Our pass rate is high to 98.9% and the similarity percentage between our CISSP-ISSMP study guide and real exam is 90% based on our seven-year educating experience. Do you want achievements in the ISC2 CISSP-ISSMP exam in just one try? I am currently studying for the ISC2 CISSP-ISSMP exam. Latest ISC2 CISSP-ISSMP Test exam practice questions and answers, Try ISC2 CISSP-ISSMP Brain Dumps First.

Q33. What are the purposes of audit records on an information system? Each correct answer represents a complete solution. Choose two.

A. Troubleshooting

B. Investigation

C. Upgradation

D. Backup 

Answer: A,B 


Q34. Which of the following can be prevented by an organization using job rotation and separation of duties policies?

A. Collusion

B. Eavesdropping

C. Buffer overflow

D. Phishing 

Answer:


Q35. You are a project manager of a large construction project. Within the project you are working with several vendors to complete different phases of the construction. Your client has asked that you arrange for some of the materials a vendor is to install next week in the project to be changed.

According to the change management plan what subsystem will need to manage this change request?

A. Cost

B. Resources

C. Contract

D. Schedule 

Answer:


Q36. Which of the following statements best describes the consequences of the disaster recovery plan test?

A. If no deficiencies were found during the test, then the test was probably flawed.

B. The plan should not be changed no matter what the results of the test would be.

C. The results of the test should be kept secret.

D. If no deficiencies were found during the test, then the plan is probably perfect. 

Answer: A


Q37. Mark works as a security manager for SoftTech Inc. He is involved in the BIA phase to create a document to be used to help understand what impact a disruptive event would have on the business. The impact might be financial or operational. Which of the following are the objectives related to the above phase in which Mark is involved? Each correct answer represents a part of the solution. Choose three.

A. Resource requirements identification

B. Criticality prioritization

C. Down-time estimation

D. Performing vulnerability assessment

Answer: A,B,C 


Q38. Which of the following refers to an information security document that is used in the United States Department of Defense (DoD) to describe and accredit networks and systems?

A. SSAA

B. FITSAF

C. FIPS

D. TCSEC

Answer:


Q39. Which of the following ports is the default port for Layer 2 Tunneling Protocol (L2TP) ?

A. UDP port 161

B. TCP port 443

C. TCP port 110

D. UDP port 1701 

Answer:


Q40. You are the project manager of the GHE Project. You have identified the following risks with the characteristics as shown in the following figure:

 

How much capital should the project set aside for the risk contingency reserve? 

A. $142,000

B. $232,000 

C. $41,750 

D. $23,750

Answer: