not take into account any mitigating or compensating controls. This type of risk rating is an example of which of the following?

A.
Transferred risk
A.
Transferred risk
Answers
B.
Inherent risk
B.
Inherent risk
Answers
C.
Residual risk
C.
Residual risk
Answers
D.
Avoided risk
D.
Avoided risk
Answers
Suggested answer: B

Question 942

Report
Export
Collapse

Which of the following is the BEST way to protect against Structured Query language (SQL) injection?

A.
Enforce boundary checking.
A.
Enforce boundary checking.
Answers
B.
Ratfrict um of SELECT command.
B.
Ratfrict um of SELECT command.
Answers
C.
Restrict HyperText Markup Language (HTML) source code
C.
Restrict HyperText Markup Language (HTML) source code
Answers
D.
Use stored procedures.
D.
Use stored procedures.
Answers
Suggested answer: D

Question 943

Report
Export
Collapse

When defining a set of security controls to mitigate a risk, which of the following actions MUST occur?

A.
Each control's effectiveness must be evaluated individually.
A.
Each control's effectiveness must be evaluated individually.
Answers
B.
Each control must completely mitigate the risk.
B.
Each control must completely mitigate the risk.
Answers
C.
The control set must adequately mitigate the risk.
C.
The control set must adequately mitigate the risk.
Answers
D.
The control set must evenly divided the risk.
D.
The control set must evenly divided the risk.
Answers
Suggested answer: A

Question 944

Report
Export
Collapse

A company-wide penetration test result shows customers could access and read files through a web browser. Which of the following can be used to mitigate this vulnerability?

A.
Enforce the chmod of files to 755.
A.
Enforce the chmod of files to 755.
Answers
B.
Enforce the control of file directory listings.
B.
Enforce the control of file directory listings.
Answers
C.
Implement access control on the web server.
C.
Implement access control on the web server.
Answers
D.
Implement Secure Sockets Layer (SSL) certificates throughout the web server.
D.
Implement Secure Sockets Layer (SSL) certificates throughout the web server.
Answers
Suggested answer: B

Question 945

Report
Export
Collapse

Which of the following provides the MOST secure method for Network Access Control (NAC)?

A.
Media Access Control (MAC) filtering
A.
Media Access Control (MAC) filtering
Answers
B.
802.IX authentication
B.
802.IX authentication
Answers
C.
Application layer filtering
C.
Application layer filtering
Answers
D.
Network Address Translation (NAT)
D.
Network Address Translation (NAT)
Answers
Suggested answer: B

Question 946

Report
Export
Collapse

What does the result of Cost-Benefit Analysis (C8A) on new security initiatives provide?

A.
Quantifiable justification
A.
Quantifiable justification
Answers
B.
Baseline improvement
B.
Baseline improvement
Answers
C.
Risk evaluation
C.
Risk evaluation
Answers
D.
Formalized acceptance
D.
Formalized acceptance
Answers
Suggested answer: A

Question 947

Report
Export
Collapse

Which of the following is considered the PRIMARY security issue associated with encrypted e-mail messages?

A.
Key distribution
A.
Key distribution
Answers
B.
Storing attachments in centralized repositories
B.
Storing attachments in centralized repositories
Answers
C.
Scanning for viruses and other malware
C.
Scanning for viruses and other malware
Answers
D.
Greater costs associated for backups and restores
D.
Greater costs associated for backups and restores
Answers
Suggested answer: C

Question 948

Report
Export
Collapse

Which media sanitization methods should be used for data with a high security categorization?

A.
Clear or destroy
A.
Clear or destroy
Answers
B.
Clear or purge
B.
Clear or purge
Answers
C.
Destroy or delete
C.
Destroy or delete
Answers
D.
Purge or destroy
D.
Purge or destroy
Answers
Suggested answer: D

Question 949

Report
Export
Collapse

Which of the following is the MOST secure protocol for zremote command access to the firewall?

A.
Secure Shell (SSH)
A.
Secure Shell (SSH)
Answers
B.
Trivial File Transfer Protocol (TFTP)
B.
Trivial File Transfer Protocol (TFTP)
Answers
C.
Hypertext Transfer Protocol Secure (HTTPS)
C.
Hypertext Transfer Protocol Secure (HTTPS)
Answers
D.
Simple Network Management Protocol (SNMP) v1
D.
Simple Network Management Protocol (SNMP) v1
Answers
Suggested answer: A

Question 950

Report
Export
Collapse

How should the retention period for an organization's social media content be defined?

A.
Wireless Access Points (AP)
A.
Wireless Access Points (AP)
Answers
B.
Token-based authentication
B.
Token-based authentication
Answers
C.
Host-based firewalls
C.
Host-based firewalls
Answers
D.
Trusted platforms
D.
Trusted platforms
Answers
Suggested answer: C
Total 1.482 questions
Go to page: of 149
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms