ExamGecko
Search Search Login
Home Home / ISC / CISSP-ISSMP

ISC CISSP-ISSMP Practice Test - Questions Answers, Page 9

Question list
Search
Search

List of questions

Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

Which of the following statements is related with the second law of OPSEC?
How many change control systems are there in project management?
Your project team has identified a project risk that must be responded to. The risk has been recorded in the risk register and the project team has been discussing potential risk responses for the risk event. The event is not likely to happen for several months but the probability of the event is high. Which one of the following is a valid response to the identified risk event?
Which of the following statutes is enacted in the U.S., which prohibits creditors from collecting data from applicants, such as national origin, caste, religion etc?
You work as the project manager for Bluewell Inc. You are working on NGQQ Project for your company. You have completed the risk analysis processes for the risk events. You and the project team have created risk responses for most of the identified project risks. Which of the following risk response planning techniques will you use to shift the impact of a threat to a third party, together with the responses?
Which of the following liabilities is a third-party liability in which an individual may be responsible for an action by another party?
In which of the following contract types, the seller is reimbursed for all allowable costs for performing the contract work and receives a fixed fee payment which is calculated as a percentage of the initial estimated project costs?
How can you calculate the Annualized Loss Expectancy (ALE) that may occur due to a threat?
Which of the following architecturally related vulnerabilities is a hardware or software mechanism, which was installed to permit system maintenance and to bypass the system's security protections?
SIMULATION Fill in the blank with the appropriate phrase. ____________ is the ability to record and report on the configuration baselines associated with each configuration item at any moment of time.

Question 81

Report
Export
Collapse

Which of the following terms related to risk management represents the estimated frequency at which a threat is expected to occur?

A.
Safeguard
A.
Safeguard
Answers
B.
Single Loss Expectancy (SLE)
B.
Single Loss Expectancy (SLE)
Answers
C.
Exposure Factor (EF)
C.
Exposure Factor (EF)
Answers
D.
Annualized Rate of Occurrence (ARO)
D.
Annualized Rate of Occurrence (ARO)
Answers
Suggested answer: D

Question 82

Report
Export
Collapse

Which of the following types of agreement creates a confidential relationship between the parties to protect any type of confidential and proprietary information or a trade secret?

A.
SLA
A.
SLA
Answers
B.
NDA
B.
NDA
Answers
C.
Non-price competition
C.
Non-price competition
Answers
D.
CNC
D.
CNC
Answers
Suggested answer: B

Question 83

Report
Export
Collapse

Which of the following sections come under the ISO/IEC 27002 standard?

A.
Financial assessment
A.
Financial assessment
Answers
B.
Asset management
B.
Asset management
Answers
C.
Security policy
C.
Security policy
Answers
D.
Risk assessment
D.
Risk assessment
Answers
Suggested answer: B, C, D

Question 84

Report
Export
Collapse

Which of the following U.S. Federal laws addresses computer crime activities in communication lines, stations, or systems?

A.
18 U.S.C. 1362
A.
18 U.S.C. 1362
Answers
B.
18 U.S.C. 1030
B.
18 U.S.C. 1030
Answers
C.
18 U.S.C. 1029
C.
18 U.S.C. 1029
Answers
D.
18 U.S.C. 2701
D.
18 U.S.C. 2701
Answers
E.
18 U.S.C. 2510
E.
18 U.S.C. 2510
Answers
Suggested answer: A

Question 85

Report
Export
Collapse

Which of the following access control models uses a predefined set of access privileges for an object of a system?

A.
Role-Based Access Control
A.
Role-Based Access Control
Answers
B.
Mandatory Access Control
B.
Mandatory Access Control
Answers
C.
Policy Access Control
C.
Policy Access Control
Answers
D.
Discretionary Access Control
D.
Discretionary Access Control
Answers
Suggested answer: B

Question 86

Report
Export
Collapse

Which of the following statements about the availability concept of Information security management is true?

A.
It determines actions and behaviors of a single individual within a system.
A.
It determines actions and behaviors of a single individual within a system.
Answers
B.
It ensures reliable and timely access to resources.
B.
It ensures reliable and timely access to resources.
Answers
C.
It ensures that unauthorized modifications are not made to data by authorized personnel or processes.
C.
It ensures that unauthorized modifications are not made to data by authorized personnel or processes.
Answers
D.
It ensures that modifications are not made to data by unauthorized personnel or processes.
D.
It ensures that modifications are not made to data by unauthorized personnel or processes.
Answers
Suggested answer: B

Question 87

Report
Export
Collapse

Which of the following is a process that identifies critical information to determine if friendly actions can be observed by adversary intelligence systems?

A.
IDS
A.
IDS
Answers
B.
OPSEC
B.
OPSEC
Answers
C.
HIDS
C.
HIDS
Answers
D.
NIDS
D.
NIDS
Answers
Suggested answer: B

Question 88

Report
Export
Collapse

Which of the following administrative policy controls is usually associated with government classifications of materials and the clearances of individuals to access those materials?

A.
Separation of Duties
A.
Separation of Duties
Answers
B.
Due Care
B.
Due Care
Answers
C.
Acceptable Use
C.
Acceptable Use
Answers
D.
Need to Know
D.
Need to Know
Answers
Suggested answer: D

Question 89

Report
Export
Collapse

Which of the following processes will you involve to perform the active analysis of the system for any potential vulnerabilities that may result from poor or improper system configuration, known and/or unknown hardware or software flaws, or operational weaknesses in process or technical countermeasures?

A.
Penetration testing
A.
Penetration testing
Answers
B.
Risk analysis
B.
Risk analysis
Answers
C.
Baselining
C.
Baselining
Answers
D.
Compliance checking
D.
Compliance checking
Answers
Suggested answer: A

Question 90

Report
Export
Collapse

Which of the following are the levels of military data classification system? Each correct answer represents a complete solution. Choose all that apply.

A.
Sensitive
A.
Sensitive
Answers
B.
Top Secret
B.
Top Secret
Answers
C.
Confidential
C.
Confidential
Answers
D.
Secret
D.
Secret
Answers
E.
Unclassified
E.
Unclassified
Answers
F.
Public
F.
Public
Answers
Suggested answer: A, B, C, D, E
Total 218 questions
Go to page: of 22
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms