Cyber Monday 2022! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: CM2022
Welcome to Pass4Success

- Free Preparation Discussions

ISC2 Information Systems Security Management Professional Exam

Certification Provider: ISC2
Exam Name: Information Systems Security Management Professional
Duration: 150 Minutes
Number of questions in our database: 224
Exam Version: Nov. 26, 2022
Exam Official Topics:
  • Topic 1: Threat Intelligence and Incident Management/ Risk Management
  • Topic 2: Law, Ethics and Security Compliance Management/ Understand the general processes employed in the identification of system assets
  • Topic 3: Systems Lifecycle Management/ Contingency Management/ Apply metrics, budgeting, project management and management of security team
  • Topic 4: Leadership and Business Management/ Recommend a documented security program that includes security awareness
  • Topic 5: Recognize the laws, regulations, and supporting policies/ Understand the general processes employed in the identification of system assets

Free ISC2 Information Systems Security Management Professional Exam Actual Questions

The questions for Information Systems Security Management Professional were last updated On Nov. 26, 2022

Question #1

How many change control systems are there in project management?

Reveal Solution Hide Solution
Correct Answer: B

There are four change control systems in project management. time, cost, scope, and contract.

Change control system, a part of the configuration management system, is a collection of formal documented procedures that define how project deliverables and documentation will be controlled, changed, and approved.

Answer options D, C, and A are incorrect. These are incorrect figures, as there are a total of four change control systems in project management.


From Start to Finish by Joseph Phillips, ISBN. 978-0072232028.'

Question #2

In which of the following phases of the SDLC does the software and other components of the system faithfully incorporate the design specifications and provide proper documentation and training?

Reveal Solution Hide Solution
Correct Answer: A

In the programming and training phase of the SDLC, the software and other components of the system faithfully incorporate the design specifications, and proper documentation and training are provided.

Answer option C is incorrect. During the initiation phase, the need for a system is expressed and the purpose of the system is documented.

Answer option D is incorrect. During the design phase, systems requirements are incorporated into design. This phase specifies to include controls that support the auditing of the system.

Answer option B is incorrect. During the evaluation and acceptance phase, the system and data are validated, all the control requirements and the user requirements are met by the system.


Question #3

Which of the following signatures watches for the connection attempts to well-known, frequently attacked ports?

Reveal Solution Hide Solution
Correct Answer: A

Port signatures watch for connection attempts to well-known, frequently attacked ports. These type of signatures are used in Network-based ID systems, which involve looking at the packets on the network as they pass by some sensor. The packets are identified to be of interest if they match a signature.

Answer option D is incorrect. String signatures look for a text string that indicates a possible attack.

Answer option C is incorrect. Header signatures watch for dangerous or illogical combinations in packet headers.

Answer option B is incorrect. Digital signature is an authentication tool that is used to ensure the integrity and non-repudiation of a presentation. It is used to authenticate the presentation by using a cryptographic mechanism. The document for a digital signature can be a presentation, a message, or an email.


Question #4

Configuration Management (CM) is an Information Technology Infrastructure Library (ITIL) IT Service Management (ITSM) process. Configuration Management is used for which of the following?

1.To account for all IT assets

2.To provide precise information support to other ITIL disciplines

3.To provide a solid base only for Incident and Problem Management

4.To verify configuration records and correct any exceptions

Reveal Solution Hide Solution
Correct Answer: C

Configuration Management is used for the following.

1.To account for all IT assets

2.To provide precise information support to other ITIL disciplines

3.To provide a solid base for Incident, Problem, Change, and Release Management

4.To verify configuration records and correct any exceptions

Answer options A and D are incorrect. Configuration Management is used to provide a solid base for Incident, Problem, Change, and Release Management.

Answer option B is incorrect. Configuration Management is also used to verify configuration records and correct any exceptions.


Question #5

Which of the following protocols are used to provide secure communication between a client and a server over the Internet? Each correct answer represents a part of the solution. Choose two.

Reveal Solution Hide Solution
Correct Answer: A, D

SSL and TLS protocols are used to provide secure communication between a client and a server over the Internet.



Unlock all Information Systems Security Management Professional Exam Questions with Advanced Practice Test Features:
  • Select Question Types you want
  • Set your Desired Pass Percentage
  • Allocate Time (Hours : Minutes)
  • Create Multiple Practice tests with Limited Questions
  • Customer Support
Get Full Access Now
Disscuss ISC2 Information Systems Security Management Professional Topics, Questions or Ask Anything Related

Save Cancel