Free Information Systems Security Management Professional Exam ISSMP Exam Practice Test

Which of the following types of agreement creates a confidential relationship between the parties to protect any type of confidential and proprietary information or a trade secret?A . SLAB . NDAC . Non-price competitionD . CNC

Which of the following security models dictates that subjects can only access objects through applications?A . Biba-Clark modelB . Bell-LaPadulaC . Clark-WilsonD . Biba model

You are the project manager of the HJK Project for your organization. You and the project team have created risk responses for many of the risk events in the project. Where should you document the proposed responses and the current status of all identified risks?A . Risk management planB . Lessons learned documentationC . Risk registerD . Stakeholder management strategy

What course of action can be taken by a party if the current negotiations fail and an agreement cannot be reached?A . ZOPAB . PONC . BiasD . BATNA

• Care should be taken, however, to ensure that deals are accurately valued, taking into account all considerations, such as relationship value, time value of money and the likelihood that the other party will live up to their side of the bargain. These other considerations are often difficult to value, since they are frequently based on uncertain or qualitative considerations, rather than easily measurable and quantifiable factors.
• Answer option A is incorrect. The zone of possible agreement (ZOPA), in sales and negotiations, describes the intellectual zone between two parties where an agreement can be met which both parties can agree to. Within this zone, an agreement is possible. Outside of the zone, no amount of negotiation will yield an agreement.
• Answer option B is incorrect. The Program on Negotiation (PON) is a research center for the study and teaching of negotiation and conflict resolution. It was established as a consortium between Harvard, MIT, and Tufts University almost 25 years ago and is located at Harvard Law School. PON sponsors events, visiting scholars and researchers, graduate research fellows and conferences. It also offers negotiation and conflict resolution educational opportunities for students and professionals, and publishes the monthly Negotiation newsletter, quarterly Negotiation Journal, and the annual Harvard Negotiation Law Review.
• Answer option C is incorrect. Bias is a term used to describe a tendency or preference towards a particular perspective, ideology or result, when the tendency interferes with the ability to be impartial, unprejudiced, or objective. In other words, bias is generally seen as a 'one-sided' perspective. The term biased refers to a person or group who is judged to exhibit bias. It is used to describe an attitude, judgment, or behavior that is influenced by a prejudice. Bias can be unconscious or conscious in awareness. Having a bias is part of a normal development.
• Labeling someone as biased in some regard implies they need a greater or more flexible perspective in that area, or that they need to
• consider more deeply the context.

Which of the following are the examples of administrative controls?Each correct answer represents a complete solution. Choose all that apply.A . Security awareness trainingB . Security policyC . Data BackupD . Auditing

Joseph works as a Software Developer for Web Tech Inc. He wants to protect the algorithms and the techniques of programming that he uses in developing an application. Which of the following laws are used to protect a part of software?A . Code Security lawB . Trademark lawsC . Copyright lawsD . Patent laws

Which of the following statements is true about auditing?A . It is used to protect the network against virus attacks.B . It is used to track user accounts for file and object access, logon attempts, etc.C . It is used to secure the network or the computers on the network.D . It is used to prevent unauthorized access to network resources.

Which of the following 'Code of Ethics Canons' of the '(ISC)2 Code of Ethics' states to act honorably, honestly, justly, responsibly and legally?A . Second Code of Ethics CanonsB . Fourth Code of Ethics CanonsC . First Code of Ethics CanonsD . Third Code of Ethics Canons

Which of the following statements about the availability concept of Information security management is true?A . It determines actions and behaviors of a single individual within a system.B . It ensures reliable and timely access to resources.C . It ensures that unauthorized modifications are not made to data by authorized personnel or processes.D . It ensures that modifications are not made to data by unauthorized personnel or processes.

You work as a Network Administrator for ABC Inc. The company uses a secure wireless network. John complains to you that his computer is not working properly. What type of security audit do you need to conduct to resolve the problem?A . Operational auditB . Dependent auditC . Non-operational auditD . Independent audit