ISC CISSP-ISSMP - ISSMP®: Information Systems Security Management Professional Exam

Page:    1 / 44   
Total 218 questions

Which of the following statements about Hypertext Transfer Protocol Secure (HTTPS) are true? Each correct answer represents a complete solution. Choose two.

  • A. It uses TCP port 80 as the default port.
  • B. It is a protocol used in the Universal Resource Locater (URL) address line to connect to a secure site.
  • C. It uses TCP port 443 as the default port.
  • D. It is a protocol used to provide security for a database server in an internal network.


Answer : B,C

Which of the following is generally practiced by the police or any other recognized governmental authority?

  • A. Phishing
  • B. Wiretapping
  • C. SMB signing
  • D. Spoofing


Answer : B

John works as a security manager for Soft Tech Inc. He is working with his team on the disaster recovery management plan. One of his team members has a doubt related to the most cost effective DRP testing plan. According to you, which of the following disaster recovery testing plans is the most cost-effective and efficient way to identify areas of overlap in the plan before conducting more demanding training exercises?

  • A. Full-scale exercise
  • B. Walk-through drill
  • C. Evacuation drill
  • D. Structured walk-through test


Answer : D

Which of the following measurements of an enterprise's security state is the process whereby an organization establishes the parameters within which programs, investments, and acquisitions reach the desired results?

  • A. Information sharing
  • B. Ethics
  • C. Performance measurement
  • D. Risk management


Answer : C

Mark works as a security manager for SoftTech Inc. He is performing a security awareness program. To be successful in performing the awareness program, he should take into account the needs and current levels of training and understanding of the employees and audience. There are five key ways, which Mark should keep in mind while performing this activity. Current level of computer usage What the audience really wants to learn How receptive the audience is to the security program How to gain acceptance Who might be a possible ally Which of the following activities is performed in this security awareness process?

  • A. Separation of duties
  • B. Stunned owl syndrome
  • C. Audience participation
  • D. Audience segmentation


Answer : D

Page:    1 / 44   
Total 218 questions