ISC issmp practice test

Exam Title: Information Systems Security Management Professional

Last update: Dec 25 ,2025
Question 1

Which of the following terms refers to a mechanism which proves that the sender really sent a
particular message?

  • A. Non-repudiation
  • B. Confidentiality
  • C. Authentication
  • D. Integrity
Answer:

A

vote your answer:
A
B
C
D
A 0 B 0 C 0 D 0
Comments
Question 2

Which of the following characteristics are described by the DIAP Information Readiness Assessment
function? Each correct answer represents a complete solution. Choose all that apply.

  • A. It performs vulnerability/threat analysis assessment.
  • B. It identifies and generates IA requirements.
  • C. It provides data needed to accurately assess IA readiness.
  • D. It provides for entry and storage of individual system data.
Answer:

A, B, C

vote your answer:
A
B
C
D
A 0 B 0 C 0 D 0
Comments
Question 3

Joseph works as a Software Developer for Web Tech Inc. He wants to protect the algorithms and the
techniques of programming that he uses in developing an application. Which of the following laws
are used to protect a part of software?

  • A. Code Security law
  • B. Trademark laws
  • C. Copyright laws
  • D. Patent laws
Answer:

D

vote your answer:
A
B
C
D
A 0 B 0 C 0 D 0
Comments
Question 4

Which of the following is the best method to stop vulnerability attacks on a Web server?

  • A. Using strong passwords
  • B. Configuring a firewall
  • C. Implementing the latest virus scanner
  • D. Installing service packs and updates
Answer:

D

vote your answer:
A
B
C
D
A 0 B 0 C 0 D 0
Comments
Question 5

Which of the following is NOT a valid maturity level of the Software Capability Maturity Model
(CMM)?

  • A. Managed level
  • B. Defined level
  • C. Fundamental level
  • D. Repeatable level
Answer:

C

vote your answer:
A
B
C
D
A 0 B 0 C 0 D 0
Comments
Question 6

Which of the following BCP teams is the first responder and deals with the immediate effects of the
disaster?

  • A. Emergency-management team
  • B. Damage-assessment team
  • C. Off-site storage team
  • D. Emergency action team
Answer:

D

vote your answer:
A
B
C
D
A 0 B 0 C 0 D 0
Comments
Question 7

Which of the following security models dictates that subjects can only access objects through
applications?

  • A. Biba-Clark model
  • B. Bell-LaPadula
  • C. Clark-Wilson
  • D. Biba model
Answer:

C

vote your answer:
A
B
C
D
A 0 B 0 C 0 D 0
Comments
Question 8

Which of the following relies on a physical characteristic of the user to verify his identity?

  • A. Social Engineering
  • B. Kerberos v5
  • C. Biometrics
  • D. CHAP
Answer:

C

vote your answer:
A
B
C
D
A 0 B 0 C 0 D 0
Comments
Question 9

Which of the following types of activities can be audited for security? Each correct answer represents
a complete solution. Choose three.

  • A. Data downloading from the Internet
  • B. File and object access
  • C. Network logons and logoffs
  • D. Printer access
Answer:

B, C, D

vote your answer:
A
B
C
D
A 0 B 0 C 0 D 0
Comments
Question 10

You work as a Network Administrator for ABC Inc. The company uses a secure wireless network. John
complains to you that his computer is not working properly. What type of security audit do you need
to conduct to resolve the problem?

  • A. Operational audit
  • B. Dependent audit
  • C. Non-operational audit
  • D. Independent audit
Answer:

D

vote your answer:
A
B
C
D
A 0 B 0 C 0 D 0
Comments
Page 1 out of 21
Viewing questions 1-10 out of 218
Go To
page 2