ExamGecko
Search Search Login
Home Home / ISC / CISSP-ISSMP

ISC CISSP-ISSMP Practice Test - Questions Answers, Page 11

Question list
Search
Search

List of questions

Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

Which of the following statements is related with the second law of OPSEC?
How many change control systems are there in project management?
Your project team has identified a project risk that must be responded to. The risk has been recorded in the risk register and the project team has been discussing potential risk responses for the risk event. The event is not likely to happen for several months but the probability of the event is high. Which one of the following is a valid response to the identified risk event?
Which of the following statutes is enacted in the U.S., which prohibits creditors from collecting data from applicants, such as national origin, caste, religion etc?
You work as the project manager for Bluewell Inc. You are working on NGQQ Project for your company. You have completed the risk analysis processes for the risk events. You and the project team have created risk responses for most of the identified project risks. Which of the following risk response planning techniques will you use to shift the impact of a threat to a third party, together with the responses?
Which of the following liabilities is a third-party liability in which an individual may be responsible for an action by another party?
In which of the following contract types, the seller is reimbursed for all allowable costs for performing the contract work and receives a fixed fee payment which is calculated as a percentage of the initial estimated project costs?
How can you calculate the Annualized Loss Expectancy (ALE) that may occur due to a threat?
Which of the following architecturally related vulnerabilities is a hardware or software mechanism, which was installed to permit system maintenance and to bypass the system's security protections?
SIMULATION Fill in the blank with the appropriate phrase. ____________ is the ability to record and report on the configuration baselines associated with each configuration item at any moment of time.

Question 101

Report
Export
Collapse

Which of the following recovery plans includes specific strategies and actions to deal with specific variances to assumptions resulting in a particular security problem, emergency, or state of affairs?

A.
Disaster recovery plan
A.
Disaster recovery plan
Answers
B.
Contingency plan
B.
Contingency plan
Answers
C.
Continuity of Operations Plan
C.
Continuity of Operations Plan
Answers
D.
Business continuity plan
D.
Business continuity plan
Answers
Suggested answer: B

Question 102

Report
Export
Collapse

Which of the following BCP teams handles financial arrangement, public relations, and media inquiries in the time of disaster recovery?

A.
Software team
A.
Software team
Answers
B.
Off-site storage team
B.
Off-site storage team
Answers
C.
Applications team
C.
Applications team
Answers
D.
Emergency-management team
D.
Emergency-management team
Answers
Suggested answer: D

Question 103

Report
Export
Collapse

Eric is the project manager of the NQQ Project and has hired the ZAS Corporation to complete part of the project work for Eric's organization. Due to a change request the ZAS Corporation is no longer needed on the project even though they have completed nearly all of the project work. Is Eric's organization liable to pay the ZAS Corporation for the work they have completed so far on the project?

A.
Yes, the ZAS Corporation did not choose to terminate the contract work.
A.
Yes, the ZAS Corporation did not choose to terminate the contract work.
Answers
B.
It depends on what the outcome of a lawsuit will determine.
B.
It depends on what the outcome of a lawsuit will determine.
Answers
C.
It depends on what the termination clause of the contract stipulates.
C.
It depends on what the termination clause of the contract stipulates.
Answers
D.
No, the ZAS Corporation did not complete all of the work.
D.
No, the ZAS Corporation did not complete all of the work.
Answers
Suggested answer: C

Question 104

Report
Export
Collapse

Which of the following are the goals of risk management? Each correct answer represents a complete solution. Choose three.

A.
Assessing the impact of potential threats
A.
Assessing the impact of potential threats
Answers
B.
Identifying the accused
B.
Identifying the accused
Answers
C.
Finding an economic balance between the impact of the risk and the cost of the countermeasure
C.
Finding an economic balance between the impact of the risk and the cost of the countermeasure
Answers
D.
Identifying the risk
D.
Identifying the risk
Answers
Suggested answer: A, C, D

Question 105

Report
Export
Collapse

You are working as a project manager in your organization. You are nearing the final stages of project execution and looking towards the final risk monitoring and controlling activities. For your project archives, which one of the following is an output of risk monitoring and control?

A.
Quantitative risk analysis
A.
Quantitative risk analysis
Answers
B.
Qualitative risk analysis
B.
Qualitative risk analysis
Answers
C.
Requested changes
C.
Requested changes
Answers
D.
Risk audits
D.
Risk audits
Answers
Suggested answer: C

Question 106

Report
Export
Collapse

Della works as a security manager for SoftTech Inc. She is training some of the newly recruited personnel in the field of security management. She is giving a tutorial on DRP. She explains that the major goal of a disaster recovery plan is to provide an organized way to make decisions if a disruptive event occurs and asks for the other objectives of the DRP. If you are among some of the newly recruited personnel in SoftTech Inc, what will be your answer for her question?

Each correct answer represents a part of the solution. Choose three.

A.
Protect an organization from major computer services failure.
A.
Protect an organization from major computer services failure.
Answers
B.
Minimize the risk to the organization from delays in providing services.
B.
Minimize the risk to the organization from delays in providing services.
Answers
C.
Guarantee the reliability of standby systems through testing and simulation.
C.
Guarantee the reliability of standby systems through testing and simulation.
Answers
D.
Maximize the decision-making required by personnel during a disaster.
D.
Maximize the decision-making required by personnel during a disaster.
Answers
Suggested answer: A, B, C

Question 107

Report
Export
Collapse

SIMULATION

Fill in the blank with an appropriate phrase.______________ is used to provide security mechanisms for the storage, processing, and transfer of data.

A.
Data classification
A.
Data classification
Answers
Suggested answer: A

Question 108

Report
Export
Collapse

Software Development Life Cycle (SDLC) is a logical process used by programmers to develop software. Which of the following SDLC phases meets the audit objectives defined below: System and data are validated. System meets all user requirements. System meets all control requirements.

A.
Programming and training
A.
Programming and training
Answers
B.
Evaluation and acceptance
B.
Evaluation and acceptance
Answers
C.
Definition
C.
Definition
Answers
D.
Initiation
D.
Initiation
Answers
Suggested answer: B

Question 109

Report
Export
Collapse

You are the project manager of the NGQQ Project for your company. To help you communicate project status to your stakeholders, you are going to create a stakeholder register. All of the following information should be included in the stakeholder register except for which one?

A.
Identification information for each stakeholder
A.
Identification information for each stakeholder
Answers
B.
Assessment information of the stakeholders' major requirements, expectations, and potential influence
B.
Assessment information of the stakeholders' major requirements, expectations, and potential influence
Answers
C.
Stakeholder classification of their role in the project
C.
Stakeholder classification of their role in the project
Answers
D.
Stakeholder management strategy
D.
Stakeholder management strategy
Answers
Suggested answer: D

Question 110

Report
Export
Collapse

Which of the following are examples of physical controls used to prevent unauthorized access to sensitive materials?

A.
Thermal alarm systems
A.
Thermal alarm systems
Answers
B.
Closed circuit cameras
B.
Closed circuit cameras
Answers
C.
Encryption
C.
Encryption
Answers
D.
Security Guards
D.
Security Guards
Answers
Suggested answer: A, B, D
Total 218 questions
Go to page: of 22
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms