ExamGecko
Search Search Login
Home Home / ISC / CISSP-ISSMP

ISC CISSP-ISSMP Practice Test - Questions Answers, Page 18

Question list
Search
Search

List of questions

Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

Which of the following statements is related with the second law of OPSEC?
How many change control systems are there in project management?
Your project team has identified a project risk that must be responded to. The risk has been recorded in the risk register and the project team has been discussing potential risk responses for the risk event. The event is not likely to happen for several months but the probability of the event is high. Which one of the following is a valid response to the identified risk event?
Which of the following statutes is enacted in the U.S., which prohibits creditors from collecting data from applicants, such as national origin, caste, religion etc?
You work as the project manager for Bluewell Inc. You are working on NGQQ Project for your company. You have completed the risk analysis processes for the risk events. You and the project team have created risk responses for most of the identified project risks. Which of the following risk response planning techniques will you use to shift the impact of a threat to a third party, together with the responses?
Which of the following liabilities is a third-party liability in which an individual may be responsible for an action by another party?
In which of the following contract types, the seller is reimbursed for all allowable costs for performing the contract work and receives a fixed fee payment which is calculated as a percentage of the initial estimated project costs?
How can you calculate the Annualized Loss Expectancy (ALE) that may occur due to a threat?
Which of the following architecturally related vulnerabilities is a hardware or software mechanism, which was installed to permit system maintenance and to bypass the system's security protections?
SIMULATION Fill in the blank with the appropriate phrase. ____________ is the ability to record and report on the configuration baselines associated with each configuration item at any moment of time.

Question 171

Report
Export
Collapse

NIST Special Publication 800-50 is a security awareness program. It is designed for those people who are currently working in the information technology field and want information on security policies. Which of the following are some of its critical steps? Each correct answer represents a complete solution. Choose two.

A.
Awareness and Training Material Effectiveness
A.
Awareness and Training Material Effectiveness
Answers
B.
Awareness and Training Material Development
B.
Awareness and Training Material Development
Answers
C.
Awareness and Training Material Implementation
C.
Awareness and Training Material Implementation
Answers
D.
Awareness and Training Program Design
D.
Awareness and Training Program Design
Answers
Suggested answer: B, D

Question 172

Report
Export
Collapse

You are the program manager for your project. You are working with the project managers regarding the procurement processes for their projects. You have ruled out one particular contract type because it is considered too risky for the program. Which one of the following contract types is usually considered to be the most dangerous for the buyer?

A.
Cost plus incentive fee
A.
Cost plus incentive fee
Answers
B.
Fixed fee
B.
Fixed fee
Answers
C.
Cost plus percentage of costs
C.
Cost plus percentage of costs
Answers
D.
Time and materials
D.
Time and materials
Answers
Suggested answer: C

Question 173

Report
Export
Collapse

You are the Network Administrator for a college. You watch a large number of people (some not even students) going in and out of areas with campus computers (libraries, computer labs, etc.). You have had a problem with laptops being stolen. What is the most cost effective method to prevent this?

A.
Video surveillance on all areas with computers.
A.
Video surveillance on all areas with computers.
Answers
B.
Use laptop locks.
B.
Use laptop locks.
Answers
C.
Appoint a security guard.
C.
Appoint a security guard.
Answers
D.
Smart card access to all areas with computers.
D.
Smart card access to all areas with computers.
Answers
Suggested answer: B

Question 174

Report
Export
Collapse

Shoulder surfing is a type of in-person attack in which the attacker gathers information about the premises of an organization. This attack is often performed by looking surreptitiously at the keyboard of an employee's computer while he is typing in his password at any access point such as a terminal/Web site. Which of the following is violated in a shoulder surfing attack?

A.
Availability
A.
Availability
Answers
B.
Confidentiality
B.
Confidentiality
Answers
C.
Integrity
C.
Integrity
Answers
D.
Authenticity
D.
Authenticity
Answers
Suggested answer: B

Question 175

Report
Export
Collapse

Which of the following plans provides procedures for recovering business operations immediately following a disaster?

A.
Disaster recovery plan
A.
Disaster recovery plan
Answers
B.
Business continuity plan
B.
Business continuity plan
Answers
C.
Continuity of operation plan
C.
Continuity of operation plan
Answers
D.
Business recovery plan
D.
Business recovery plan
Answers
Suggested answer: D

Question 176

Report
Export
Collapse

In which of the following contract types, the seller is reimbursed for all allowable costs for performing the contract work and receives a fixed fee payment which is calculated as a percentage of the initial estimated project costs?

A.
Firm Fixed Price Contracts
A.
Firm Fixed Price Contracts
Answers
B.
Cost Plus Fixed Fee Contracts
B.
Cost Plus Fixed Fee Contracts
Answers
C.
Fixed Price Incentive Fee Contracts
C.
Fixed Price Incentive Fee Contracts
Answers
D.
Cost Plus Incentive Fee Contracts
D.
Cost Plus Incentive Fee Contracts
Answers
Suggested answer: B

Question 177

Report
Export
Collapse

Which of the following types of cyber stalking damage the reputation of their victim and turn other people against them by setting up their own Websites, blogs or user pages for this purpose?

A.
Encouraging others to harass the victim
A.
Encouraging others to harass the victim
Answers
B.
False accusations
B.
False accusations
Answers
C.
Attempts to gather information about the victim
C.
Attempts to gather information about the victim
Answers
D.
False victimization
D.
False victimization
Answers
Suggested answer: B

Question 178

Report
Export
Collapse

Which of the following processes is a structured approach to transitioning individuals, teams, and organizations from a current state to a desired future state?

A.
Risk management
A.
Risk management
Answers
B.
Configuration management
B.
Configuration management
Answers
C.
Change management
C.
Change management
Answers
D.
Procurement management
D.
Procurement management
Answers
Suggested answer: C

Question 179

Report
Export
Collapse

Mark is the project manager of the NHQ project in Spartech Inc. The project has an asset valued at $195,000 and is subjected to an exposure factor of 35 percent. What will be the Single Loss Expectancy of the project?

A.
$92,600
A.
$92,600
Answers
B.
$67,250
B.
$67,250
Answers
C.
$68,250
C.
$68,250
Answers
D.
$72,650
D.
$72,650
Answers
Suggested answer: C

Question 180

Report
Export
Collapse

Which of the following is the default port for Secure Shell (SSH)?

A.
UDP port 161
A.
UDP port 161
Answers
B.
TCP port 22
B.
TCP port 22
Answers
C.
UDP port 138
C.
UDP port 138
Answers
D.
TCP port 443
D.
TCP port 443
Answers
Suggested answer: B
Total 218 questions
Go to page: of 22
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms