ExamGecko
Search Search Login
Home Home / ISC / CISSP-ISSMP

ISC CISSP-ISSMP Practice Test - Questions Answers, Page 19

Question list
Search
Search

List of questions

Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

Which of the following statements is related with the second law of OPSEC?
How many change control systems are there in project management?
Your project team has identified a project risk that must be responded to. The risk has been recorded in the risk register and the project team has been discussing potential risk responses for the risk event. The event is not likely to happen for several months but the probability of the event is high. Which one of the following is a valid response to the identified risk event?
Which of the following statutes is enacted in the U.S., which prohibits creditors from collecting data from applicants, such as national origin, caste, religion etc?
You work as the project manager for Bluewell Inc. You are working on NGQQ Project for your company. You have completed the risk analysis processes for the risk events. You and the project team have created risk responses for most of the identified project risks. Which of the following risk response planning techniques will you use to shift the impact of a threat to a third party, together with the responses?
Which of the following liabilities is a third-party liability in which an individual may be responsible for an action by another party?
In which of the following contract types, the seller is reimbursed for all allowable costs for performing the contract work and receives a fixed fee payment which is calculated as a percentage of the initial estimated project costs?
How can you calculate the Annualized Loss Expectancy (ALE) that may occur due to a threat?
Which of the following architecturally related vulnerabilities is a hardware or software mechanism, which was installed to permit system maintenance and to bypass the system's security protections?
SIMULATION Fill in the blank with the appropriate phrase. ____________ is the ability to record and report on the configuration baselines associated with each configuration item at any moment of time.

Question 181

Report
Export
Collapse

Which of the following is used to back up forensic evidences or data folders from the network or locally attached hard disk drives?

A.
WinHex
A.
WinHex
Answers
B.
Vedit
B.
Vedit
Answers
C.
Device Seizure
C.
Device Seizure
Answers
D.
FAR system
D.
FAR system
Answers
Suggested answer: D

Question 182

Report
Export
Collapse

You work as a security manager for SoftTech Inc. You along with your team are doing the disaster recovery for your project. Which of the following steps are performed by you for secure recovery based on the extent of the disaster and the organization's recovery ability? Each correct answer represents a part of the solution. Choose three.

A.
Recover to an alternate site for critical functions
A.
Recover to an alternate site for critical functions
Answers
B.
Restore full system at an alternate operating site
B.
Restore full system at an alternate operating site
Answers
C.
Restore full system after a catastrophic loss
C.
Restore full system after a catastrophic loss
Answers
D.
Recover at the primary operating site
D.
Recover at the primary operating site
Answers
Suggested answer: A, C, D

Question 183

Report
Export
Collapse

DIACAP applies to the acquisition, operation, and sustainment of any DoD system that collects, stores, transmits, or processes unclassified or classified information since December 1997. What phases are identified by DIACAP? Each correct answer represents a complete solution. Choose all that apply.

A.
System Definition
A.
System Definition
Answers
B.
Accreditation
B.
Accreditation
Answers
C.
Verification
C.
Verification
Answers
D.
Re-Accreditation
D.
Re-Accreditation
Answers
E.
Validation
E.
Validation
Answers
F.
Identification
F.
Identification
Answers
Suggested answer: A, C, D, E

Question 184

Report
Export
Collapse

Management has asked you to perform a risk audit and report back on the results. Bonny, a project team member asks you what a risk audit is. What do you tell

Bonny?

A.
A risk audit is a review of all the risks that have yet to occur and what their probability of happening are.
A.
A risk audit is a review of all the risks that have yet to occur and what their probability of happening are.
Answers
B.
A risk audit is a review of the effectiveness of the risk responses in dealing with identified risks and their root causes, as well as the effectiveness of the risk management process.
B.
A risk audit is a review of the effectiveness of the risk responses in dealing with identified risks and their root causes, as well as the effectiveness of the risk management process.
Answers
C.
A risk audit is a review of all the risk probability and impact for the risks, which are still present in the project but which have not yet occurred.
C.
A risk audit is a review of all the risk probability and impact for the risks, which are still present in the project but which have not yet occurred.
Answers
D.
A risk audit is an audit of all the risks that have occurred in the project and what their true impact on cost and time has been.
D.
A risk audit is an audit of all the risks that have occurred in the project and what their true impact on cost and time has been.
Answers
Suggested answer: B

Question 185

Report
Export
Collapse

Which of the following steps are generally followed in computer forensic examinations? Each correct answer represents a complete solution. Choose three.

A.
Acquire
A.
Acquire
Answers
B.
Analyze
B.
Analyze
Answers
C.
Authenticate
C.
Authenticate
Answers
D.
Encrypt
D.
Encrypt
Answers
Suggested answer: A, B, C

Question 186

Report
Export
Collapse

Which of the following methods can be helpful to eliminate social engineering threat? Each correct answer represents a complete solution. Choose three.

A.
Password policies
A.
Password policies
Answers
B.
Vulnerability assessments
B.
Vulnerability assessments
Answers
C.
Data encryption
C.
Data encryption
Answers
D.
Data classification
D.
Data classification
Answers
Suggested answer: A, B, D

Question 187

Report
Export
Collapse

You work as a security manager for SoftTech Inc. You are conducting a security awareness campaign for your employees. Which of the following ideas will you consider the best when conducting a security awareness campaign?

A.
Target system administrators and the help desk.
A.
Target system administrators and the help desk.
Answers
B.
Provide technical details on exploits.
B.
Provide technical details on exploits.
Answers
C.
Provide customized messages for different groups.
C.
Provide customized messages for different groups.
Answers
D.
Target senior managers and business process owners.
D.
Target senior managers and business process owners.
Answers
Suggested answer: C

Question 188

Report
Export
Collapse

Which of the following 'Code of Ethics Canons' of the '(ISC)2 Code of Ethics' states to act honorably, honestly, justly, responsibly and legally?

A.
Second Code of Ethics Canons
A.
Second Code of Ethics Canons
Answers
B.
Fourth Code of Ethics Canons
B.
Fourth Code of Ethics Canons
Answers
C.
First Code of Ethics Canons
C.
First Code of Ethics Canons
Answers
D.
Third Code of Ethics Canons
D.
Third Code of Ethics Canons
Answers
Suggested answer: A

Question 189

Report
Export
Collapse

Which of the following rated systems of the Orange book has mandatory protection of the TCB?

A.
B-rated
A.
B-rated
Answers
B.
C-rated
B.
C-rated
Answers
C.
D-rated
C.
D-rated
Answers
D.
A-rated
D.
A-rated
Answers
Suggested answer: A

Question 190

Report
Export
Collapse

Which of the following SDLC phases consists of the given security controls. Misuse Case Modeling Security Design and Architecture Review Threat and Risk

Modeling Security Requirements and Test Cases Generation

A.
Design
A.
Design
Answers
B.
Maintenance
B.
Maintenance
Answers
C.
Deployment
C.
Deployment
Answers
D.
Requirements Gathering
D.
Requirements Gathering
Answers
Suggested answer: A
Total 218 questions
Go to page: of 22
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms