ExamGecko
Search Search Login
Home Home / ISC / CISSP-ISSMP

ISC CISSP-ISSMP Practice Test - Questions Answers, Page 4

Question list
Search
Search

List of questions

Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

How many change control systems are there in project management?
Which of the following statements is related with the second law of OPSEC?
Your project team has identified a project risk that must be responded to. The risk has been recorded in the risk register and the project team has been discussing potential risk responses for the risk event. The event is not likely to happen for several months but the probability of the event is high. Which one of the following is a valid response to the identified risk event?
Which of the following statutes is enacted in the U.S., which prohibits creditors from collecting data from applicants, such as national origin, caste, religion etc?
Which of the following liabilities is a third-party liability in which an individual may be responsible for an action by another party?
Which of the following architecturally related vulnerabilities is a hardware or software mechanism, which was installed to permit system maintenance and to bypass the system's security protections?
You work as the project manager for Bluewell Inc. You are working on NGQQ Project for your company. You have completed the risk analysis processes for the risk events. You and the project team have created risk responses for most of the identified project risks. Which of the following risk response planning techniques will you use to shift the impact of a threat to a third party, together with the responses?
In which of the following contract types, the seller is reimbursed for all allowable costs for performing the contract work and receives a fixed fee payment which is calculated as a percentage of the initial estimated project costs?
How can you calculate the Annualized Loss Expectancy (ALE) that may occur due to a threat?
SIMULATION Fill in the blank with the appropriate phrase. ____________ is the ability to record and report on the configuration baselines associated with each configuration item at any moment of time.

Question 31

Report
Export
Collapse

Peter works as a Computer Hacking Forensic Investigator. He has been called by an organization to conduct a seminar to give necessary information related to sexual harassment within the work place. Peter started with the definition and types of sexual harassment. He then wants to convey that it is important that records of the sexual harassment incidents should be maintained, which helps in further legal prosecution. Which of the following data should be recorded in this documentation? Each correct answer represents a complete solution. Choose all that apply.

A.
Names of the victims
A.
Names of the victims
Answers
B.
Location of each incident
B.
Location of each incident
Answers
C.
Nature of harassment
C.
Nature of harassment
Answers
D.
Date and time of incident
D.
Date and time of incident
Answers
Suggested answer: A, B, D

Question 32

Report
Export
Collapse

Which of the following types of evidence is considered as the best evidence?

A.
A copy of the original document
A.
A copy of the original document
Answers
B.
Information gathered through the witness's senses
B.
Information gathered through the witness's senses
Answers
C.
The original document
C.
The original document
Answers
D.
A computer-generated record
D.
A computer-generated record
Answers
Suggested answer: C

Question 33

Report
Export
Collapse

What are the purposes of audit records on an information system? Each correct answer represents a complete solution. Choose two.

A.
Troubleshooting
A.
Troubleshooting
Answers
B.
Investigation
B.
Investigation
Answers
C.
Upgradation
C.
Upgradation
Answers
D.
Backup
D.
Backup
Answers
Suggested answer: A, B

Question 34

Report
Export
Collapse

Which of the following refers to an information security document that is used in the United States Department of Defense (DoD) to describe and accredit networks and systems?

A.
SSAA
A.
SSAA
Answers
B.
FITSAF
B.
FITSAF
Answers
C.
FIPS
C.
FIPS
Answers
D.
TCSEC
D.
TCSEC
Answers
Suggested answer: A

Question 35

Report
Export
Collapse

Which of the following analysis provides a foundation for measuring investment of time, money and human resources required to achieve a particular outcome?

A.
Vulnerability analysis
A.
Vulnerability analysis
Answers
B.
Cost-benefit analysis
B.
Cost-benefit analysis
Answers
C.
Gap analysis
C.
Gap analysis
Answers
D.
Requirement analysis
D.
Requirement analysis
Answers
Suggested answer: C

Question 36

Report
Export
Collapse

A contract cannot have provisions for which one of the following?

A.
Subcontracting the work
A.
Subcontracting the work
Answers
B.
Penalties and fines for disclosure of intellectual rights
B.
Penalties and fines for disclosure of intellectual rights
Answers
C.
A deadline for the completion of the work
C.
A deadline for the completion of the work
Answers
D.
Illegal activities
D.
Illegal activities
Answers
Suggested answer: D

Question 37

Report
Export
Collapse

Your company is covered under a liability insurance policy, which provides various liability coverage for information security risks, including any physical damage of assets, hacking attacks, etc. Which of the following risk management techniques is your company using?

A.
Risk mitigation
A.
Risk mitigation
Answers
B.
Risk transfer
B.
Risk transfer
Answers
C.
Risk acceptance
C.
Risk acceptance
Answers
D.
Risk avoidance
D.
Risk avoidance
Answers
Suggested answer: B

Question 38

Report
Export
Collapse

You work as a security manager for SoftTech Inc. You are conducting a security awareness campaign for your employees. One of the employees of your organization asks you the purpose of the security awareness, training and education program. What will be your answer?

A.
It improves the possibility for career advancement of the IT staff.
A.
It improves the possibility for career advancement of the IT staff.
Answers
B.
It improves the security of vendor relations.
B.
It improves the security of vendor relations.
Answers
C.
It improves the performance of a company's intranet.
C.
It improves the performance of a company's intranet.
Answers
D.
It improves awareness of the need to protect system resources.
D.
It improves awareness of the need to protect system resources.
Answers
Suggested answer: D

Question 39

Report
Export
Collapse

You are responsible for network and information security at a metropolitan police station. The most important concern is that unauthorized parties are not able to access data. What is this called?

A.
Availability
A.
Availability
Answers
B.
Encryption
B.
Encryption
Answers
C.
Integrity
C.
Integrity
Answers
D.
Confidentiality
D.
Confidentiality
Answers
Suggested answer: D

Question 40

Report
Export
Collapse

What component of the change management system is responsible for evaluating, testing, and documenting changes created to the project scope?

A.
Scope Verification
A.
Scope Verification
Answers
B.
Project Management Information System
B.
Project Management Information System
Answers
C.
Integrated Change Control
C.
Integrated Change Control
Answers
D.
Configuration Management System
D.
Configuration Management System
Answers
Suggested answer: D
Total 218 questions
Go to page: of 22
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms