Summer Certification Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code = getmirror

Home
ISC
CISSP Concentrations
ISSMP
ISSMP®: Information Systems Security Management Professional Questions and Answers

Pass the ISC CISSP Concentrations ISSMP Questions and answers with ExamsMirror

Practice at least 50% of the questions to maximize your chances of passing.

Exam ISSMP Premium Access

View all detail and faqs for the ISSMP exam

Go to Exam

700 Students Passed

94% Average Score

95% Same Questions

Viewing page 4 out of 7 pages

Viewing questions 31-40 out of questions

Questions # 31:

Which of the following refers to an information security document that is used in the United States Department of Defense (DoD) to describe and accredit networks and systems?

Options:

SSAA

FITSAF

FIPS

TCSEC

Answer

Questions # 32:

Which of the following processes is a structured approach to transitioning individuals, teams, and organizations from a current state to a desired future state?

Options:

Risk management

Configuration management

Change management

Procurement management

Answer

Questions # 33:

Which of the following laws enacted in United States makes it illegal for an Internet Service Provider (ISP) to allow child pornography to exist on Web sites?

Options:

Child Pornography Prevention Act (CPPA)

USA PATRIOT Act

Prosecutorial Remedies and Tools Against the Exploitation of Children Today Act (PROTECT Act)

Sexual Predators Act

Answer

Questions # 34:

Which of the following statements are true about a hot site? Each correct answer represents a complete solution. Choose all that apply.

Options:

It can be used within an hour for data recovery.

It is cheaper than a cold site but more expensive than a worm site.

It is the most inexpensive backup site.

It is a duplicate of the original site of the organization, with full computer systems as well as near-complete backups of user data.

Answer

A, D

Questions # 35:

Fill in the blank with an appropriate word. _________ are used in information security to formalize security policies.

Options:

Models.

Answer

Questions # 36:

Which of the following recovery plans includes specific strategies and actions to deal with specific variances to assumptions resulting in a particular security problem, emergency, or state of affairs?

Options:

Disaster recovery plan

Contingency plan

Continuity of Operations Plan

Business continuity plan

Answer

Questions # 37:

Which of the following is the correct order of digital investigations Standard Operating Procedure (SOP)?

Options:

Initial analysis, request for service, data collection, data reporting, data analysis

Initial analysis, request for service, data collection, data analysis, data reporting

Request for service, initial analysis, data collection, data analysis, data reporting

Request for service, initial analysis, data collection, data reporting, data analysis

Answer

Questions # 38:

Which of the following access control models are used in the commercial sector? Each correct answer represents a complete solution. Choose two.

Options:

Clark-Biba model

Clark-Wilson model

Bell-LaPadula model

Biba model

Answer

B, D

Questions # 39:

You work as the Network Administrator for a defense contractor. Your company works with sensitive materials and all IT personnel have at least a secret level clearance. You are still concerned that one individual could perhaps compromise the network (intentionally or unintentionally) by setting up improper or unauthorized remote access. What is the best way to avoid this problem?

Options:

Implement separation of duties.

Implement RBAC.

Implement three way authentication.

Implement least privileges.

Answer

Questions # 40:

Which of the following are the common roles with regard to data in an information classification program? Each correct answer represents a complete solution. Choose all that apply.