ExamGecko
Search Search Login
Home Home / ISC / CISSP

ISC CISSP Practice Test - Questions Answers, Page 98

Question list
Search
Search

List of questions

Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

Which of the following are all elements of a disaster recovery plan (DRP)?
All of the following items should be included in a Business Impact Analysis (BIA) questionnaire EXCEPT questions that
Which of the following would BEST support effective testing of patch compatibility when patches are applied to an organization's systems?
An organization is preparing to achieve General Data Protection Regulation (GDPR) compliance. The Chief Information Security Officer (CISO) is reviewing data protection methods. Which of the following is the BEST data protection method?
In what phase of the System Development Life Cycle (SDLC) should security training for the development team begin?
What balance MUST be considered when web application developers determine how informative application error messages should be constructed?
Which part of an operating system (OS) is responsible for providing security interfaces among the hardware, OS, and other parts of the computing system?
Backup information that is critical to the organization is identified through a
Data remanence refers to which of the following?
With what frequency should monitoring of a control occur when implementing Information Security Continuous Monitoring (ISCM) solutions?

Question 971

Report
Export
Collapse

A security professional should ensure that clients support which secondary algorithm for digital signatures when a Secure Multipurpose Internet Mail Extension (S/MIME) is used?

A.
Triple Data Encryption Standard (3DES)
A.
Triple Data Encryption Standard (3DES)
Answers
B.
Advanced Encryption Standard (AES)
B.
Advanced Encryption Standard (AES)
Answers
C.
Digital Signature Algorithm (DSA)
C.
Digital Signature Algorithm (DSA)
Answers
D.
Rivest-Shamir-Adieman (RSA)
D.
Rivest-Shamir-Adieman (RSA)
Answers
Suggested answer: C

Question 972

Report
Export
Collapse

What documentation is produced FIRST when performing an effective physical loss control process?

A.
Deterrent controls list
A.
Deterrent controls list
Answers
B.
Security standards list
B.
Security standards list
Answers
C.
inventory list
C.
inventory list
Answers
D.
Asset valuation list
D.
Asset valuation list
Answers
Suggested answer: C

Question 973

Report
Export
Collapse

Who should formulate conclusions from a particular digital fore Ball, Submit a Toper Of Tags, and the results?

A.
The information security professional's supervisor
A.
The information security professional's supervisor
Answers
B.
Legal counsel for the information security professional's employer
B.
Legal counsel for the information security professional's employer
Answers
C.
The information security professional who conducted the analysis
C.
The information security professional who conducted the analysis
Answers
D.
A peer reviewer of the information security professional
D.
A peer reviewer of the information security professional
Answers
Suggested answer: B

Question 974

Report
Export
Collapse

A manager identified two conflicting sensitive user functions that were assigned to a single user account that had the potential to result in financial and regulatory risk to the company. The manager MOST likely discovered this during which of the following?

A.
Security control assessment.
A.
Security control assessment.
Answers
B.
Separation of duties analysis
B.
Separation of duties analysis
Answers
C.
Network Access Control (NAC) review
C.
Network Access Control (NAC) review
Answers
D.
Federated identity management (FIM) evaluation
D.
Federated identity management (FIM) evaluation
Answers
Suggested answer: B

Question 975

Report
Export
Collapse

When assessing the audit capability of an application, which of the following activities is MOST important?

A.
Determine if audit records contain sufficient information.
A.
Determine if audit records contain sufficient information.
Answers
B.
Review security plan for actions to be taken in the event of audit failure.
B.
Review security plan for actions to be taken in the event of audit failure.
Answers
C.
Verify if sufficient storage is allocated for audit records.
C.
Verify if sufficient storage is allocated for audit records.
Answers
D.
Identify procedures to investigate suspicious activity.
D.
Identify procedures to investigate suspicious activity.
Answers
Suggested answer: C

Question 976

Report
Export
Collapse

A web-based application known to be susceptible to attacks is now under review by a senior developer. The organization would like to ensure this application Is less susceptible to injection attacks specifically, What strategy will work BEST for the organization's situation?

A.
Do not store sensitive unencrypted data on the back end.
A.
Do not store sensitive unencrypted data on the back end.
Answers
B.
Whitelist input and encode or escape output before it is processed for rendering.
B.
Whitelist input and encode or escape output before it is processed for rendering.
Answers
C.
Limit privileged access or hard-coding logon credentials,
C.
Limit privileged access or hard-coding logon credentials,
Answers
D.
Store sensitive data in a buffer that retains data in operating system (OS) cache or memory.
D.
Store sensitive data in a buffer that retains data in operating system (OS) cache or memory.
Answers
Suggested answer: B

Explanation:

Question 977

Report
Export
Collapse

DRAG DROP

Match the name of access control model with its associated restriction.

Drag each access control model to its appropriate restriction access on the right.


Question 977
Correct answer: Question 977

Question 978

Report
Export
Collapse

DRAG DROP

Match the access control type to the example of the control type.

Drag each access control type net to its corresponding example.

Question 978
Correct answer: Question 978

Question 979

Report
Export
Collapse

DRAG DROP

Match the types of e-authentication tokens to their description.

Drag each e-authentication token on the left to its corresponding description on the right.


Question 979
Correct answer: Question 979

Question 980

Report
Export
Collapse

DRAG DROP

Drag the following Security Engineering terms on the left to the BEST definition on the right.

Question 980
Correct answer: Question 980
Total 1.482 questions
Go to page: of 149
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms