The purpose of this Sample Question Set is to provide you with information about the ISC2 Information Systems Security Management Professional exam. These sample questions will make you very familiar with both the type and the difficulty level of the questions on the CISSP-ISSMP certification test. To get familiar with real exam environment, we suggest you try our Sample ISC2 CISSP-ISSMP Certification Practice Exam. This sample practice exam gives you the feeling of reality and is a clue to the questions asked in the actual ISC2 Information Systems Security Management Professional (CISSP-ISSMP) certification exam.
These sample questions are simple and basic questions that represent likeness to the real ISC2 CISSP-ISSMP exam questions. To assess your readiness and performance with real time scenario based questions, we suggest you prepare with our Premium ISC2 CISSP-ISSMP Certification Practice Exam. When you solve real time scenario based questions practically, you come across many difficulties that give you an opportunity to improve.
ISC2 CISSP-ISSMP Sample Questions:
01. Software Development Life Cycle (SDLC) is a logical process used by programmers to develop software. Which of the following SDLC phases meets the audit objectives defined below:
- System and data are validated.
- System meets all user requirements.
- System meets all control requirements.
a) Programming and training
b) Evaluation and acceptance
02. Which of the following are known as the three laws of OPSEC?
a) If you don't know the threat, how do you know what to protect?
b) If you don't know what to protect, how do you know you are protecting it?
c) If you are not protecting it (the critical and sensitive information), the adversary wins!
d) If you don't know about your security resources you cannot protect your network.
03. Joseph works as a Software Developer for Web Tech Inc. He wants to protect the algorithms and the techniques of programming that he uses in developing an application.
Which of the following laws are used to protect a part of software?
a) Code Security law
b) Trademark laws
c) Copyright laws
d) Patent laws
04. How many change control systems are there in project management?
05. Which of the following statements are true about a hot site?
a) It can be used within an hour for data recovery.
b) It is cheaper than a cold site but more expensive than a worm site.
c) It is the most inexpensive backup site.
d) It is a duplicate of the original site of the organization, with full computer systems as well as near-complete backups of user data.
06. Which of the following is the default port for Simple Network Management Protocol (SNMP)?
a) TCP port 80
b) TCP port 25
c) UDP port 161
d) TCP port 110
07. Against which of the following does SSH provide protection?
a) IP spoofing
b) Broadcast storm
c) Password sniffing
d) DoS attack
08. Which of the following deals is a binding agreement between two or more persons that is enforceable by law?
d) Service level agreement
09. What are the steps related to the vulnerability management program?
a) Maintain and Monitor
b) Organization Vulnerability
c) Define Policy
d) Baseline the Environment
10. Which of the following security models dictates that subjects can only access objects through applications?
a) Biba-Clark model
d) Biba model
Answer: a, b, c
Answer: a, d
Answer: a, c
Answer: a, c, d
Note: For any error in ISC2 Information Systems Security Management Professional (CISSP-ISSMP) certification exam sample questions, please update us by writing an email on firstname.lastname@example.org.