ISSMP®: Information Systems Security Management Professional v6.0 (ISSMP)

Page:    1 / 15   
Total 218 questions

The goal of Change Management is to ensure that standardized methods and procedures are used for efficient handling of all changes. Which of the following are Change
Management terminologies? Each correct answer represents a part of the solution. Choose three.

  • A. Request for Change
  • B. Service Request Management
  • C. Change
  • D. Forward Schedule of Changes


Answer : A,C,D

Which of the following is the correct order of digital investigations Standard Operating
Procedure (SOP)?

  • A. Initial analysis, request for service, data collection, data reporting, data analysis
  • B. Initial analysis, request for service, data collection, data analysis, data reporting
  • C. Request for service, initial analysis, data collection, data analysis, data reporting
  • D. Request for service, initial analysis, data collection, data reporting, data analysis


Answer : C

Which of the following roles is used to ensure that the confidentiality, integrity, and availability of the services are maintained to the levels approved on the Service Level
Agreement (SLA)?

  • A. The Service Level Manager
  • B. The Configuration Manager
  • C. The IT Security Manager
  • D. The Change Manager


Answer : C

James works as a security manager for SoftTech Inc. He has been working on the continuous process improvement and on the ordinal scale for measuring the maturity of the organization involved in the software processes. According to James, which of the following maturity levels of software CMM focuses on the continuous process improvement?

  • A. Repeatable level
  • B. Defined level
  • C. Initiating level
  • D. Optimizing level


Answer : D

Which of the following is a set of exclusive rights granted by a state to an inventor or his assignee for a fixed period of time in exchange for the disclosure of an invention?

  • A. Patent
  • B. Utility model
  • C. Snooping
  • D. Copyright


Answer : A

You are advising a school district on disaster recovery plans. In case a disaster affects the main IT centers for the district they will need to be able to work from an alternate location.
However, budget is an issue. Which of the following is most appropriate for this client?

  • A. Cold site
  • B. Off site
  • C. Hot site
  • D. Warm site


Answer : A

Which of the following is a process of monitoring data packets that travel across a network?

  • A. Password guessing
  • B. Packet sniffing
  • C. Shielding
  • D. Packet filtering


Answer : B

Mark works as a security manager for SofTech Inc. He is working in a partially equipped office space which contains some of the system hardware, software, telecommunications, and power sources. In which of the following types of office sites is he working?

  • A. Mobile site
  • B. Warm site
  • C. Cold site
  • D. Hot site


Answer : B

You are documenting your organization's change control procedures for project management. What portion of the change control process oversees features and functions of the product scope?

  • A. Configuration management
  • B. Product scope management is outside the concerns of the project.
  • C. Scope changecontrol system
  • D. Project integration management


Answer : A

Which of the following enables an inventor to legally enforce his right to exclude others from using his invention?

  • A. Spam
  • B. Patent
  • C. Artistic license
  • D. Phishing


Answer : B

Which of the following are the major tasks of risk management? Each correct answer represents a complete solution. Choose two.

  • A. Assuring the integrity of organizational data
  • B. Building Risk free systems
  • C. Risk control
  • D. Risk identification


Answer : C,D

Which of the following statements best describes the consequences of the disaster recovery plan test?

  • A. If no deficiencies were found during the test, then the test was probably flawed.
  • B. The plan should not be changed no matter what the results of the test would be.
  • C. The results of the test should be kept secret.
  • D. If no deficiencies were found during the test, then the plan is probably perfect.


Answer : A

Which of the following ports is the default port for Layer 2 Tunneling Protocol (L2TP) ?

  • A. UDP port 161
  • B. TCP port 443
  • C. TCP port 110
  • D. UDP port 1701


Answer : D

Which of the following statements reflect the 'Code of Ethics Canons' in the '(ISC)2 Code of
Ethics'? Each correct answer represents a complete solution. Choose all that apply.

  • A. Provide diligent and competent service to principals.
  • B. Protect society, the commonwealth, and the infrastructure.
  • C. Give guidance for resolving good versus good and bad versus bad dilemmas.
  • D. Act honorably, honestly, justly, responsibly, and legally.


Answer : A,B,D

Which of the following issues are addressed by the change control phase in the maintenance phase of the life cycle models? Each correct answer represents a complete solution. Choose all that apply.

  • A. Performing quality control
  • B. Recreating and analyzing the problem
  • C. Developing the changes and corresponding tests
  • D. Establishing the priorities of requests


Answer : A,B,C

Page:    1 / 15   
Total 218 questions