ISC CISSP-ISSMP - Information Systems Security Management Professional - CISSP-ISSMP Exam Questions
QUESTION NO: 1
Which of the following policies helps reduce the potential damage from the actions of one person?
Which of the following policies helps reduce the potential damage from the actions of one person?
Correct Answer: C
QUESTION NO: 2
Which of the following statements is related with the second law of OPSEC?
Which of the following statements is related with the second law of OPSEC?
Correct Answer: B
QUESTION NO: 3
Which of the following is a formula, practice, process, design, instrument, pattern, or compilation of information which is not generally known, but by which a business can obtain an economic advantage over its competitors?
Which of the following is a formula, practice, process, design, instrument, pattern, or compilation of information which is not generally known, but by which a business can obtain an economic advantage over its competitors?
Correct Answer: D
QUESTION NO: 4
You are working as a project manager in your organization. You are nearing the final stages of project execution and looking towards the final risk monitoring and controlling activities. For your project archives, which one of the following is an output of risk monitoring and control?
You are working as a project manager in your organization. You are nearing the final stages of project execution and looking towards the final risk monitoring and controlling activities. For your project archives, which one of the following is an output of risk monitoring and control?
Correct Answer: D
QUESTION NO: 5
You work as the project manager for Bluewell Inc. You are working on NGQQ Project for your company. You have completed the risk analysis processes for the risk events. You and the project team have created risk responses for most of the identified project risks. Which of the following risk response planning techniques will you use to shift the impact of a threat to a third party, together with the responses?
You work as the project manager for Bluewell Inc. You are working on NGQQ Project for your company. You have completed the risk analysis processes for the risk events. You and the project team have created risk responses for most of the identified project risks. Which of the following risk response planning techniques will you use to shift the impact of a threat to a third party, together with the responses?
Correct Answer: D
QUESTION NO: 6
Which of the following are examples of physical controls used to prevent unauthorized access to sensitive materials?
Which of the following are examples of physical controls used to prevent unauthorized access to sensitive materials?
Correct Answer: A,C,D
QUESTION NO: 7
You are the Network Administrator for a college. You watch a large number of people (some not even students) going in and out of areas with campus computers (libraries, computer labs, etc.). You have had a problem with laptops being stolen. What is the most cost effective method to prevent this?
You are the Network Administrator for a college. You watch a large number of people (some not even students) going in and out of areas with campus computers (libraries, computer labs, etc.). You have had a problem with laptops being stolen. What is the most cost effective method to prevent this?
Correct Answer: B
QUESTION NO: 8
Which of the following security issues does the Bell-La Padula model focus on?
Which of the following security issues does the Bell-La Padula model focus on?
Correct Answer: C
QUESTION NO: 9
Which of the following are examples of administrative controls that involve all levels of employees within an organization and determine which users have access to what resources and information? Each correct answer represents a complete solution. Choose three.
Which of the following are examples of administrative controls that involve all levels of employees within an organization and determine which users have access to what resources and information? Each correct answer represents a complete solution. Choose three.
Correct Answer: A,D,E
QUESTION NO: 10
Which of the following is the process performed between organizations that have unique hardware or software that cannot be maintained at a hot or warm site?
Which of the following is the process performed between organizations that have unique hardware or software that cannot be maintained at a hot or warm site?
Correct Answer: C
QUESTION NO: 11
Which of the following is generally practiced by the police or any other recognized governmental authority?
Which of the following is generally practiced by the police or any other recognized governmental authority?
Correct Answer: D
QUESTION NO: 12
You are the project manager of the HJK project for your organization. You and the project team have created risk responses for many of the risk events in the project. A teaming agreement is an example of what risk response?
You are the project manager of the HJK project for your organization. You and the project team have created risk responses for many of the risk events in the project. A teaming agreement is an example of what risk response?
Correct Answer: B
QUESTION NO: 13
Which of the following evidences are the collection of facts that, when considered together, can be used to infer a conclusion about the malicious activity/person?
Which of the following evidences are the collection of facts that, when considered together, can be used to infer a conclusion about the malicious activity/person?
Correct Answer: B
QUESTION NO: 14
Which of the following are the ways of sending secure e-mail messages over the Internet? Each correct answer represents a complete solution. Choose two.
Which of the following are the ways of sending secure e-mail messages over the Internet? Each correct answer represents a complete solution. Choose two.
Correct Answer: B,C
