ExamGecko
Search Search Login
Home Home / ISC / CISSP-ISSMP

ISC CISSP-ISSMP Practice Test - Questions Answers, Page 20

Question list
Search
Search

List of questions

Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

Which of the following statements is related with the second law of OPSEC?
How many change control systems are there in project management?
Your project team has identified a project risk that must be responded to. The risk has been recorded in the risk register and the project team has been discussing potential risk responses for the risk event. The event is not likely to happen for several months but the probability of the event is high. Which one of the following is a valid response to the identified risk event?
Which of the following statutes is enacted in the U.S., which prohibits creditors from collecting data from applicants, such as national origin, caste, religion etc?
You work as the project manager for Bluewell Inc. You are working on NGQQ Project for your company. You have completed the risk analysis processes for the risk events. You and the project team have created risk responses for most of the identified project risks. Which of the following risk response planning techniques will you use to shift the impact of a threat to a third party, together with the responses?
Which of the following liabilities is a third-party liability in which an individual may be responsible for an action by another party?
In which of the following contract types, the seller is reimbursed for all allowable costs for performing the contract work and receives a fixed fee payment which is calculated as a percentage of the initial estimated project costs?
How can you calculate the Annualized Loss Expectancy (ALE) that may occur due to a threat?
Which of the following architecturally related vulnerabilities is a hardware or software mechanism, which was installed to permit system maintenance and to bypass the system's security protections?
SIMULATION Fill in the blank with the appropriate phrase. ____________ is the ability to record and report on the configuration baselines associated with each configuration item at any moment of time.

Question 191

Report
Export
Collapse

Which of the following liabilities is a third-party liability in which an individual may be responsible for an action by another party?

A.
Relational liability
A.
Relational liability
Answers
B.
Engaged liability
B.
Engaged liability
Answers
C.
Contributory liability
C.
Contributory liability
Answers
D.
Vicarious liability
D.
Vicarious liability
Answers
Suggested answer: D

Question 192

Report
Export
Collapse

Which of the following measurements of an enterprise's security state is the process whereby an organization establishes the parameters within which programs, investments, and acquisitions reach the desired results?

A.
Information sharing
A.
Information sharing
Answers
B.
Ethics
B.
Ethics
Answers
C.
Performance measurement
C.
Performance measurement
Answers
D.
Risk management
D.
Risk management
Answers
Suggested answer: C

Question 193

Report
Export
Collapse

You are the Network Administrator for a software company. Due to the nature of your company's business, you have a significant number of highly computer savvy users. However, you have still decided to limit each user access to only those resources required for their job, rather than give wider access to the technical users (such as tech support and software engineering personnel). What is this an example of?

A.
The principle of maximum control.
A.
The principle of maximum control.
Answers
B.
The principle of least privileges.
B.
The principle of least privileges.
Answers
C.
Proper use of an ACL.
C.
Proper use of an ACL.
Answers
D.
Poor resource management.
D.
Poor resource management.
Answers
Suggested answer: B

Question 194

Report
Export
Collapse

Which of the following are examples of administrative controls that involve all levels of employees within an organization and determine which users have access to what resources and information? Each correct answer represents a complete solution. Choose three.

A.
Employee registration and accounting
A.
Employee registration and accounting
Answers
B.
Disaster preparedness and recovery plans
B.
Disaster preparedness and recovery plans
Answers
C.
Network authentication
C.
Network authentication
Answers
D.
Training and awareness
D.
Training and awareness
Answers
E.
Encryption
E.
Encryption
Answers
Suggested answer: A, B, D

Question 195

Report
Export
Collapse

Which of the following processes provides a standard set of activities, general tasks, and a management structure to certify and accredit systems, which maintain the information assurance and the security posture of a system or site?

A.
NSA-IAM
A.
NSA-IAM
Answers
B.
DITSCAP
B.
DITSCAP
Answers
C.
ASSET
C.
ASSET
Answers
D.
NIACAP
D.
NIACAP
Answers
Suggested answer: D

Question 196

Report
Export
Collapse

Which of the following governance bodies provides management, operational and technical controls to satisfy security requirements?

A.
Senior Management
A.
Senior Management
Answers
B.
Business Unit Manager
B.
Business Unit Manager
Answers
C.
Information Security Steering Committee
C.
Information Security Steering Committee
Answers
D.
Chief Information Security Officer
D.
Chief Information Security Officer
Answers
Suggested answer: A

Question 197

Report
Export
Collapse

Which of the following divisions of the Trusted Computer System Evaluation Criteria (TCSEC) is based on the Mandatory Access Control (MAC) policy?

A.
Division A
A.
Division A
Answers
B.
Division D
B.
Division D
Answers
C.
Division B
C.
Division B
Answers
D.
Division C
D.
Division C
Answers
Suggested answer: C

Question 198

Report
Export
Collapse

Which of the following sites are similar to the hot site facilities, with the exception that they are completely dedicated, self-developed recovery facilities?

A.
Cold sites
A.
Cold sites
Answers
B.
Orange sites
B.
Orange sites
Answers
C.
Warm sites
C.
Warm sites
Answers
D.
Duplicate processing facilities
D.
Duplicate processing facilities
Answers
Suggested answer: D

Question 199

Report
Export
Collapse

Which of the following plans is documented and organized for emergency response, backup operations, and recovery maintained by an activity as part of its security program that will ensure the availability of critical resources and facilitates the continuity of operations in an emergency situation?

A.
Disaster Recovery Plan
A.
Disaster Recovery Plan
Answers
B.
Contingency Plan
B.
Contingency Plan
Answers
C.
Continuity Of Operations Plan
C.
Continuity Of Operations Plan
Answers
D.
Business Continuity Plan
D.
Business Continuity Plan
Answers
Suggested answer: B

Question 200

Report
Export
Collapse

Tomas is the project manager of the QWS Project and is worried that the project stakeholders will want to change the project scope frequently. His fear is based on the many open issues in the project and how the resolution of the issues may lead to additional project changes. On what document are Tomas and the stakeholders working in this scenario?

A.
Communications management plan
A.
Communications management plan
Answers
B.
Change management plan
B.
Change management plan
Answers
C.
Issue log
C.
Issue log
Answers
D.
Risk management plan
D.
Risk management plan
Answers
Suggested answer: B
Total 218 questions
Go to page: of 22
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms