Spring Sale Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: buysanta

Exact2Pass Menu

Login / Register

ISSMP®: Information Systems Security Management Professional

Last Update 18 hours ago Total Questions : 218

The ISSMP®: Information Systems Security Management Professional content is now fully updated, with all current exam questions added 18 hours ago. Deciding to include ISSMP practice exam questions in your study plan goes far beyond basic test preparation.

You'll find that our ISSMP exam questions frequently feature detailed scenarios and practical problem-solving exercises that directly mirror industry challenges. Engaging with these ISSMP sample sets allows you to effectively manage your time and pace yourself, giving you the ability to finish any ISSMP®: Information Systems Security Management Professional practice test comfortably within the allotted time.

Question # 31

Which of the following statements about system hardening are true? Each correct answer represents a complete solution. Choose two.

A.

It can be achieved by installing service packs and security updates on a regular basis.

B.

It is used for securing the computer hardware.

C.

It can be achieved by locking the computer room.

D.

It is used for securing an operating system.

Question # 32

Rachael is the project manager for a large project in her organization. A new change request has been proposed that will affect several areas of the project. One area of the project change impact is on work that a vendor has already completed. The vendor is refusing to make the changes as they've already completed the project work they were contracted to do. What can Rachael do in this instance?

A.

Threaten to sue the vendor if they don't complete the work.

B.

Fire the vendor for failing to complete the contractual obligation.

C.

Withhold the vendor's payments for the work they've completed.

D.

Refer to the contract agreement for direction.

Question # 33

Which of the following test methods has the objective to test the IT system from the viewpoint of a threat-source and to identify potential failures in the IT system protection schemes?

A.

Penetration testing

B.

On-site interviews

C.

Security Test and Evaluation (ST & E)

D.

Automated vulnerability scanning tool

Question # 34

You work as a Forensic Investigator. Which of the following rules will you follow while working on a case? Each correct answer represents a part of the solution. Choose all that apply.

A.

Prepare a chain of custody and handle the evidence carefully.

B.

Examine original evidence and never rely on the duplicate evidence.

C.

Never exceed the knowledge base of the forensic investigation.

D.

Follow the rules of evidence and never temper with the evidence.

Question # 35

Which of the following are the common roles with regard to data in an information classification program? Each correct answer represents a complete solution. Choose all that apply.

A.

Editor

B.

Custodian

C.

Owner

D.

Security auditor

E.

User

Question # 36

Which of the following ports is the default port for Layer 2 Tunneling Protocol (L2TP) ?

A.

UDP port 161

B.

TCP port 443

C.

TCP port 110

D.

UDP port 1701

Question # 37

Fill in the blank with an appropriate phrase.______________ is used to provide security mechanisms for the storage, processing, and transfer of data.

A.

Data classification

Question # 38

You are the Network Administrator for a software company. Due to the nature of your company's business, you have a significant number of highly computer savvy users. However, you have still decided to limit each user access to only those resources required for their job, rather than give wider access to the technical users (such as tech support and software engineering personnel). What is this an example of?

A.

The principle of maximum control.

B.

The principle of least privileges.

C.

Proper use of an ACL.

D.

Poor resource management.

Question # 39

Which of the following protocols is used with a tunneling protocol to provide security?

A.

FTP

B.

IPX/SPX

C.

IPSec

D.

EAP

Question # 40

Part of your change management plan details what should happen in the change control system for your project. Theresa, a junior project manager, asks what the configuration management activities are for scope changes. You tell her that all of the following are valid configuration management activities except for which one?

A.

Configuration Verification and Auditing

B.

Configuration Item Costing

C.

Configuration Identification

D.

Configuration Status Accounting

Go to page:
ISSMP PDF + Testing Engine
220-1201 pdf + testing engine
$149.97
$44.99 
220-1201 pdf + testing engine
  • Last Update: May 25, 2026
  • 218 Questions and Answers
  • Single Choice: 170 Q&A's
  • Multiple Choice: 48 Q&A's
 View Packages

Related ISC Certification Exams

ISC CGRC
ISC CC
ISC CCSP
ISC CISSP
ISC HCISPP
ISC SSCP
ISC CSSLP
ISC ISSAP
ISC ISSEP

New Release

Category-Manager Exam Questions
Drupal-Site-Builder Exam Questions
NCP-OUSD Exam Questions
IdentityIQ-Associate Exam Questions
M92 Exam Questions
ISO-IEC-27002-Foundation Exam Questions
NCP-AAI Exam Questions
VNX301 Exam Questions
AI-901 Exam Questions
Als-Con-201 Exam Questions
App-Development-with-Swift-Certified-User Exam Questions
CAIPM Exam Questions
CPCM Exam Questions
RCA Exam Questions
I27001F Exam Questions