ExamGecko
Search Search Login
Home Home / ISC / CISSP-ISSMP

ISC CISSP-ISSMP Practice Test - Questions Answers, Page 17

Question list
Search
Search

List of questions

Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

Which of the following statements is related with the second law of OPSEC?
How many change control systems are there in project management?
Your project team has identified a project risk that must be responded to. The risk has been recorded in the risk register and the project team has been discussing potential risk responses for the risk event. The event is not likely to happen for several months but the probability of the event is high. Which one of the following is a valid response to the identified risk event?
Which of the following statutes is enacted in the U.S., which prohibits creditors from collecting data from applicants, such as national origin, caste, religion etc?
You work as the project manager for Bluewell Inc. You are working on NGQQ Project for your company. You have completed the risk analysis processes for the risk events. You and the project team have created risk responses for most of the identified project risks. Which of the following risk response planning techniques will you use to shift the impact of a threat to a third party, together with the responses?
Which of the following liabilities is a third-party liability in which an individual may be responsible for an action by another party?
In which of the following contract types, the seller is reimbursed for all allowable costs for performing the contract work and receives a fixed fee payment which is calculated as a percentage of the initial estimated project costs?
How can you calculate the Annualized Loss Expectancy (ALE) that may occur due to a threat?
Which of the following architecturally related vulnerabilities is a hardware or software mechanism, which was installed to permit system maintenance and to bypass the system's security protections?
SIMULATION Fill in the blank with the appropriate phrase. ____________ is the ability to record and report on the configuration baselines associated with each configuration item at any moment of time.

Question 161

Report
Export
Collapse

John works as a security manager for Soft Tech Inc. He is working with his team on the disaster recovery management plan. One of his team members has a doubt related to the most cost effective DRP testing plan. According to you, which of the following disaster recovery testing plans is the most cost-effective and efficient way to identify areas of overlap in the plan before conducting more demanding training exercises?

A.
Full-scale exercise
A.
Full-scale exercise
Answers
B.
Walk-through drill
B.
Walk-through drill
Answers
C.
Evacuation drill
C.
Evacuation drill
Answers
D.
Structured walk-through test
D.
Structured walk-through test
Answers
Suggested answer: D

Question 162

Report
Export
Collapse

The incident response team has turned the evidence over to the forensic team. Now, it is the time to begin looking for the ways to improve the incident response process for next time. What are the typical areas for improvement? Each correct answer represents a complete solution. Choose all that apply.

A.
Information dissemination policy
A.
Information dissemination policy
Answers
B.
Electronic monitoring statement
B.
Electronic monitoring statement
Answers
C.
Additional personnel security controls
C.
Additional personnel security controls
Answers
D.
Incident response plan
D.
Incident response plan
Answers
Suggested answer: A, B, C, D

Question 163

Report
Export
Collapse

Which of the following attacks can be mitigated by providing proper training to the employees in an organization?

A.
Social engineering
A.
Social engineering
Answers
B.
Smurf
B.
Smurf
Answers
C.
Denial-of-Service
C.
Denial-of-Service
Answers
D.
Man-in-the-middle
D.
Man-in-the-middle
Answers
Suggested answer: A

Question 164

Report
Export
Collapse

Which of the following is the default port for Simple Network Management Protocol (SNMP)?

A.
TCP port 80
A.
TCP port 80
Answers
B.
TCP port 25
B.
TCP port 25
Answers
C.
UDP port 161
C.
UDP port 161
Answers
D.
TCP port 110
D.
TCP port 110
Answers
Suggested answer: C

Question 165

Report
Export
Collapse

Which of the following is a variant with regard to Configuration Management?

A.
A CI that has the same name as another CI but shares no relationship.
A.
A CI that has the same name as another CI but shares no relationship.
Answers
B.
A CI that particularly refers to a hardware specification.
B.
A CI that particularly refers to a hardware specification.
Answers
C.
A CI that has the same essential functionality as another CI but a bit different in some small manner.
C.
A CI that has the same essential functionality as another CI but a bit different in some small manner.
Answers
D.
A CI that particularly refers to a software version.
D.
A CI that particularly refers to a software version.
Answers
Suggested answer: C

Question 166

Report
Export
Collapse

You work as a Forensic Investigator. Which of the following rules will you follow while working on a case? Each correct answer represents a part of the solution.

Choose all that apply.

A.
Prepare a chain of custody and handle the evidence carefully.
A.
Prepare a chain of custody and handle the evidence carefully.
Answers
B.
Examine original evidence and never rely on the duplicate evidence.
B.
Examine original evidence and never rely on the duplicate evidence.
Answers
C.
Never exceed the knowledge base of the forensic investigation.
C.
Never exceed the knowledge base of the forensic investigation.
Answers
D.
Follow the rules of evidence and never temper with the evidence.
D.
Follow the rules of evidence and never temper with the evidence.
Answers
Suggested answer: A, B, C, D

Question 167

Report
Export
Collapse

Which of the following are the responsibilities of a custodian with regard to data in an information classification program? Each correct answer represents a complete solution. Choose three.

A.
Determining what level of classification the information requires
A.
Determining what level of classification the information requires
Answers
B.
Running regular backups and routinely testing the validity of the backup data
B.
Running regular backups and routinely testing the validity of the backup data
Answers
C.
Controlling access, adding and removing privileges for individual users
C.
Controlling access, adding and removing privileges for individual users
Answers
D.
Performing data restoration from the backups when necessary
D.
Performing data restoration from the backups when necessary
Answers
Suggested answer: B, C, D

Question 168

Report
Export
Collapse

Which of the following statements about Hypertext Transfer Protocol Secure (HTTPS) are true? Each correct answer represents a complete solution. Choose two.

A.
It uses TCP port 80 as the default port.
A.
It uses TCP port 80 as the default port.
Answers
B.
It is a protocol used in the Universal Resource Locater (URL) address line to connect to a secure site.
B.
It is a protocol used in the Universal Resource Locater (URL) address line to connect to a secure site.
Answers
C.
It uses TCP port 443 as the default port.
C.
It uses TCP port 443 as the default port.
Answers
D.
It is a protocol used to provide security for a database server in an internal network.
D.
It is a protocol used to provide security for a database server in an internal network.
Answers
Suggested answer: B, C

Question 169

Report
Export
Collapse

John is a black hat hacker. FBI arrested him while performing some email scams. Under which of the following US laws will john be charged?

A.
18 U.S.C. 1362
A.
18 U.S.C. 1362
Answers
B.
18 U.S.C. 1030
B.
18 U.S.C. 1030
Answers
C.
18 U.S.C. 2701
C.
18 U.S.C. 2701
Answers
D.
18 U.S.C. 2510
D.
18 U.S.C. 2510
Answers
Suggested answer: B

Question 170

Report
Export
Collapse

Which of the following statements are true about a hot site? Each correct answer represents a complete solution. Choose all that apply.

A.
It can be used within an hour for data recovery.
A.
It can be used within an hour for data recovery.
Answers
B.
It is cheaper than a cold site but more expensive than a worm site.
B.
It is cheaper than a cold site but more expensive than a worm site.
Answers
C.
It is the most inexpensive backup site.
C.
It is the most inexpensive backup site.
Answers
D.
It is a duplicate of the original site of the organization, with full computer systems as well as near-complete backups of user data.
D.
It is a duplicate of the original site of the organization, with full computer systems as well as near-complete backups of user data.
Answers
Suggested answer: A, D
Total 218 questions
Go to page: of 22
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms