ISC2 Information Systems Security Management Professional ISSMP CISSP-ISSMP Exam Practice Test

Which of the following penetration testing phases involves reconnaissance or data gathering?

Which of the following types of agreement creates a confidential relationship between the parties to protect any type of confidential and proprietary information or a trade secret?

Della works as a security manager for SoftTech Inc. She is training some of the newly recruited personnel in the field of security management. She is giving a tutorial on DRP. She explains that the major goal of a disaster recovery plan is to provide an organized way to make decisions if a disruptive event occurs and asks for the other objectives of the DRP. If you are among some of the newly recruited personnel in SoftTech Inc, what will be your answer for her question? Each correct answer represents a part of the solution. Choose three.

What component of the change management system is responsible for evaluating, testing, and documenting changes created to the project scope?

NIST Special Publication 800-50 is a security awareness program. It is designed for those people who are currently working in the information technology field and want information on security policies. Which of the following are some of its critical steps? Each correct answer represents a complete solution. Choose two.

Which of the following terms related to risk management represents the estimated frequency at which a threat is expected to occur?

Which of the following concepts represent the three fundamental principles of information security? Each correct answer represents a complete solution. Choose three.