ExamGecko
Login
Home / ISC / HCISPP / List of questions
Ask Question

ISC HCISPP Practice Test - Questions Answers, Page 6

Add to Whishlist

List of questions

Question 51

Report Export Collapse

Which of the following types of business continuity tests includes assessment of resilience to internal and external risks without endangering live operations?

Walkthrough
Walkthrough
Simulation
Simulation
Parallel
Parallel
White box
White box
Suggested answer: C
asked 18/09/2024
William Takashi Chan
39 questions

Question 52

Report Export Collapse

A continuous information security monitoring program can BEST reduce risk through which of the following?

Collecting security events and correlating them to identify anomalies
Collecting security events and correlating them to identify anomalies
Facilitating system-wide visibility into the activities of critical user accounts
Facilitating system-wide visibility into the activities of critical user accounts
Encompassing people, process, and technology
Encompassing people, process, and technology
Logging both scheduled and unscheduled system changes
Logging both scheduled and unscheduled system changes
Suggested answer: B
asked 18/09/2024
zulmaidi mr
43 questions

Question 53

Report Export Collapse

Which of the following is the PRIMARY risk with using open source software in a commercial software construction?

Lack of software documentation
Lack of software documentation
License agreements requiring release of modified code
License agreements requiring release of modified code
Expiration of the license agreement
Expiration of the license agreement
Costs associated with support of the software
Costs associated with support of the software
Suggested answer: D
asked 18/09/2024
Ramesh K
50 questions

Question 54

Report Export Collapse

Which one of these risk factors would be the LEAST important consideration in choosing a building site for a new computer facility?

Vulnerability to crime
Vulnerability to crime
Adjacent buildings and businesses
Adjacent buildings and businesses
Proximity to an airline flight path
Proximity to an airline flight path
Vulnerability to natural disasters
Vulnerability to natural disasters
Suggested answer: C
asked 18/09/2024
RAOUL AMODIO
54 questions

Question 55

Report Export Collapse

Multi-threaded applications are more at risk than single-threaded applications to

race conditions.
race conditions.
virus infection.
virus infection.
packet sniffing.
packet sniffing.
database injection.
database injection.
Suggested answer: A
asked 18/09/2024
Ben Clark
39 questions

Question 56

Report Export Collapse

Which of the following is a potential risk when a program runs in privileged mode?

It may serve to create unnecessary code complexity
It may serve to create unnecessary code complexity
It may not enforce job separation duties
It may not enforce job separation duties
It may create unnecessary application hardening
It may create unnecessary application hardening
It may allow malicious code to be inserted
It may allow malicious code to be inserted
Suggested answer: D
asked 18/09/2024
Dylan Johnson
47 questions

Question 57

Report Export Collapse

A risk assessment report recommends upgrading all perimeter firewalls to mitigate a particular finding. Which of the following BEST supports this recommendation?

The inherent risk is greater than the residual risk.
The inherent risk is greater than the residual risk.
The Annualized Loss Expectancy (ALE) approaches zero.
The Annualized Loss Expectancy (ALE) approaches zero.
The expected loss from the risk exceeds mitigation costs.
The expected loss from the risk exceeds mitigation costs.
The infrastructure budget can easily cover the upgrade costs.
The infrastructure budget can easily cover the upgrade costs.
Suggested answer: C
asked 18/09/2024
Deshawn Sharpe
44 questions

Question 58

Report Export Collapse

Which of the following disaster recovery test plans will be MOST effective while providing minimal risk?

Read-through
Read-through
Parallel
Parallel
Full interruption
Full interruption
Simulation
Simulation
Suggested answer: D
asked 18/09/2024
Anupam Roy
55 questions

Question 59

Report Export Collapse

Which of the following BEST describes the purpose of performing security certification?

To identify system threats, vulnerabilities, and acceptable level of risk
To identify system threats, vulnerabilities, and acceptable level of risk
To formalize the confirmation of compliance to security policies and standards
To formalize the confirmation of compliance to security policies and standards
To formalize the confirmation of completed risk mitigation and risk analysis
To formalize the confirmation of completed risk mitigation and risk analysis
To verify that system architecture and interconnections with other systems are effectively implemented
To verify that system architecture and interconnections with other systems are effectively implemented
Suggested answer: B
asked 18/09/2024
Arash Farivarmoheb
50 questions

Question 60

Report Export Collapse

The BEST method to mitigate the risk of a dictionary attack on a system is to

use a hardware token.
use a hardware token.
use complex passphrases.
use complex passphrases.
implement password history.
implement password history.
encrypt the access control list (ACL).
encrypt the access control list (ACL).
Suggested answer: A
asked 18/09/2024
Jeff Silverman
38 questions
Total 305 questions
Go to page: of 31
Open VPLUS File
Convert VPLUS to PDF

Related questions

Which of the following is a characteristic of a socialized health insurance system?
___________________ is a physician who has completed their internship in a program of training designed to increase their knowledge of clinical or special fields.
Which of the following statements is NOT correct?
Discovered the immunity to small pox.
What is the title given to the group authorized by the HIPAA Privacy Rule to approve a waiver of authorization for the disclosure and/or use of personally identifiable health information?
Confidential information must not be shared with another unless the recipient has:
The confidentiality of alcohol and drug abuse patient records maintained by this program is protected by federal law and regulations. Generally, the program may not say to a person outside the program that a patient attends the program, or disclose any information identifying a patient as an alcohol or drug abuser even if:
You receive a call from staff at a local hospital stating that they need information regarding a former client of yours who is scheduled for surgery. They fax you a release of information form which only authorizes the release of medications but the person on the phone is asking for dates of treatment and diagnoses. How would you respond?
What time period was the Cannon of Medicine in?
If you see other staff violating privacy policies you should?