Free Cheat-test Samples and Demo Questions Download
Adobe exams Adobe
Apple exams Apple
Avaya exams Avaya
Check Point exams Check Point
Cisco exams Cisco
Citrix exams Citrix
CIW exams CIW
CompTIA exams CompTIA
EC-Council exams EC-Council
EMC exams EMC
Exin exams Exin
Fortinet exams Fortinet
Hitachi exams Hitachi
HP exams HP
IBM exams IBM
Isaca exams Isaca
ISC exams ISC
Juniper exams Juniper
LPI exams LPI
McAfee exams McAfee
Microsoft exams Microsoft
Oracle exams Oracle
PMI exams PMI
Riverbed exams Riverbed
SNIA exams SAP
Sun exams SAS
Symantec exams Symantec
VMware exams VMware
All certification exams


Free ISSMP Sample Questions:

Q: 1
Mark works as a security manager for SofTech Inc. He is working in a partially equipped office space which contains some of the system hardware, software, telecommunications, and power sources. In which of the following types of office sites is he working?
A. Mobile site
B. Warm site
C. Cold site
D. Hot site
Answer: B

Q: 2
You are documenting your organization's change control procedures for project management.
What portion of the change control process oversees features and functions of the product scope?
A. Configuration management
B. Product scope management is outside the concerns of the project.
C. Scope change control system
D. Project integration management
Answer: A

Q: 3
Which of the following enables an inventor to legally enforce his right to exclude others from using his invention?
A. Spam
B. Patent
C. Artistic license
D. Phishing
Answer: B

Q: 4
Which of the following are the major tasks of risk management? Each correct answer represents a complete solution. Choose two.
A. Assuring the integrity of organizational data
B. Building Risk free systems
C. Risk control
D. Risk identification
Answer: C, D

Q: 5
Which of the following statements best describes the consequences of the disaster recovery plan test?
A. If no deficiencies were found during the test, then the test was probably flawed.
B. The plan should not be changed no matter what the results of the test would be.
C. The results of the test should be kept secret.
D. If no deficiencies were found during the test, then the plan is probably perfect.
Answer: A

Q: 6
Which of the following ports is the default port for Layer 2 Tunneling Protocol (L2TP) ?
A. UDP port 161
B. TCP port 443
C. TCP port 110
D. UDP port 1701
Answer: D

Q: 7
Which of the following statements reflect the 'Code of Ethics Canons' in the '(ISC)2 Code of Ethics'? Each correct answer represents a complete solution. Choose all that apply.
A. Provide diligent and competent service to principals.
B. Protect society, the commonwealth, and the infrastructure.
C. Give guidance for resolving good versus good and bad versus bad dilemmas.
D. Act honorably, honestly, justly, responsibly, and legally.
Answer: A, B, D

Q: 8
Which of the following issues are addressed by the change control phase in the maintenance phase of the life cycle models? Each correct answer represents a complete solution. Choose all that apply.
A. Performing quality control
B. Recreating and analyzing the problem
C. Developing the changes and corresponding tests
D. Establishing the priorities of requests
Answer: A, B, C

Q: 9
Which of the following statements about Due Care policy is true?
A. It is a method used to authenticate users on a network.
B. It is a method for securing database servers.
C. It identifies the level of confidentiality of information.
D. It provides information about new viruses.
Answer: C

Q: 10
You have created a team of HR Managers and Project Managers for Blue Well Inc. The team will concentrate on hiring some new employees for the company and improving the organization's overall security by turning employees among numerous job positions. Which of the following steps will you perform to accomplish the task?
A. Job rotation
B. Job responsibility
C. Screening candidates
D. Separation of duties
Answer: A

Q: 11
Which of the following is a process that identifies critical information to determine if friendly actions can be observed by adversary intelligence systems?
Answer: B

Q: 12
Which of the following administrative policy controls is usually associated with government classifications of materials and the clearances of individuals to access those materials?
A. Separation of Duties
B. Due Care
C. Acceptable Use
D. Need to Know
Answer: D

Q: 13
Which of the following are the process steps of OPSEC? Each correct answer represents a part of the solution. Choose all that apply.
A. Analysis of Vulnerabilities
B. Display of associated vulnerability components
C. Assessment of Risk
D. Identification of Critical Information
Answer: A, C, D

Q: 14
Which of the following are the levels of military data classification system? Each correct answer represents a complete solution. Choose all that apply.
A. Sensitive
B. Top Secret
C. Confidential
D. Secret
E. Unclassified
F. Public
Answer: A, B, C, D, E

Q: 15
Which of the following tools works by using standard set of MS-DOS commands and can create an MD5 hash of an entire drive, partition, or selected files?
A. Device Seizure
B. Ontrack
C. DriveSpy
D. Forensic Sorter
Answer: C

Q: 16
Which of the following needs to be documented to preserve evidences for presentation in court?
A. Separation of duties
B. Account lockout policy
C. Incident response policy
D. Chain of custody
Answer: D

Q: 17
Eric is the project manager of the NQQ Project and has hired the ZAS Corporation to complete part of the project work for Eric's organization. Due to a change request the ZAS Corporation is no longer needed on the project even though they have completed nearly all of the project work. Is Eric's organization liable to pay the ZAS Corporation for the work they have completed so far on the project?
A. Yes, the ZAS Corporation did not choose to terminate the contract work.
B. It depends on what the outcome of a lawsuit will determine.
C. It depends on what the termination clause of the contract stipulates.
D. No, the ZAS Corporation did not complete all of the work.
Answer: C

Q: 18
Which of the following are the goals of risk management? Each correct answer represents a complete solution. Choose three.
A. Assessing the impact of potential threats
B. Identifying the accused
C. Finding an economic balance between the impact of the risk and the cost of the countermeasure
D. Identifying the risk
Answer: A, C, D

Q: 19
You are working as a project manager in your organization. You are nearing the final stages of project execution and looking towards the final risk monitoring and controlling activities. For your project archives, which one of the following is an output of risk monitoring and control?
A. Quantitative risk analysis
B. Qualitative risk analysis
C. Requested changes
D. Risk audits
Answer: C

Q: 20
Della works as a security manager for SoftTech Inc. She is training some of the newly recruited personnel in the field of security management. She is giving a tutorial on DRP. She explains that the major goal of a disaster recovery plan is to provide an organized way to make decisions if a disruptive event occurs and asks for the other objectives of the DRP. If you are among some of the newly recruited personnel in SoftTech Inc, what will be your answer for her question? Each correct answer represents a part of the solution. Choose three.
A. Protect an organization from major computer services failure.
B. Minimize the risk to the organization from delays in providing services.
C. Guarantee the reliability of standby systems through testing and simulation.
D. Maximize the decision-making required by personnel during a disaster.
Answer: A, B, C

Q: 21
Fill in the blank with an appropriate phrase.______________ is used to provide security mechanisms for the storage, processing, and transfer of data.
A. Data classification
Answer: A

Q: 22
Software Development Life Cycle (SDLC) is a logical process used by programmers to develop software. Which of the following SDLC phases meets the audit objectives defined below: System and data are validated. System meets all user requirements. System meets all control requirements.
A. Programming and training
B. Evaluation and acceptance
C. Definition
D. Initiation
Answer: B

© 2014, All Rights Reserved