ExamGecko
Search Search Login
Home Home / ISC / CISSP-ISSMP

ISC CISSP-ISSMP Practice Test - Questions Answers

Question list
Search
Search

List of questions

Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

Which of the following statements is related with the second law of OPSEC?
How many change control systems are there in project management?
Your project team has identified a project risk that must be responded to. The risk has been recorded in the risk register and the project team has been discussing potential risk responses for the risk event. The event is not likely to happen for several months but the probability of the event is high. Which one of the following is a valid response to the identified risk event?
Which of the following statutes is enacted in the U.S., which prohibits creditors from collecting data from applicants, such as national origin, caste, religion etc?
You work as the project manager for Bluewell Inc. You are working on NGQQ Project for your company. You have completed the risk analysis processes for the risk events. You and the project team have created risk responses for most of the identified project risks. Which of the following risk response planning techniques will you use to shift the impact of a threat to a third party, together with the responses?
Which of the following liabilities is a third-party liability in which an individual may be responsible for an action by another party?
In which of the following contract types, the seller is reimbursed for all allowable costs for performing the contract work and receives a fixed fee payment which is calculated as a percentage of the initial estimated project costs?
How can you calculate the Annualized Loss Expectancy (ALE) that may occur due to a threat?
Which of the following architecturally related vulnerabilities is a hardware or software mechanism, which was installed to permit system maintenance and to bypass the system's security protections?
SIMULATION Fill in the blank with the appropriate phrase. ____________ is the ability to record and report on the configuration baselines associated with each configuration item at any moment of time.

Question 1

Report
Export
Collapse

Which of the following fields of management focuses on establishing and maintaining consistency of a system's or product's performance and its functional and physical attributes with its requirements, design, and operational information throughout its life?

A.
Configuration management
A.
Configuration management
Answers
B.
Risk management
B.
Risk management
Answers
C.
Procurement management
C.
Procurement management
Answers
D.
Change management
D.
Change management
Answers
Suggested answer: A

Question 2

Report
Export
Collapse

Which of the following are the ways of sending secure e-mail messages over the Internet? Each correct answer represents a complete solution. Choose two.

A.
TLS
A.
TLS
Answers
B.
PGP
B.
PGP
Answers
C.
S/MIME
C.
S/MIME
Answers
D.
IPSec
D.
IPSec
Answers
Suggested answer: B, C

Question 3

Report
Export
Collapse

You work as a Senior Marketing Manger for Umbrella Inc. You find out that some of the software applications on the systems were malfunctioning and also you were not able to access your remote desktop session. You suspected that some malicious attack was performed on the network of the company. You immediately called the incident response team to handle the situation who enquired the Network Administrator to acquire all relevant information regarding the malfunctioning. The Network Administrator informed the incident response team that he was reviewing the security of the network which caused all these problems. Incident response team announced that this was a controlled event not an incident. Which of the following steps of an incident handling process was performed by the incident response team?

A.
Containment
A.
Containment
Answers
B.
Eradication
B.
Eradication
Answers
C.
Preparation
C.
Preparation
Answers
D.
Identification
D.
Identification
Answers
Suggested answer: D

Question 4

Report
Export
Collapse

Which of the following is the process performed between organizations that have unique hardware or software that cannot be maintained at a hot or warm site?

A.
Cold sites arrangement
A.
Cold sites arrangement
Answers
B.
Business impact analysis
B.
Business impact analysis
Answers
C.
Duplicate processing facilities
C.
Duplicate processing facilities
Answers
D.
Reciprocal agreements
D.
Reciprocal agreements
Answers
Suggested answer: D

Question 5

Report
Export
Collapse

Which of the following involves changing data prior to or during input to a computer in an effort to commit fraud?

A.
Data diddling
A.
Data diddling
Answers
B.
Wiretapping
B.
Wiretapping
Answers
C.
Eavesdropping
C.
Eavesdropping
Answers
D.
Spoofing
D.
Spoofing
Answers
Suggested answer: A

Question 6

Report
Export
Collapse

Which of the following penetration testing phases involves reconnaissance or data gathering?

A.
Attack phase
A.
Attack phase
Answers
B.
Pre-attack phase
B.
Pre-attack phase
Answers
C.
Post-attack phase
C.
Post-attack phase
Answers
D.
Out-attack phase
D.
Out-attack phase
Answers
Suggested answer: B

Question 7

Report
Export
Collapse

Mark works as a security manager for SoftTech Inc. He is involved in the BIA phase to create a document to be used to help understand what impact a disruptive event would have on the business. The impact might be financial or operational. Which of the following are the objectives related to the above phase in which

Mark is involved? Each correct answer represents a part of the solution. Choose three.

A.
Resource requirements identification
A.
Resource requirements identification
Answers
B.
Criticality prioritization
B.
Criticality prioritization
Answers
C.
Down-time estimation
C.
Down-time estimation
Answers
D.
Performing vulnerability assessment
D.
Performing vulnerability assessment
Answers
Suggested answer: A, B, C

Question 8

Report
Export
Collapse

Which of the following recovery plans includes specific strategies and actions to deal with specific variances to assumptions resulting in a particular security problem, emergency, or state of affairs?

A.
Business continuity plan
A.
Business continuity plan
Answers
B.
Disaster recovery plan
B.
Disaster recovery plan
Answers
C.
Continuity of Operations Plan
C.
Continuity of Operations Plan
Answers
D.
Contingency plan
D.
Contingency plan
Answers
Suggested answer: D

Question 9

Report
Export
Collapse

Which of the following protocols is used with a tunneling protocol to provide security?

A.
FTP
A.
FTP
Answers
B.
IPX/SPX
B.
IPX/SPX
Answers
C.
IPSec
C.
IPSec
Answers
D.
EAP
D.
EAP
Answers
Suggested answer: C

Question 10

Report
Export
Collapse

Which of the following subphases are defined in the maintenance phase of the life cycle models?

A.
Change control
A.
Change control
Answers
B.
Configuration control
B.
Configuration control
Answers
C.
Request control
C.
Request control
Answers
D.
Release control
D.
Release control
Answers
Suggested answer: A, C, D
Total 218 questions
Go to page: of 22
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms