ExamGecko
Login
Home / ISC / CISSP-ISSMP / List of questions
Ask Question

ISC CISSP-ISSMP Practice Test - Questions Answers, Page 2

List of questions

Question 11

Report Export Collapse

Which of the following terms refers to a mechanism which proves that the sender really sent a particular message?

Non-repudiation
Non-repudiation
Confidentiality
Confidentiality
Authentication
Authentication
Integrity
Integrity
Suggested answer: A
asked 18/09/2024
Kaddy Kabuya
52 questions

Question 12

Report Export Collapse

Which of the following characteristics are described by the DIAP Information Readiness Assessment function? Each correct answer represents a complete solution. Choose all that apply.

It performs vulnerability/threat analysis assessment.
It performs vulnerability/threat analysis assessment.
It identifies and generates IA requirements.
It identifies and generates IA requirements.
It provides data needed to accurately assess IA readiness.
It provides data needed to accurately assess IA readiness.
It provides for entry and storage of individual system data.
It provides for entry and storage of individual system data.
Suggested answer: A, B, C
asked 18/09/2024
Owais Mansoor
44 questions

Question 13

Report Export Collapse

Joseph works as a Software Developer for Web Tech Inc. He wants to protect the algorithms and the techniques of programming that he uses in developing an application. Which of the following laws are used to protect a part of software?

Code Security law
Code Security law
Trademark laws
Trademark laws
Copyright laws
Copyright laws
Patent laws
Patent laws
Suggested answer: D
asked 18/09/2024
ftere yagoglu
49 questions

Question 14

Report Export Collapse

Which of the following is the best method to stop vulnerability attacks on a Web server?

Using strong passwords
Using strong passwords
Configuring a firewall
Configuring a firewall
Implementing the latest virus scanner
Implementing the latest virus scanner
Installing service packs and updates
Installing service packs and updates
Suggested answer: D
asked 18/09/2024
ce temp2
50 questions

Question 15

Report Export Collapse

Which of the following is NOT a valid maturity level of the Software Capability Maturity Model (CMM)?

Managed level
Managed level
Defined level
Defined level
Fundamental level
Fundamental level
Repeatable level
Repeatable level
Suggested answer: C
asked 18/09/2024
Tammy Tran
34 questions

Question 16

Report Export Collapse

Which of the following BCP teams is the first responder and deals with the immediate effects of the disaster?

Emergency-management team
Emergency-management team
Damage-assessment team
Damage-assessment team
Off-site storage team
Off-site storage team
Emergency action team
Emergency action team
Suggested answer: D
asked 18/09/2024
Vitalii Lutsenko
37 questions

Question 17

Report Export Collapse

Which of the following security models dictates that subjects can only access objects through applications?

Biba-Clark model
Biba-Clark model
Bell-LaPadula
Bell-LaPadula
Clark-Wilson
Clark-Wilson
Biba model
Biba model
Suggested answer: C
asked 18/09/2024
Garvey Butler
50 questions

Question 18

Report Export Collapse

Which of the following relies on a physical characteristic of the user to verify his identity?

Social Engineering
Social Engineering
Kerberos v5
Kerberos v5
Biometrics
Biometrics
CHAP
CHAP
Suggested answer: C
asked 18/09/2024
Marcos Losa Torviso
56 questions

Question 19

Report Export Collapse

Which of the following types of activities can be audited for security? Each correct answer represents a complete solution. Choose three.

Data downloading from the Internet
Data downloading from the Internet
File and object access
File and object access
Network logons and logoffs
Network logons and logoffs
Printer access
Printer access
Suggested answer: B, C, D
asked 18/09/2024
Daniel Adebayo
47 questions

Question 20

Report Export Collapse

You work as a Network Administrator for ABC Inc. The company uses a secure wireless network. John complains to you that his computer is not working properly. What type of security audit do you need to conduct to resolve the problem?

Operational audit
Operational audit
Dependent audit
Dependent audit
Non-operational audit
Non-operational audit
Independent audit
Independent audit
Suggested answer: D
asked 18/09/2024
Kishen Morar
51 questions
Total 218 questions
Go to page: of 22
Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

Which of the following characteristics are described by the DIAP Information Readiness Assessment function? Each correct answer represents a complete solution. Choose all that apply.
Which of the following statements are true about security risks? Each correct answer represents a complete solution. Choose three.
Change Management is used to ensure that standardized methods and procedures are used for efficient handling of all changes. Who decides the category of a change?
Which of the following statements is related with the second law of OPSEC?
SIMULATION Fill in the blank with the appropriate phrase. ____________ is the ability to record and report on the configuration baselines associated with each configuration item at any moment of time.
Which of the following access control models uses a predefined set of access privileges for an object of a system?
How can you calculate the Annualized Loss Expectancy (ALE) that may occur due to a threat?
SIMULATION Fill in the blank with an appropriate phrase. _______is a branch of forensic science pertaining to legal evidence found in computers and digital storage media.
Which of the following recovery plans includes specific strategies and actions to deal with specific variances to assumptions resulting in a particular security problem, emergency, or state of affairs?
Your project team has identified a project risk that must be responded to. The risk has been recorded in the risk register and the project team has been discussing potential risk responses for the risk event. The event is not likely to happen for several months but the probability of the event is high. Which one of the following is a valid response to the identified risk event?