ExamGecko
Search Search Login
Home Home / ISC / CISSP-ISSMP

ISC CISSP-ISSMP Practice Test - Questions Answers, Page 16

Question list
Search
Search

List of questions

Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

Which of the following statements is related with the second law of OPSEC?
How many change control systems are there in project management?
Your project team has identified a project risk that must be responded to. The risk has been recorded in the risk register and the project team has been discussing potential risk responses for the risk event. The event is not likely to happen for several months but the probability of the event is high. Which one of the following is a valid response to the identified risk event?
Which of the following statutes is enacted in the U.S., which prohibits creditors from collecting data from applicants, such as national origin, caste, religion etc?
You work as the project manager for Bluewell Inc. You are working on NGQQ Project for your company. You have completed the risk analysis processes for the risk events. You and the project team have created risk responses for most of the identified project risks. Which of the following risk response planning techniques will you use to shift the impact of a threat to a third party, together with the responses?
Which of the following liabilities is a third-party liability in which an individual may be responsible for an action by another party?
In which of the following contract types, the seller is reimbursed for all allowable costs for performing the contract work and receives a fixed fee payment which is calculated as a percentage of the initial estimated project costs?
How can you calculate the Annualized Loss Expectancy (ALE) that may occur due to a threat?
Which of the following architecturally related vulnerabilities is a hardware or software mechanism, which was installed to permit system maintenance and to bypass the system's security protections?
SIMULATION Fill in the blank with the appropriate phrase. ____________ is the ability to record and report on the configuration baselines associated with each configuration item at any moment of time.

Question 151

Report
Export
Collapse

Which of the following terms related to risk management represents the estimated frequency at which a threat is expected to occur?

A.
Safeguard
A.
Safeguard
Answers
B.
Single Loss Expectancy (SLE)
B.
Single Loss Expectancy (SLE)
Answers
C.
Exposure Factor (EF)
C.
Exposure Factor (EF)
Answers
D.
Annualized Rate of Occurrence (ARO)
D.
Annualized Rate of Occurrence (ARO)
Answers
Suggested answer: D

Question 152

Report
Export
Collapse

Which of the following statements is related with the second law of OPSEC?

A.
If you are not protecting it (the critical and sensitive information), the adversary wins!
A.
If you are not protecting it (the critical and sensitive information), the adversary wins!
Answers
B.
If you don't know what to protect, how do you know you are protecting it?
B.
If you don't know what to protect, how do you know you are protecting it?
Answers
C.
If you don't know about your security resources you could not protect your network.
C.
If you don't know about your security resources you could not protect your network.
Answers
D.
If you don't know the threat, how do you know what to protect?
D.
If you don't know the threat, how do you know what to protect?
Answers
Suggested answer: B

Question 153

Report
Export
Collapse

Which of the following elements of BCP process includes the areas of plan implementation, plan testing, and ongoing plan maintenance, and also involves defining and documenting the continuity strategy?

A.
Business continuity plan development
A.
Business continuity plan development
Answers
B.
Business impact assessment
B.
Business impact assessment
Answers
C.
Scope and plan initiation
C.
Scope and plan initiation
Answers
D.
Plan approval and implementation
D.
Plan approval and implementation
Answers
Suggested answer: A

Question 154

Report
Export
Collapse

SIMULATION

Fill in the blank with an appropriate phrase.________ An is an intensive application of the OPSEC process to an existing operation or activity by a multidiscipline team of experts.

A.
OPSEC assessment
A.
OPSEC assessment
Answers
Suggested answer: A

Question 155

Report
Export
Collapse

Which of the following Acts enacted in United States allows the FBI to issue National Security Letters (NSLs) to Internet service providers (ISPs) ordering them to disclose records about their customers?

A.
Electronic Communications Privacy Act of 1986
A.
Electronic Communications Privacy Act of 1986
Answers
B.
Wiretap Act
B.
Wiretap Act
Answers
C.
Computer Fraud and Abuse Act
C.
Computer Fraud and Abuse Act
Answers
D.
Economic Espionage Act of 1996
D.
Economic Espionage Act of 1996
Answers
Suggested answer: A

Question 156

Report
Export
Collapse

You work as a Product manager for Marioiss Inc. You have been tasked to start a project for securing the network of your company. You want to employ configuration management to efficiently manage the procedures of the project. What will be the benefits of employing configuration management for completing this project? Each correct answer represents a complete solution. Choose all that apply.

A.
It provides object, orient, decide and act strategy.
A.
It provides object, orient, decide and act strategy.
Answers
B.
It provides a live documentation of the project.
B.
It provides a live documentation of the project.
Answers
C.
It provides the risk analysis of project configurations.
C.
It provides the risk analysis of project configurations.
Answers
D.
It provides the versions for network devices.
D.
It provides the versions for network devices.
Answers
Suggested answer: B, D

Question 157

Report
Export
Collapse

You company suspects an employee of sending unauthorized emails to competitors. These emails are alleged to contain confidential company dat a. Which of the following is the most important step for you to take in preserving the chain of custody?

A.
Preserve the email server including all logs.
A.
Preserve the email server including all logs.
Answers
B.
Seize the employee's PC.
B.
Seize the employee's PC.
Answers
C.
Make copies of that employee's email.
C.
Make copies of that employee's email.
Answers
D.
Place spyware on the employee's PC to confirm these activities.
D.
Place spyware on the employee's PC to confirm these activities.
Answers
Suggested answer: A

Question 158

Report
Export
Collapse

Which of the following are the levels of public or commercial data classification system? Each correct answer represents a complete solution. Choose all that apply.

A.
Secret
A.
Secret
Answers
B.
Sensitive
B.
Sensitive
Answers
C.
Unclassified
C.
Unclassified
Answers
D.
Private
D.
Private
Answers
E.
Confidential
E.
Confidential
Answers
F.
Public
F.
Public
Answers
Suggested answer: B, D, E, F

Question 159

Report
Export
Collapse

Which of the following is a formula, practice, process, design, instrument, pattern, or compilation of information which is not generally known, but by which a business can obtain an economic advantage over its competitors?

A.
Utility model
A.
Utility model
Answers
B.
Cookie
B.
Cookie
Answers
C.
Copyright
C.
Copyright
Answers
D.
Trade secret
D.
Trade secret
Answers
Suggested answer: D

Question 160

Report
Export
Collapse

Which of the following backup sites takes the longest recovery time?

A.
Cold site
A.
Cold site
Answers
B.
Hot site
B.
Hot site
Answers
C.
Warm site
C.
Warm site
Answers
D.
Mobile backup site
D.
Mobile backup site
Answers
Suggested answer: A
Total 218 questions
Go to page: of 22
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms