ExamGecko
Search Search Login
Home Home / ISC / CISSP-ISSMP

ISC CISSP-ISSMP Practice Test - Questions Answers, Page 3

Question list
Search
Search

List of questions

Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

How many change control systems are there in project management?
Which of the following statements is related with the second law of OPSEC?
Your project team has identified a project risk that must be responded to. The risk has been recorded in the risk register and the project team has been discussing potential risk responses for the risk event. The event is not likely to happen for several months but the probability of the event is high. Which one of the following is a valid response to the identified risk event?
Which of the following statutes is enacted in the U.S., which prohibits creditors from collecting data from applicants, such as national origin, caste, religion etc?
You work as the project manager for Bluewell Inc. You are working on NGQQ Project for your company. You have completed the risk analysis processes for the risk events. You and the project team have created risk responses for most of the identified project risks. Which of the following risk response planning techniques will you use to shift the impact of a threat to a third party, together with the responses?
Which of the following liabilities is a third-party liability in which an individual may be responsible for an action by another party?
How can you calculate the Annualized Loss Expectancy (ALE) that may occur due to a threat?
Which of the following architecturally related vulnerabilities is a hardware or software mechanism, which was installed to permit system maintenance and to bypass the system's security protections?
In which of the following contract types, the seller is reimbursed for all allowable costs for performing the contract work and receives a fixed fee payment which is calculated as a percentage of the initial estimated project costs?
SIMULATION Fill in the blank with the appropriate phrase. ____________ is the ability to record and report on the configuration baselines associated with each configuration item at any moment of time.

Question 21

Report
Export
Collapse

Which of the following laws is the first to implement penalties for the creator of viruses, worms, and other types of malicious code that causes harm to the computer systems?

A.
Gramm-Leach-Bliley Act
A.
Gramm-Leach-Bliley Act
Answers
B.
Computer Fraud and Abuse Act
B.
Computer Fraud and Abuse Act
Answers
C.
Computer Security Act
C.
Computer Security Act
Answers
D.
Digital Millennium Copyright Act
D.
Digital Millennium Copyright Act
Answers
Suggested answer: B

Question 22

Report
Export
Collapse

SIMULATION Fill in the blank with an appropriate phrase.________ models address specifications, requirements, and design, verification and validation, and maintenance activities.

A.
Life cycle
A.
Life cycle
Answers
Suggested answer: A

Question 23

Report
Export
Collapse

You are the project manager of the GHE Project. You have identified the following risks with the characteristics as shown in the following figure:

How much capital should the project set aside for the risk contingency reserve?

A.
$142,000
A.
$142,000
Answers
B.
$232,000
B.
$232,000
Answers
C.
$41,750
C.
$41,750
Answers
D.
$23,750
D.
$23,750
Answers
Suggested answer: D

Question 24

Report
Export
Collapse

Which of the following statements about system hardening are true? Each correct answer represents a complete solution. Choose two.

A.
It can be achieved by installing service packs and security updates on a regular basis.
A.
It can be achieved by installing service packs and security updates on a regular basis.
Answers
B.
It is used for securing the computer hardware.
B.
It is used for securing the computer hardware.
Answers
C.
It can be achieved by locking the computer room.
C.
It can be achieved by locking the computer room.
Answers
D.
It is used for securing an operating system.
D.
It is used for securing an operating system.
Answers
Suggested answer: A, D

Question 25

Report
Export
Collapse

Which of the following are the common roles with regard to data in an information classification program? Each correct answer represents a complete solution.

Choose all that apply.

A.
Editor
A.
Editor
Answers
B.
Custodian
B.
Custodian
Answers
C.
Owner
C.
Owner
Answers
D.
Security auditor
D.
Security auditor
Answers
E.
User
E.
User
Answers
Suggested answer: B, C, D, E

Question 26

Report
Export
Collapse

Which of the following processes is described in the statement below? "It is the process of implementing risk response plans, tracking identified risks, monitoring residual risk, identifying new risks, and evaluating risk process effectiveness throughout the project."

A.
Monitor and Control Risks
A.
Monitor and Control Risks
Answers
B.
Identify Risks
B.
Identify Risks
Answers
C.
Perform Qualitative Risk Analysis
C.
Perform Qualitative Risk Analysis
Answers
D.
Perform Quantitative Risk Analysis
D.
Perform Quantitative Risk Analysis
Answers
Suggested answer: A

Question 27

Report
Export
Collapse

Walter is the project manager of a large construction project. He'll be working with several vendors on the project. Vendors will be providing materials and labor for several parts of the project. Some of the works in the project are very dangerous so Walter has implemented safety requirements for all of the vendors and his own project team. Stakeholders for the project have added new requirements, which have caused new risks in the project. A vendor has identified a new risk that could affect the project if it comes into fruition. Walter agrees with the vendor and has updated the risk register and created potential risk responses to mitigate the risk. What should Walter also update in this scenario considering the risk event?

A.
Project contractual relationship with the vendor
A.
Project contractual relationship with the vendor
Answers
B.
Project management plan
B.
Project management plan
Answers
C.
Project communications plan
C.
Project communications plan
Answers
D.
Project scope statement
D.
Project scope statement
Answers
Suggested answer: B

Question 28

Report
Export
Collapse

You are the project manager of the HJK Project for your organization. You and the project team have created risk responses for many of the risk events in the project. Where should you document the proposed responses and the current status of all identified risks?

A.
Risk management plan
A.
Risk management plan
Answers
B.
Lessons learned documentation
B.
Lessons learned documentation
Answers
C.
Risk register
C.
Risk register
Answers
D.
Stakeholder management strategy
D.
Stakeholder management strategy
Answers
Suggested answer: C

Question 29

Report
Export
Collapse

Which of the following security controls will you use for the deployment phase of the SDLC to build secure software? Each correct answer represents a complete solution. Choose all that apply.

A.
Vulnerability Assessment and Penetration Testing
A.
Vulnerability Assessment and Penetration Testing
Answers
B.
Security Certification and Accreditation (C&A)
B.
Security Certification and Accreditation (C&A)
Answers
C.
Change and Configuration Control
C.
Change and Configuration Control
Answers
D.
Risk Adjustments
D.
Risk Adjustments
Answers
Suggested answer: A, B, D

Question 30

Report
Export
Collapse

Which of the following can be prevented by an organization using job rotation and separation of duties policies?

A.
Collusion
A.
Collusion
Answers
B.
Eavesdropping
B.
Eavesdropping
Answers
C.
Buffer overflow
C.
Buffer overflow
Answers
D.
Phishing
D.
Phishing
Answers
Suggested answer: A
Total 218 questions
Go to page: of 22
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms