ExamGecko
Search Search Login
Home Home / ISC / CISSP-ISSMP

ISC CISSP-ISSMP Practice Test - Questions Answers, Page 22

Question list
Search
Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

How many change control systems are there in project management?
Which of the following statements is related with the second law of OPSEC?
Your project team has identified a project risk that must be responded to. The risk has been recorded in the risk register and the project team has been discussing potential risk responses for the risk event. The event is not likely to happen for several months but the probability of the event is high. Which one of the following is a valid response to the identified risk event?
Which of the following statutes is enacted in the U.S., which prohibits creditors from collecting data from applicants, such as national origin, caste, religion etc?
You work as the project manager for Bluewell Inc. You are working on NGQQ Project for your company. You have completed the risk analysis processes for the risk events. You and the project team have created risk responses for most of the identified project risks. Which of the following risk response planning techniques will you use to shift the impact of a threat to a third party, together with the responses?
Which of the following liabilities is a third-party liability in which an individual may be responsible for an action by another party?
In which of the following contract types, the seller is reimbursed for all allowable costs for performing the contract work and receives a fixed fee payment which is calculated as a percentage of the initial estimated project costs?
How can you calculate the Annualized Loss Expectancy (ALE) that may occur due to a threat?
Which of the following architecturally related vulnerabilities is a hardware or software mechanism, which was installed to permit system maintenance and to bypass the system's security protections?
SIMULATION Fill in the blank with the appropriate phrase. ____________ is the ability to record and report on the configuration baselines associated with each configuration item at any moment of time.

Question 211

Report
Export
Collapse

Sarah has created a site on which she publishes a copyrighted material. She is ignorant that she is infringing copyright. Is she guilty under copyright laws?

A.
No
A.
No
Answers
B.
Yes
B.
Yes
Answers
Suggested answer: B

Question 212

Report
Export
Collapse

Which of the following models uses a directed graph to specify the rights that a subject can transfer to an object or that a subject can take from another subject?

A.
Take-Grant Protection Model
A.
Take-Grant Protection Model
Answers
B.
Bell-LaPadula Model
B.
Bell-LaPadula Model
Answers
C.
Biba Integrity Model
C.
Biba Integrity Model
Answers
D.
Access Matrix
D.
Access Matrix
Answers
Suggested answer: A

Question 213

Report
Export
Collapse

Which of the following plans is designed to protect critical business processes from natural or man-made failures or disasters and the resultant loss of capital due to the unavailability of normal business processes?

A.
Business continuity plan
A.
Business continuity plan
Answers
B.
Crisis communication plan
B.
Crisis communication plan
Answers
C.
Contingency plan
C.
Contingency plan
Answers
D.
Disaster recovery plan
D.
Disaster recovery plan
Answers
Suggested answer: A

Question 214

Report
Export
Collapse

Which of the following concepts represent the three fundamental principles of information security? Each correct answer represents a complete solution. Choose three.

A.
Confidentiality
A.
Confidentiality
Answers
B.
Integrity
B.
Integrity
Answers
C.
Availability
C.
Availability
Answers
D.
Privacy
D.
Privacy
Answers
Suggested answer: A, B, C

Question 215

Report
Export
Collapse

Which of the following can be done over telephone lines, e-mail, instant messaging, and any other method of communication considered private.

A.
Shielding
A.
Shielding
Answers
B.
Spoofing
B.
Spoofing
Answers
C.
Eavesdropping
C.
Eavesdropping
Answers
D.
Packaging
D.
Packaging
Answers
Suggested answer: C

Question 216

Report
Export
Collapse

You work as the Senior Project manager in Dotcoiss Inc. Your company has started a software project using configuration management and has completed 70%of it. You need to ensure that the network infrastructure devices and networking standards used in this project are installed in accordance with the requirements of its detailed project design documentation. Which of the following procedures will you employ to accomplish the task?

A.
Configuration identification
A.
Configuration identification
Answers
B.
Physical configuration audit
B.
Physical configuration audit
Answers
C.
Configuration control
C.
Configuration control
Answers
D.
Functional configuration audit
D.
Functional configuration audit
Answers
Suggested answer: B

Question 217

Report
Export
Collapse

In which of the following mechanisms does an authority, within limitations, specify what objects can be accessed by a subject?

A.
Role-Based Access Control
A.
Role-Based Access Control
Answers
B.
Discretionary Access Control
B.
Discretionary Access Control
Answers
C.
Task-based Access Control
C.
Task-based Access Control
Answers
D.
Mandatory Access Control
D.
Mandatory Access Control
Answers
Suggested answer: B

Question 218

Report
Export
Collapse

Which of the following access control models are used in the commercial sector? Each correct answer represents a complete solution. Choose two.

A.
Clark-Biba model
A.
Clark-Biba model
Answers
B.
Clark-Wilson model
B.
Clark-Wilson model
Answers
C.
Bell-LaPadula model
C.
Bell-LaPadula model
Answers
D.
Biba model
D.
Biba model
Answers
Suggested answer: B, D

Explanation:


Total 218 questions
Go to page: of 22
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms