Pass4itsure > ISC > ISC Certification > CISSP > CISSP Online Practice Questions and Answers

CISSP Online Practice Questions and Answers

Questions 4

A security practitioner has been tasked with establishing organizational asset handling procedures. What should be considered that would have the GRFATEST impact to the development of these procedures?

A. Media handling procedures

B. User roles and responsibilities

C. Acceptable Use Policy (ALP)

D. Information classification scheme

Buy Now
Questions 5

Which of the following management process allows ONLY those services required for users to accomplish their tasks, change default user passwords, and set servers to retrieve antivirus updates?

A. Configuration

B. Identity

C. Compliance

D. Patch

Buy Now
Questions 6

During a fingerprint verification process, which of the following is used to verify identity and authentication?

A. A pressure value is compared with a stored template

B. Sets of digits are matched with stored values

C. A hash table is matched to a database of stored value

D. A template of minutiae is compared with a stored template

Buy Now
Questions 7

Which of the following is required to determine classification and ownership?

A. System and data resources are properly identified

B. Access violations are logged and audited

C. Data file references are identified and linked

D. System security controls are fully integrated

Buy Now
Questions 8

Which of the following BEST describes the responsibilities of a data owner?

A. Ensuring quality and validation through periodic audits for ongoing data integrity

B. Maintaining fundamental data availability, including data storage and archiving

C. Ensuring accessibility to appropriate users, maintaining appropriate levels of data security

D. Determining the impact the information has on the mission of the organization

Buy Now
Questions 9

Which of the following is true of Service Organization Control (SOC) reports?

A. SOC 1 Type 2 reports assess the security, confidentiality, integrity, and availability of an organization's controls

B. SOC 2 Type 2 reports include information of interest to the service organization's management

C. SOC 2 Type 2 reports assess internal controls for financial reporting

D. SOC 3 Type 2 reports assess internal controls for financial reporting

Buy Now
Questions 10

Which of the following open source software issues pose the MOST risk to an application?

A. The software is beyond end of life and the vendor is out of business.

B. The software is not used or popular in the development community.

C. The software has multiple Common Vulnerabilities and Exposures (CVE) and only some are remediated.

D. The software has multiple Common Vulnerabilities and Exposures (CVE) but the CVEs are classified as low risks.

Buy Now
Questions 11

What is the MAIN reason for having a developer sign a Non-Disclosure Agreement (NDA)?

A. Signing the NDA always gives consent to the developer to access tools and privileged company information to do their work.

B. Signing the NDA allows the developer to use their developed coding methods.

C. Signing the NDA protects confidential, technical, or Intellectual Property (IP) from disclosure to others.

D. Signing the NDA is legally binding for up to one year of employment.

Buy Now
Questions 12

Which of the following is the PRIMARY type of cryptography required to support non-repudiation of a digitally signed document?

A. Message digest (MD)

B. Asymmetric

C. Symmetric

D. Hashing

Buy Now
Questions 13

What process facilitates the balance of operational and economic costs of protective measures with gains in mission capability?

A. Risk assessment

B. Performance testing

C. Security audit

D. Risk management

Buy Now
Exam Code: CISSP
Exam Name: Certified Information Systems Security Professional
Last Update: Mar 26, 2024
Questions: 1703
10%OFF Coupon Code: SAVE10

PDF (Q&A)

$45.99

VCE

$49.99

PDF + VCE

$59.99