This page was exported from Free Exam Dumps Collection [ http://free.examcollectionpass.com ] Export date:Sat Nov 30 19:04:26 2024 / +0000 GMT ___________________________________________________ Title: [Feb-2023] BCS CISMP-V9 Exam Practice Test Questions - ExamcollectionPass [Q48-Q62] --------------------------------------------------- [Feb-2023] BCS CISMP-V9 Exam Practice Test Questions - ExamcollectionPass Updated Certification Exam CISMP-V9 Dumps - Practice Test Questions QUESTION 48What Is the PRIMARY difference between DevOps and DevSecOps?  Within DevSecOps security is introduced at the end of development immediately prior to deployment.  DevSecOps focuses solely on iterative development cycles.  DevSecOps includes security on the same level as continuous integration and delivery.  DevOps mandates that security is integrated at the beginning of the development lifecycle.https://www.viva64.com/en/b/0710/#:~:text=DevOps%20is%20a%20methodology%20aiming,in%20the%20software%20development%20process.&text=DevSecOps%20is%20a%20further%20development,code%20quality%20and%20reliability%20assurance. QUESTION 49Which of the following acronyms covers the real-time analysis of security alerts generated by applications and network hardware?  CERT  SIEM.  CISM.  DDoS.https://en.wikipedia.org/wiki/Security_information_and_event_management QUESTION 50Which security concept provides redundancy in the event a security control failure or the exploitation of a vulnerability?  System Integrity.  Sandboxing.  Intrusion Prevention System.  Defence in depth.https://en.wikipedia.org/wiki/Defense_in_depth_(computing) QUESTION 51Which type of facility is enabled by a contract with an alternative data processing facility which will provide HVAC, power and communications infrastructure as well computing hardware and a duplication of organisations existing “live” data?  Cold site.  Warm site.  Hot site.  Spare site QUESTION 52Which of the following is considered to be the GREATEST risk to information systems that results from deploying end-to-end Internet of Things (IoT) solutions?  Use of ‘cheap” microcontroller based sensors.  Much larger attack surface than traditional IT systems.  Use of proprietary networking protocols between nodes.  Use of cloud based systems to collect loT data. QUESTION 53Why might the reporting of security incidents that involve personal data differ from other types of security incident?  Personal data is not highly transient so its 1 investigation rarely involves the preservation of volatile memory and full forensic digital investigation.  Personal data is normally handled on both IT and non-IT systems so such incidents need to be managed in two streams.  Data Protection legislation normally requires the reporting of incidents involving personal data to a Supervisory Authority.  Data Protection legislation is process-oriented and focuses on quality assurance of procedures and governance rather than data-focused event investigation QUESTION 54What Is the PRIMARY reason for organisations obtaining outsourced managed security services?  Managed security services permit organisations to absolve themselves of responsibility for security.  Managed security services are a de facto requirement for certification to core security standards such as ISG/IEC 27001  Managed security services provide access to specialist security tools and expertise on a shared, cost-effective basis.  Managed security services are a powerful defence against litigation in the event of a security breach or incident QUESTION 55By what means SHOULD a cloud service provider prevent one client accessing data belonging to another in a shared server environment?  By ensuring appropriate data isolation and logical storage segregation.  By using a hypervisor in all shared severs.  By increasing deterrent controls through warning messages.  By employing intrusion detection systems in a VMs. QUESTION 56Which of the following types of organisation could be considered the MOST at risk from the theft of electronic based credit card data?  Online retailer.  Traditional market trader.  Mail delivery business.  Agricultural producer. QUESTION 57Once data has been created In a standard information lifecycle, what step TYPICALLY happens next?  Data Deletion.  Data Archiving.  Data Storage.  Data Publication QUESTION 58Which of the following subjects is UNLIKELY to form part of a cloud service provision laaS contract?  User security education.  Intellectual Property Rights.  End-of-service.  Liability QUESTION 59As well as being permitted to access, create, modify and delete information, what right does an Information Owner NORMALLY have in regard to their information?  To assign access privileges to others.  To modify associated information that may lead to inappropriate disclosure.  To access information held in the same format and file structure.  To delete all indexed data in the dataset. QUESTION 60Which of the following is NOT an information security specific vulnerability?  Use of HTTP based Apache web server.  Unpatched Windows operating system.  Confidential data stored in a fire safe.  Use of an unlocked filing cabinet. QUESTION 61When securing a wireless network, which of the following is NOT best practice?  Using WPA encryption on the wireless network.  Use MAC tittering on a SOHO network with a smart group of clients.  Dedicating an access point on a dedicated VLAN connected to a firewall.  Turning on SSID broadcasts to advertise security levels. QUESTION 62In order to better improve the security culture within an organisation with a top down approach, which of the following actions at board level is the MOST effective?  Appointment of a Chief Information Security Officer (CISO).  Purchasing all senior executives personal firewalls.  Adopting an organisation wide “clear desk” policy.  Developing a security awareness e-learning course.  Loading … Updated Verified CISMP-V9 dumps Q&As - Pass Guarantee or Full Refund: https://www.examcollectionpass.com/BCS/CISMP-V9-practice-exam-dumps.html --------------------------------------------------- Images: https://free.examcollectionpass.com/wp-content/plugins/watu/loading.gif https://free.examcollectionpass.com/wp-content/plugins/watu/loading.gif --------------------------------------------------- --------------------------------------------------- Post date: 2023-02-28 14:14:20 Post date GMT: 2023-02-28 14:14:20 Post modified date: 2023-02-28 14:14:20 Post modified date GMT: 2023-02-28 14:14:20