ISC CISSP-ISSMP - ISSMPĀ®: Information Systems Security Management Professional Exam
Page: 1 / 44
Total 218 questions
Question #1 (Topic: )
Which of the following statements about Hypertext Transfer Protocol Secure (HTTPS) are
true? Each correct answer represents a complete solution. Choose two.
true? Each correct answer represents a complete solution. Choose two.
A. It uses TCP port 80 as the default port.
B. It is a protocol used in the Universal Resource Locater (URL) address line to connect to a secure site.
C. It uses TCP port 443 as the default port.
D. It is a protocol used to provide security for a database server in an internal network.
Answer: B,C
Question #2 (Topic: )
Which of the following is generally practiced by the police or any other recognized
governmental authority?
governmental authority?
A. Phishing
B. Wiretapping
C. SMB signing
D. Spoofing
Answer: B
Question #3 (Topic: )
John works as a security manager for Soft Tech Inc. He is working with his team on the
disaster recovery management plan. One of his team members has a doubt related to the
most cost effective DRP testing plan. According to you, which of the following disaster
recovery testing plans is the most cost-effective and efficient way to identify areas of
overlap in the plan before conducting more demanding training exercises?
disaster recovery management plan. One of his team members has a doubt related to the
most cost effective DRP testing plan. According to you, which of the following disaster
recovery testing plans is the most cost-effective and efficient way to identify areas of
overlap in the plan before conducting more demanding training exercises?
A. Full-scale exercise
B. Walk-through drill
C. Evacuation drill
D. Structured walk-through test
Answer: D
Question #4 (Topic: )
Which of the following measurements of an enterprise's security state is the process
whereby an organization establishes the parameters within which programs, investments,
and acquisitions reach the desired results?
whereby an organization establishes the parameters within which programs, investments,
and acquisitions reach the desired results?
A. Information sharing
B. Ethics
C. Performance measurement
D. Risk management
Answer: C
Question #5 (Topic: )
Mark works as a security manager for SoftTech Inc. He is performing a security awareness
program. To be successful in performing the awareness program, he should take into
account the needs and current levels of training and understanding of the employees and
audience. There are five key ways, which Mark should keep in mind while performing this
activity. Current level of computer usage What the audience really wants to learn How
receptive the audience is to the security program How to gain acceptance Who might be a
possible ally Which of the following activities is performed in this security awareness
process?
program. To be successful in performing the awareness program, he should take into
account the needs and current levels of training and understanding of the employees and
audience. There are five key ways, which Mark should keep in mind while performing this
activity. Current level of computer usage What the audience really wants to learn How
receptive the audience is to the security program How to gain acceptance Who might be a
possible ally Which of the following activities is performed in this security awareness
process?
A. Separation of duties
B. Stunned owl syndrome
C. Audience participation
D. Audience segmentation
Answer: D
