Home / ISC / CISSP

Question list

List of questions

Question 1

(1)

All of the following items should be included in a Business Impact Analysis (BIA) questionnaire EXCEPT questions that

Question 2

(0)

Which of the following actions will reduce risk to a laptop before traveling to a high risk area?

Question 3

(0)

Which of the following represents the GREATEST risk to data confidentiality?

Question 4

(0)

What is the MOST important consideration from a data security perspective when an organization plans to relocate?

Question 5

(0)

A company whose Information Technology (IT) services are being delivered from a Tier 4 data center, is preparing a companywide Business Continuity Planning (BCP). Which of the following failures sho

Question 6

(0)

When assessing an organization's security policy according to standards established by the International Organization for Standardization (ISO) 27001 and 27002, when can management responsibilities

Question 7

(0)

Which of the following types of technologies would be the MOST cost-effective method to provide a reactive control for protecting personnel in public areas?

Question 8

(0)

An important principle of defense in depth is that achieving information security requires a balanced focus on which PRIMARY elements?

Question 9

(0)

Intellectual property rights are PRIMARY concerned with which of the following?

Question 10

(0)

Which of the following is MOST important when assigning ownership of an asset to a department?

Question 263 - CISSP discussion

Refer to the information below to answer the question.

A large organization uses unique identifiers and requires them at the start of every system session.

Application access is based on job classification. The organization is subject to periodic independent reviews of access controls and violations. The organization uses wired and wireless networks and remote access. The organization also uses secure connections to branch offices and secure backup and recovery strategies for selected information and processes.

Following best practice, where should the permitted access for each department and job classification combination be specified?