ExamGecko
Search Search Login
Home Home / ISC / CISSP-ISSMP

ISC CISSP-ISSMP Practice Test - Questions Answers, Page 14

Question list
Search
Search

List of questions

Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

Which of the following statements is related with the second law of OPSEC?
How many change control systems are there in project management?
Your project team has identified a project risk that must be responded to. The risk has been recorded in the risk register and the project team has been discussing potential risk responses for the risk event. The event is not likely to happen for several months but the probability of the event is high. Which one of the following is a valid response to the identified risk event?
Which of the following statutes is enacted in the U.S., which prohibits creditors from collecting data from applicants, such as national origin, caste, religion etc?
You work as the project manager for Bluewell Inc. You are working on NGQQ Project for your company. You have completed the risk analysis processes for the risk events. You and the project team have created risk responses for most of the identified project risks. Which of the following risk response planning techniques will you use to shift the impact of a threat to a third party, together with the responses?
Which of the following liabilities is a third-party liability in which an individual may be responsible for an action by another party?
In which of the following contract types, the seller is reimbursed for all allowable costs for performing the contract work and receives a fixed fee payment which is calculated as a percentage of the initial estimated project costs?
How can you calculate the Annualized Loss Expectancy (ALE) that may occur due to a threat?
Which of the following architecturally related vulnerabilities is a hardware or software mechanism, which was installed to permit system maintenance and to bypass the system's security protections?
SIMULATION Fill in the blank with the appropriate phrase. ____________ is the ability to record and report on the configuration baselines associated with each configuration item at any moment of time.

Question 131

Report
Export
Collapse

Your project team has identified a project risk that must be responded to. The risk has been recorded in the risk register and the project team has been discussing potential risk responses for the risk event. The event is not likely to happen for several months but the probability of the event is high. Which one of the following is a valid response to the identified risk event?

A.
Earned value management
A.
Earned value management
Answers
B.
Risk audit
B.
Risk audit
Answers
C.
Technical performance measurement
C.
Technical performance measurement
Answers
D.
Corrective action
D.
Corrective action
Answers
Suggested answer: D

Question 132

Report
Export
Collapse

Mark works as a security manager for SoftTech Inc. He is performing a security awareness program. To be successful in performing the awareness program, he should take into account the needs and current levels of training and understanding of the employees and audience. There are five key ways, which Mark should keep in mind while performing this activity. Current level of computer usage What the audience really wants to learn How receptive the audience is to the security program How to gain acceptance Who might be a possible ally Which of the following activities is performed in this security awareness process?

A.
Separation of duties
A.
Separation of duties
Answers
B.
Stunned owl syndrome
B.
Stunned owl syndrome
Answers
C.
Audience participation
C.
Audience participation
Answers
D.
Audience segmentation
D.
Audience segmentation
Answers
Suggested answer: D

Question 133

Report
Export
Collapse

Rachael is the project manager for a large project in her organization. A new change request has been proposed that will affect several areas of the project. One area of the project change impact is on work that a vendor has already completed. The vendor is refusing to make the changes as they've already completed the project work they were contracted to do. What can Rachael do in this instance?

A.
Threaten to sue the vendor if they don't complete the work.
A.
Threaten to sue the vendor if they don't complete the work.
Answers
B.
Fire the vendor for failing to complete the contractual obligation.
B.
Fire the vendor for failing to complete the contractual obligation.
Answers
C.
Withhold the vendor's payments for the work they've completed.
C.
Withhold the vendor's payments for the work they've completed.
Answers
D.
Refer to the contract agreement for direction.
D.
Refer to the contract agreement for direction.
Answers
Suggested answer: D

Question 134

Report
Export
Collapse

How many change control systems are there in project management?

A.
3
A.
3
Answers
B.
4
B.
4
Answers
C.
2
C.
2
Answers
D.
1
D.
1
Answers
Suggested answer: B

Question 135

Report
Export
Collapse

In which of the following phases of the SDLC does the software and other components of the system faithfully incorporate the design specifications and provide proper documentation and training?

A.
Programming and training
A.
Programming and training
Answers
B.
Evaluation and acceptance
B.
Evaluation and acceptance
Answers
C.
Initiation
C.
Initiation
Answers
D.
Design
D.
Design
Answers
Suggested answer: A

Question 136

Report
Export
Collapse

Which of the following signatures watches for the connection attempts to well-known, frequently attacked ports?

A.
Port signatures
A.
Port signatures
Answers
B.
Digital signatures
B.
Digital signatures
Answers
C.
Header condition signatures
C.
Header condition signatures
Answers
D.
String signatures
D.
String signatures
Answers
Suggested answer: A

Question 137

Report
Export
Collapse

Configuration Management (CM) is an Information Technology Infrastructure Library (ITIL) IT Service Management (ITSM) process. Configuration Management is used for which of the following? 1.To account for all IT assets 2.To provide precise information support to other ITIL disciplines 3.To provide a solid base only for Incident and Problem Management 4.To verify configuration records and correct any exceptions

A.
1, 3, and 4 only
A.
1, 3, and 4 only
Answers
B.
2 and 4 only
B.
2 and 4 only
Answers
C.
1, 2, and 4 only
C.
1, 2, and 4 only
Answers
D.
2, 3, and 4 only
D.
2, 3, and 4 only
Answers
Suggested answer: C

Question 138

Report
Export
Collapse

Which of the following protocols are used to provide secure communication between a client and a server over the Internet? Each correct answer represents a part of the solution. Choose two.

A.
TLS
A.
TLS
Answers
B.
HTTP
B.
HTTP
Answers
C.
SNMP
C.
SNMP
Answers
D.
SSL
D.
SSL
Answers
Suggested answer: A, D

Question 139

Report
Export
Collapse

How can you calculate the Annualized Loss Expectancy (ALE) that may occur due to a threat?

A.
Single Loss Expectancy (SLE)/ Exposure Factor (EF)
A.
Single Loss Expectancy (SLE)/ Exposure Factor (EF)
Answers
B.
Asset Value X Exposure Factor (EF)
B.
Asset Value X Exposure Factor (EF)
Answers
C.
Exposure Factor (EF)/Single Loss Expectancy (SLE)
C.
Exposure Factor (EF)/Single Loss Expectancy (SLE)
Answers
D.
Single Loss Expectancy (SLE) X Annualized Rate of Occurrence (ARO)
D.
Single Loss Expectancy (SLE) X Annualized Rate of Occurrence (ARO)
Answers
Suggested answer: D

Question 140

Report
Export
Collapse

Which of the following rate systems of the Orange book has no security controls?

A.
D-rated
A.
D-rated
Answers
B.
C-rated
B.
C-rated
Answers
C.
E-rated
C.
E-rated
Answers
D.
A-rated
D.
A-rated
Answers
Suggested answer: A
Total 218 questions
Go to page: of 22
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms