We provide real CISSP-ISSMP exam questions and answers braindumps in two formats. Download PDF & Practice Tests. Pass ISC2 CISSP-ISSMP Exam quickly & easily. The CISSP-ISSMP PDF type is available for reading and printing. You can print more and practice many times. With the help of our ISC2 CISSP-ISSMP dumps pdf and vce product and material, you can easily pass the CISSP-ISSMP exam.

Q1. Which of the following U.S. Federal laws addresses computer crime activities in communication lines, stations, or systems?

A. 18 U.S.C. 1362

B. 18 U.S.C. 1030

C. 18 U.S.C. 1029

D. 18 U.S.C. 2701

E. 18 U.S.C. 2510

Answer:


Q2. Walter is the project manager of a large construction project. He'll be working with several vendors on the project. Vendors will be providing materials and labor for several parts of the project. Some of the works in the project are very dangerous so Walter has implemented safety requirements for all of the vendors and his own project team. Stakeholders for the project have added new requirements, which have caused new risks in the project. A vendor has identified a new risk that could affect the project if it comes into fruition. Walter agrees with the vendor and has updated the risk register and created potential risk responses to mitigate the risk. What should Walter also update in this scenario considering the risk event?

A. Project contractual relationship with the vendor

B. Project management plan

C. Project communications plan

D. Project scope statement 

Answer: B


Q3. Which of the following is the best method to stop vulnerability attacks on a Web server?

A. Using strong passwords

B. Configuring a firewall

C. Implementing the latest virus scanner

D. Installing service packs and updates 

Answer: D


Q4. Which of the following statements about the integrity concept of information security management are true? Each correct answer represents a complete solution. Choose three.

A. It ensures that unauthorized modifications are not made to data by authorized personnel orprocesses.

B. It determines the actions and behaviors of a single individual within a system

C. It ensures that modifications are not made to data by unauthorized personnel or processes.

D. It ensures that internal information is consistent among all subentities and also consistent with the real-world, external situation.

Answer: A,C,D 


Q5. Which of the following are the common roles with regard to data in an information classification program? Each correct answer represents a complete solution. Choose all that apply.

A. Editor

B. Custodian

C. Owner

D. Security auditor

E. User

Answer: B,C,D,E 


Q6. Part of your change management plan details what should happen in the change control system for your project. Theresa, a junior project manager, asks what the configuration management activities are for scope changes. You tell her that all of the following are valid configuration management activities except for which one?

A. Configuration Verification and Auditing

B. Configuration Item Costing

C. Configuration Identification

D. Configuration Status Accounting 

Answer: B


Q7. Which of the following roles is used to ensure that the confidentiality, integrity, and availability of the services are maintained to the levels approved on the Service Level Agreement (SLA)?

A. The Service Level Manager

B. The Configuration Manager

C. The IT Security Manager

D. The Change Manager 

Answer: C   


Q8. Which of the following issues are addressed by the change control phase in the maintenance phase of the life cycle models? Each correct answer represents a complete solution. Choose all that apply.

A. Performing quality control

B. Recreating and analyzing the problem

C. Developing the changes and corresponding tests

D. Establishing the priorities of requests 

Answer: A,B,C