Free Access BCS.CISMP-V9.v2022-04-21.q35 Practice Test (Page 2)

Question 1

Why is it prudent for Third Parties to be contracted to meet specific security standards?

A.Vulnerabilities in Third Party networks can be malevolently leveraged to gain illicit access into client environments.

B.All access to corporate systems must be controlled via a single set of rules if they are to be enforceable.

C.It is a legal requirement for Third Party support companies to meet client security standards.

D.Third Parties cannot connect to other sites and networks without a contract of similar legal agreement.

Question 2

Which of the following is the MOST important reason for undertaking Continual Professional Development (CPD) within the Information Security sphere?

A.Professional qualification bodies demand CPD.

B.Information Security changes constantly and at speed.

C.IT certifications require CPD and Security needs to remain credible.

D.CPD is a prerequisite of any Chartered Institution qualification.

Question 3

Which standards framework offers a set of IT Service Management best practices to assist organisations in aligning IT service delivery with business goals - including security goals?

A.ISAGA.
https://www.cherwell.com/it-service-management/library/essential-guides/essential-guide-to-itil-framework-and-processes/

B.COBIT

C.ITIL.

D.SABSA.

Question 4

Which security concept provides redundancy in the event a security control failure or the exploitation of a vulnerability?

A.Sandboxing.

B.Intrusion Prevention System.

C.System Integrity.

D.Defence in depth.
https://en.wikipedia.org/wiki/Defense_in_depth_(computing)

Question 5

In software engineering, what does 'Security by Design" mean?

A.The software has been designed from its inception to be secure.

B.Low Level and High Level Security Designs are restricted in distribution.

C.All code meets the technical requirements of GDPR.
https://en.wikipedia.org/wiki/Secure_by_design#:~:text=Secure%20by%20design%20(SBD)%2C,the%20foundation%20to%20be%20secure.&text=Malicious%20practices%20are%20taken%20for,or%20on%20invalid%20user%20input.

D.All security software artefacts are subject to a code-checking regime.

Other Version: 819BCS.CISMP-V9.v2022-06-01.q34

Latest Upload: 117Oracle.1Z0-1057-23.v2025-09-10.q47; 150Google.Professional-Cloud-Network-Engineer.v2025-09-09.q179; 131SAP.C-S4EWM-2023.v2025-09-08.q83; 156TheSecOpsGroup.CNSP.v2025-09-08.q20; 207CFAInstitute.ESG-Investing.v2025-09-08.q173; 155PECB.ISO-IEC-27001-Lead-Implementer.v2025-09-06.q132; 145Salesforce.Data-Architect.v2025-09-05.q216; 137Adobe.AD0-E605.v2025-09-05.q50; 180Nutanix.NCP-MCI-6.10.v2025-09-05.q55; 114Oracle.1z0-591.v2025-09-05.q104

Question 1

Question 2

Question 3

Question 4

Question 5

Download PDF File