Certbus > ISC > ISC Certification > ISSMP > ISSMP Online Practice Questions and Answers

ISSMP Online Practice Questions and Answers

Questions 4

Andy works as a security manager for SoftTech Inc. He is involved in the BIA phase to create a document to be used to help understand what impact a disruptive event would have on the business. Choose and reorder the required steps that he will take to accomplish the BIA phase.

Select and Place:

Browse 224 Q&As
Questions 5

Drag and drop the various SSE-CMM levels at the appropriate places.

Select and Place:

Browse 224 Q&As
Questions 6

You have created a team of HR Managers and Project Managers for Blue Well Inc. The team will concentrate on hiring some new employees for the company and improving the organization's overall security by turning employees among numerous job positions. Which of the following steps will you perform to accomplish the task?

A. Job rotation

B. Job responsibility

C. Screening candidates

D. Separation of duties

Browse 224 Q&As
Questions 7

Which of the following terms describes a repudiation of a contract that occurs before the time when performance is due?

A. Expected breach

B. Actual breach

C. Anticipatory breach

D. Nonperforming breach

Browse 224 Q&As
Questions 8

Which of the following is used to back up forensic evidences or data folders from the network or locally attached hard disk drives?

A. WinHex

B. Vedit

C. Device Seizure

D. FAR system

Browse 224 Q&As
Questions 9

You work as a security manager for SoftTech Inc. You are conducting a security awareness campaign for your employees. Which of the following ideas will you consider the best when conducting a security awareness campaign?

A. Target system administrators and the help desk.

B. Provide technical details on exploits.

C. Provide customized messages for different groups.

D. Target senior managers and business process owners.

Browse 224 Q&As
Questions 10

You are the Network Administrator for a software company. Due to the nature of your company's business, you have a significant number of highly computer savvy users. However, you have still decided to limit each user access to only those resources required for their job, rather than give wider access to the technical users (such as tech support and software engineering personnel). What is this an example of?

A. The principle of maximum control.

B. The principle of least privileges.

C. Proper use of an ACL.

D. Poor resource management.

Browse 224 Q&As
Questions 11

Which of the following access control models are used in the commercial sector? Each correct answer represents a complete solution. Choose two.

A. Clark-Biba model

B. Clark-Wilson model

C. Bell-LaPadula model

D. Biba model

Browse 224 Q&As
Questions 12

Which of the following recovery plans includes specific strategies and actions to deal with specific variances to assumptions resulting in a particular security problem, emergency, or state of affairs?

A. Business continuity plan

B. Disaster recovery plan

C. Continuity of Operations Plan

D. Contingency plan

Browse 224 Q&As
Questions 13

Which of the following protocols is used with a tunneling protocol to provide security?

A. FTP

B. IPX/SPX

C. IPSec

D. EAP

Browse 224 Q&As
Questions 14

Which of the following security controls will you use for the deployment phase of the SDLC to build secure software? Each correct answer represents a complete solution. Choose all that apply.

A. Vulnerability Assessment and Penetration Testing

B. Security Certification and Accreditation (CandA)

C. Change and Configuration Control

D. Risk Adjustments

Browse 224 Q&As
Questions 15

You work as a security manager for SoftTech Inc. You are conducting a security awareness campaign for your employees. One of the employees of your organization asks you the purpose of the security awareness, training and education program. What will be your answer?

A. It improves the possibility for career advancement of the IT staff.

B. It improves the security of vendor relations.

C. It improves the performance of a company's intranet.

D. It improves awareness of the need to protect system resources.

Browse 224 Q&As
Questions 16

You are documenting your organization's change control procedures for project management. What portion of the change control process oversees features and functions of the product scope?

A. Configuration management

B. Product scope management is outside the concerns of the project.

C. Scope change control system

D. Project integration management

Browse 224 Q&As
Questions 17

Which of the following statements about Due Care policy is true?

A. It is a method used to authenticate users on a network.

B. It is a method for securing database servers.

C. It identifies the level of confidentiality of information.

D. It provides information about new viruses.

Browse 224 Q&As
Questions 18

Which of the following types of agreement creates a confidential relationship between the parties to protect any type of confidential and proprietary information or a trade secret?

A. SLA

B. NDA

C. Non-price competition

D. CNC

Browse 224 Q&As
Exam Code: ISSMP
Exam Name: ISSMP:Information Systems Security Management Professional
Last Update: Mar 18, 2024
Questions: 224 Q&As

PDF

$45.99

VCE

$49.99

PDF + VCE

$59.99