ISC ISSMP - ISSMPĀ®: Information Systems Security Management Professional Exam
Page: 2 / 44
Total 218 questions
Question #6 (Topic: )
Which of the following penetration testing phases involves reconnaissance or data
gathering?
gathering?
A. Attack phase
B. Pre-attack phase
C. Post-attack phase
D. Out-attack phase
Answer: B
Question #7 (Topic: )
Mark works as a security manager for SoftTech Inc. He is involved in the BIA phase to
create a document to be used to help understand what impact a disruptive event would
have on the business. The impact might be financial or operational. Which of the following
are the objectives related to the above phase in which Mark is involved? Each correct
answer represents a part of the solution. Choose three.
create a document to be used to help understand what impact a disruptive event would
have on the business. The impact might be financial or operational. Which of the following
are the objectives related to the above phase in which Mark is involved? Each correct
answer represents a part of the solution. Choose three.
A. Resource requirements identification
B. Criticality prioritization
C. Down-time estimation
D. Performing vulnerability assessment
Answer: A,B,C
Question #8 (Topic: )
Which of the following recovery plans includes specific strategies and actions to deal with
specific variances to assumptions resulting in a particular security problem, emergency, or
state of affairs?
specific variances to assumptions resulting in a particular security problem, emergency, or
state of affairs?
A. Business continuity plan
B. Disaster recovery plan
C. Continuity of Operations Plan
D. Contingency plan
Answer: D
Question #9 (Topic: )
Which of the following protocols is used with a tunneling protocol to provide security?
A. FTP
B. IPX/SPX
C. IPSec
D. EAP
Answer: C
Question #10 (Topic: )
Which of the following subphases are defined in the maintenance phase of the life cycle
models?
models?
A. Change control
B. Configuration control
C. Request control
D. Release control
Answer: A,C,D
