Information Systems Security Management Professional

Here you have the best ISC CISSP-ISSMP practice exam questions

You have 70 total questions to study from
Each page has 5 questions, making a total of 14 pages
You can navigate through the pages using the buttons at the bottom
This questions were last updated on May 7, 2025
This site is not affiliated with or endorsed by ISC.

Question 1 of 70

Which of the following fields of management focuses on establishing and maintaining consistency of a system's or product's performance and its functional and physical attributes with its requirements, design, and operational information throughout its life?

Configuration management

Risk management

Procurement management

Change management

Correct Answer: A

Configuration management is the field of management that focuses on establishing and maintaining consistency of a system's or product's performance and its functional and physical attributes with its requirements, design, and operational information throughout its life. This ensures that the system or product remains reliable and operates as intended, even as changes are made over time. Other management fields such as risk management, procurement management, and change management deal with different aspects, such as identifying and mitigating risks, acquiring goods and services, and managing organizational change, respectively.

Question 2 of 70

Which of the following are the ways of sending secure e-mail messages over the Internet? Each correct answer represents a complete solution. Choose two.

TLS

PGP

S/MIME

IPSec

Correct Answer: B, C

Question 3 of 70

You work as a Senior Marketing Manger for Umbrella Inc. You find out that some of the software applications on the systems were malfunctioning and also you were not able to access your remote desktop session. You suspected that some malicious attack was performed on the network of the company. You immediately called the incident response team to handle the situation who enquired the Network Administrator to acquire all relevant information regarding the malfunctioning.

The Network Administrator informed the incident response team that he was reviewing the security of the network which caused all these problems. Incident response team announced that this was a controlled event not an incident. Which of the following steps of an incident handling process was performed by the incident response team?

Containment

Eradication

Preparation

Identification

Correct Answer: D

Question 4 of 70

Which of the following is the process performed between organizations that have unique hardware or software that cannot be maintained at a hot or warm site?

Cold sites arrangement

Business impact analysis

Duplicate processing facilities

Reciprocal agreements

Correct Answer: D

Question 5 of 70

Which of the following involves changing data prior to or during input to a computer in an effort to commit fraud?

Data diddling

Wiretapping

Eavesdropping

Spoofing

Correct Answer: A