ISC2 CISSP Quiz 5 Topic 5 Questions 21-25

Question: 1

The adoption of an enterprise-wide business continuilty program requires Which of the folllowing?

AGood communication throughout the organization

BFormation of Disaster Recovery (DP) project team

CA completed Business Impact Analysis (BIA)

DWell-documented information asset classification

Show Answer

Question: 2

When conduting a security assessment of access controls , Which activity is port of the data analysis phase?

ACollect logs and reports.

BPresent solutions to address audit exceptions.

CCategorize and Identify evidence gathered during the audit

DConduct statiscal sampling of data transactions.

Show Answer

Question: 3

The core component of Role Based Access control (RBAC) must be constructed of defined data elements, Which elements are requried?

AUsers, permissions, operators, and protected objects

BUsers, rotes, operations, and protected objects

CRoles, accounts, permissions, and protected objects

DRoles, operations, accounts, and protected objects

Show Answer

Question: 4

Individuls have been identified and determined as having a need-to-know for the information. Which of the following access control methods MUST include a consistent set of rules for controlling and limiting access?

AAttribute Based Access Control (ABAC)

BRole-Based Access Control (RBAC)

CDiscretionary Access Control (DAC)

DMandatory Access Control (MAC)

Show Answer

Question: 5

Functional security testing is MOST critical during which phese of the system development Life Cycle (SDLC)?

AAcquisition / Development

BOperations / Maintenance

CImplementation

DInitiation

Show Answer

ISC2 CISSP Quiz:5 Topic:5 Questions:21-25