CISSP-ISSMP - Information Systems Security Management Professional (CISSP-ISSMP) Free Practice Test

Question 1

Which of the following processes is used by remote users to make a secure connection to internal resources after establishing an Internet connection?

A. Spoofing

B. Packet filtering

C. Tunneling

D. Packet sniffing

Correct Answer: C

Question 2

How can you calculate the Annualized Loss Expectancy (ALE) that may occur due to a threat?

A. Asset Value X Exposure Factor (EF)

B. Single Loss Expectancy (SLE)/ Exposure Factor (EF)

C. Exposure Factor (EF)/Single Loss Expectancy (SLE)

D. Single Loss Expectancy (SLE) X Annualized Rate of Occurrence (ARO)

Correct Answer: D

Question 3

You are documenting your organization's change control procedures for project management. What portion of the change control process oversees features and functions of the product scope?

A. Product scope management is outside the concerns of the project.

B. Configuration management

C. Scope changecontrol system

D. Project integration management

Correct Answer: B

Question 4

Configuration Management (CM) is an Information Technology Infrastructure Library (ITIL) IT Service Management (ITSM) process. Configuration Management is used for which of the following? 1.To account for all IT assets 2.To provide precise information support to other ITIL disciplines 3.To provide a solid base only for Incident and Problem Management 4.To verify configuration records and correct any exceptions

A. 1, 3, and 4 only

B. 2, 3, and 4 only

C. 2 and 4 only

D. 1, 2, and 4 only

Correct Answer: D

Question 5

Which of the following documents is described in the statement below? "It is developed along with all processes of the risk management. It contains the results of the qualitative risk analysis, quantitative risk analysis, and risk response planning."

A. Risk management plan

B. Quality management plan

C. Risk register

D. Project charter

Correct Answer: C

Question 6

Which of the following is the default port for Simple Network Management Protocol (SNMP)?

A. UDP port 161

B. TCP port 110

C. TCP port 25

D. TCP port 80

Correct Answer: A

Question 7

In which of the following phases of the SDLC does the software and other components of the system faithfully incorporate the design specifications and provide proper documentation and training?

A. Design

B. Programming andtraining

C. Initiation

D. Evaluation and acceptance

Correct Answer: B

Question 8

You work as a security manager for SoftTech Inc. You are conducting a security awareness campaign for your employees. One of the employees of your organization asks you the purpose of the security awareness, training and education program. What will be your answer?

A. It improves the security of vendor relations.

B. It improves the possibility for career advancement of the IT staff.

C. It improves awareness of the need to protect system resources.

D. It improves the performance of a company's intranet.

Correct Answer: C

Question 9

Fill in the blank with an appropriate phrase.________ models address specifications, requirements, and design, verification and validation, and maintenance activities.

A. Life cycle

Correct Answer: A

Question 10

You are the project manager for TTX project. You have to procure some electronics gadgets for the project. A relative of yours is in the retail business of those gadgets. He approaches you for your favor to get the order. This is the situation of ____.

A. Conflict of interest

B. Illegal practice

C. Bribery

D. Irresponsible practice

Correct Answer: A

Question 11

John is a black hat hacker. FBI arrested him while performing some email scams. Under which of the following US laws will john be charged?

A. 18 U.S.C. 1362

B. 18 U.S.C. 1030

C. 18 U.S.C. 2510

D. 18 U.S. 2701

Correct Answer: B

Question 12

You are the project manager of the NGQQ Project for your company. To help you communicate project status to your stakeholders, you are going to create a stakeholder register. All of the following information should be included in the stakeholder register except for which one?

A. Assessment information of the stakeholders' major requirements, expectations, and potential influence

B. Identification information for each stakeholder

C. Stakeholder classification of their role in the project

D. Stakeholder management strategy

Correct Answer: D

Question 13

A contract cannot have provisions for which one of the following?

A. Illegal activities

B. Penalties and fines for disclosure of intellectual rights

C. A deadline for the completion of the work

D. Subcontracting the work

Correct Answer: A

Question 14

Which of the following acts is a specialized privacy bill that affects any educational institution to accept any form of funding from the federal government?

A. GLBA

B. COPPA

C. HIPAA

D. FERPA

Correct Answer: D

Welcome to TestSimulate

ISC CISSP-ISSMP - Information Systems Security Management Professional (CISSP-ISSMP) Free Practice Test