ExamGecko
Search Search Login
Home Home / ISC / CISSP

ISC CISSP Practice Test - Questions Answers, Page 97

Question list
Search
Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

Which of the following are all elements of a disaster recovery plan (DRP)?
All of the following items should be included in a Business Impact Analysis (BIA) questionnaire EXCEPT questions that
Which of the following would BEST support effective testing of patch compatibility when patches are applied to an organization's systems?
An organization is preparing to achieve General Data Protection Regulation (GDPR) compliance. The Chief Information Security Officer (CISO) is reviewing data protection methods. Which of the following is the BEST data protection method?
In what phase of the System Development Life Cycle (SDLC) should security training for the development team begin?
What balance MUST be considered when web application developers determine how informative application error messages should be constructed?
Which part of an operating system (OS) is responsible for providing security interfaces among the hardware, OS, and other parts of the computing system?
Backup information that is critical to the organization is identified through a
Data remanence refers to which of the following?
With what frequency should monitoring of a control occur when implementing Information Security Continuous Monitoring (ISCM) solutions?

Question 961

Report
Export
Collapse

Which of the following actions should be taken by a security professional when a mission critical computer network attack is suspected?

A.
Isolate the network, log an independent report, fix the problem, and redeploy the computer.
A.
Isolate the network, log an independent report, fix the problem, and redeploy the computer.
Answers
B.
Isolate the network, install patches, and report the occurrence.
B.
Isolate the network, install patches, and report the occurrence.
Answers
C.
Prioritize, report, and investigate the occurrence.
C.
Prioritize, report, and investigate the occurrence.
Answers
D.
Turn the rooter off, perform forensic analysis, apply the appropriate fin, and log incidents.
D.
Turn the rooter off, perform forensic analysis, apply the appropriate fin, and log incidents.
Answers
Suggested answer: C

Question 962

Report
Export
Collapse

In what phase of the System Development Life Cycle (SDLC) should security training for the development team begin?

A.
Development/Acquisition
A.
Development/Acquisition
Answers
B.
Initiation
B.
Initiation
Answers
C.
Implementation/ Assessment
C.
Implementation/ Assessment
Answers
D.
Disposal
D.
Disposal
Answers
Suggested answer: A

Question 963

Report
Export
Collapse

Of the following, which BEST provides non- repudiation with regards to access to a server room?

A.
Fob and Personal Identification Number (PIN)
A.
Fob and Personal Identification Number (PIN)
Answers
B.
Locked and secured cages
B.
Locked and secured cages
Answers
C.
Biometric readers
C.
Biometric readers
Answers
D.
Proximity readers
D.
Proximity readers
Answers
Suggested answer: C

Question 964

Report
Export
Collapse

The personal laptop of an organization executive is stolen from the office, complete with personnel and project records. Which of the following should be done FIRST to mitigate future occurrences?

A.
Encrypt disks on personal laptops.
A.
Encrypt disks on personal laptops.
Answers
B.
Issue cable locks for use on personal laptops.
B.
Issue cable locks for use on personal laptops.
Answers
C.
Create policies addressing critical information on personal laptops.
C.
Create policies addressing critical information on personal laptops.
Answers
D.
Monitor personal laptops for critical information.
D.
Monitor personal laptops for critical information.
Answers
Suggested answer: A

Question 965

Report
Export
Collapse

Which of the following is a standard Access Control List (ACL) element that enables a router to filter Internet traffic?

A.
Media Access Control (MAC) address
A.
Media Access Control (MAC) address
Answers
B.
Internet Protocol (IP) address
B.
Internet Protocol (IP) address
Answers
C.
Security roles
C.
Security roles
Answers
D.
Device needs
D.
Device needs
Answers
Suggested answer: B

Question 966

Report
Export
Collapse

Which of the following will accomplish Multi-Factor Authentication (MFA)?

A.
Issuing a smart card with a user-selected Personal Identification Number (PIN)
A.
Issuing a smart card with a user-selected Personal Identification Number (PIN)
Answers
B.
Requiring users to enter a Personal Identification Number (PIN) and a password
B.
Requiring users to enter a Personal Identification Number (PIN) and a password
Answers
C.
Performing a palm and retinal scan
C.
Performing a palm and retinal scan
Answers
D.
Issuing a smart card and a One Time Password (OTP) token
D.
Issuing a smart card and a One Time Password (OTP) token
Answers
Suggested answer: A

Question 967

Report
Export
Collapse

Which of the following is the PRIMARY issue when analyzing detailed log information?

A.
Logs may be unavailable when required
A.
Logs may be unavailable when required
Answers
B.
Timely review of the data is potentially difficult
B.
Timely review of the data is potentially difficult
Answers
C.
Most systems and applications do not support logging
C.
Most systems and applications do not support logging
Answers
D.
Logs do not provide sufficient details of system and individual activities
D.
Logs do not provide sufficient details of system and individual activities
Answers
Suggested answer: D

Question 968

Report
Export
Collapse

How does security in a distributed file system using mutual authentication differ from file security in a multi-user host?

A.
Access control can rely on the Operating System (OS), but eavesdropping is
A.
Access control can rely on the Operating System (OS), but eavesdropping is
Answers
B.
Access control cannot rely on the Operating System (OS), and eavesdropping
B.
Access control cannot rely on the Operating System (OS), and eavesdropping
Answers
C.
Access control can rely on the Operating System (OS), and eavesdropping is
C.
Access control can rely on the Operating System (OS), and eavesdropping is
Answers
D.
Access control cannot rely on the Operating System (OS), and eavesdropping
D.
Access control cannot rely on the Operating System (OS), and eavesdropping
Answers
Suggested answer: C

Question 969

Report
Export
Collapse

Which of the following explains why classifying data is an important step in performing a Risk assessment?

A.
To provide a framework for developing good security metrics
A.
To provide a framework for developing good security metrics
Answers
B.
To justify the selection of costly security controls
B.
To justify the selection of costly security controls
Answers
C.
To classify the security controls sensitivity that helps scope the risk assessment
C.
To classify the security controls sensitivity that helps scope the risk assessment
Answers
D.
To help determine the appropriate level of data security controls
D.
To help determine the appropriate level of data security controls
Answers
Suggested answer: D

Question 970

Report
Export
Collapse

How is Remote Authentication Dial-In User Service (RADIUS) authentication accomplished?

A.
It uses clear text and firewall rules.
A.
It uses clear text and firewall rules.
Answers
B.
It relies on Virtual Private Networks (VPN).
B.
It relies on Virtual Private Networks (VPN).
Answers
C.
It uses clear text and shared secret keys.
C.
It uses clear text and shared secret keys.
Answers
D.
It relies on asymmetric encryption keys.
D.
It relies on asymmetric encryption keys.
Answers
Suggested answer: C
Total 1.482 questions
Go to page: of 149
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms