CISSP Exam - Free Actual Q&as, Page 1 - 100

24/03/2024 11:26 CISSP Exam - Free Actual Q&As, Page 1 | ExamTopics
- Expert Verified, Online, Free.
 Custom View Settings
Topic 1 - Single Topic
Question #1 Topic 1
Physical assets defined in an organization's business impact analysis (BIA) could include which of the following?
A. Personal belongings of organizational staff members
B. Disaster recovery (DR) line-item revenues
C. Cloud-based applications
D. Supplies kept off-site a remote facility
Correct Answer: D
Community vote distribution

D (95%) 5%
Question #2 Topic 1
When assessing the audit capability of an application, which of the following activities is MOST important?
A. Identify procedures to investigate suspicious activity.
B. Determine if audit records contain sufficient information.
C. Verify if sufficient storage is allocated for audit records.
D. Review security plan for actions to be taken in the event of audit failure.
Correct Answer: C

B (75%) C (25%)
https://www.examtopics.com/exams/isc/cissp/custom-view/ 1/34
Question #3 Topic 1
An organization would like to implement an authorization mechanism that would simplify the assignment of various system access permissions
for many users with similar job responsibilities. Which type of authorization mechanism would be the BEST choice for the organization to
implement?
A. Role-based access control (RBAC)
B. Discretionary access control (DAC)
C. Content-dependent Access Control
D. Rule-based Access Control
Correct Answer: A

A (100%)
Question #4 Topic 1
What is the PRIMARY reason for criminal law being difficult to enforce when dealing with cybercrime?
A. Jurisdiction is hard to define.
B. Law enforcement agencies are understaffed.
C. Extradition treaties are rarely enforced.
D. Numerous language barriers exist.
Correct Answer: A

A (100%)
Question #5 Topic 1
Wi-Fi Protected Access 2 (WPA2) provides users with a higher level of assurance that their data will remain protected by using which protocol?
A. Extensible Authentication Protocol (EAP)
B. Internet Protocol Security (IPsec)
C. Secure Sockets Layer (SSL)
D. Secure Shell (SSH)
Correct Answer: A

A (100%)
Question #6 Topic 1
Which part of an operating system (OS) is responsible for providing security interfaces among the hardware, OS, and other parts of the computing
system?
A. Reference monitor
B. Trusted Computing Base (TCB)
C. Time separation
D. Security kernel
Correct Answer: A

D (80%) A (16%) 4%
Question #7 Topic 1
What process facilitates the balance of operational and economic costs of protective measures with gains in mission capability?
A. Performance testing
B. Risk assessment
C. Security audit
D. Risk management
Correct Answer: D

D (100%)
Question #8 Topic 1
Clothing retailer employees are provisioned with user accounts that provide access to resources at partner businesses. All partner businesses use
common identity and access management (IAM) protocols and differing technologies. Under the Extended Identity principle, what is the process
flow between partner businesses to allow this IAM action?
A. Clothing retailer acts as User Self Service, confirms identity of user using industry standards, then sends credentials to partner businesses
that act as a Service Provider and allows access to services.
B. Clothing retailer acts as identity provider (IdP), confirms identity of user using industry standards, then sends credentials to partner
businesses that act as a Service Provider and allows access to services.
C. Clothing retailer acts as Service Provider, confirms identity of user using industry standards, then sends credentials to partner businesses
that act as an identity provider (IdP) and allows access to resources.
D. Clothing retailer acts as Access Control Provider, confirms access of user using industry standards, then sends credentials to partner
businesses that act as a Service Provider and allows access to resources.
Correct Answer: B

B (100%)
Question #9 Topic 1
Which of the following statements BEST describes least privilege principle in a cloud environment?
A. A single cloud administrator is configured to access core functions.
B. Internet traffic is inspected for all incoming and outgoing packets.
C. Routing configurations are regularly updated with the latest routes.
D. Network segments remain private if unneeded to access the internet.
Correct Answer: D

D (59%) A (41%)
Question #10 Topic 1
An organization has been collecting a large amount of redundant and unusable data and filling up the storage area network (SAN). Management
has requested the identification of a solution that will address ongoing storage problems. Which is the BEST technical solution?
A. Compression
B. Caching
C. Replication
D. Deduplication
Correct Answer: A

D (69%) A (31%)
Which Wide Area Network (WAN) technology requires the first router in the path to determine the full path the packet will travel, removing the need
for other routers in the path to make independent determinations?
A. Synchronous Optical Networking (SONET)
B. Multiprotocol Label Switching (MPLS)
C. Fiber Channel Over Ethernet (FCoE)
D. Session Initiation Protocol (SIP)
Correct Answer: B

B (100%)
Which of the following would an information security professional use to recognize changes to content, particularly unauthorized changes?
A. File Integrity Checker
B. Security information and event management (SIEM) system
C. Audit Logs
D. Intrusion detection system (IDS)
Correct Answer: A

A (57%) B (43%)
Which of the following is included in change management?
A. Technical review by business owner
B. User Acceptance Testing (UAT) before implementation
C. Cost-benefit analysis (CBA) after implementation
D. Business continuity testing
Correct Answer: D

D (50%) B (44%) 6%
A company is enrolled in a hard drive reuse program where decommissioned equipment is sold back to the vendor when it is no longer needed.
The vendor pays more money for functioning drives than equipment that is no longer operational. Which method of data sanitization would
provide the most secure means of preventing unauthorized data loss, while also receiving the most money from the vendor?
A. Pinning
B. Single-pass wipe
C. Multi-pass wipes
D. Degaussing
Correct Answer: C

C (94%) 6%
When reviewing vendor certifications for handling and processing of company data, which of the following is the BEST Service Organization
Controls (SOC) certification for the vendor to possess?
A. SOC 1 Type 1
B. SOC 2 Type 1
C. SOC 2 Type 2
D. SOC 3
Correct Answer: C

C (100%)
Which application type is considered high risk and provides a common way for malware and viruses to enter a network?
A. Instant messaging or chat applications
B. Peer-to-Peer (P2P) file sharing applications
C. E-mail applications
D. End-to-end applications
Correct Answer: B

B (88%) 13%
An organization is looking to include mobile devices in its asset management system for better tracking. In which system tier of the reference
architecture would mobile devices be tracked?
A. 0
B. 1
C. 2
D. 3
Correct Answer: A

B (47%) D (24%) A (18%) 11%
Which of the following is the BEST way to protect an organization's data assets?
A. Encrypt data in transit and at rest using up-to-date cryptographic algorithms.
B. Monitor and enforce adherence to security policies.
C. Require Multi-Factor Authentication (MFA) and Separation of Duties (SoD).
D. Create the Demilitarized Zone (DMZ) with proxies, firewalls and hardened bastion hosts.
Correct Answer: A

B (51%) A (49%)
Within a large organization, what business unit is BEST positioned to initiate provisioning and deprovisioning of user accounts?
A. Training department
B. Internal audit
C. Human resources
D. Information technology (IT)
Correct Answer: C

C (92%) 8%
Which of the following is the PRIMARY purpose of installing a mantrap within a facility?
A. Control traffic
B. Control air flow
C. Prevent piggybacking
D. Prevent rapid movement
Correct Answer: C

C (100%)
In the "Do" phase of the Plan-Do-Check-Act model, which of the following is performed?
A. Maintain and improve the Business Continuity Management (BCM) system by taking corrective action, based on the results of management
review.
B. Monitor and review performance against business continuity policy and objectives, report the results to management for review, and
determine and authorize actions for remediation and improvement.
C. Ensure the business continuity policy, controls, processes, and procedures have been implemented.
D. Ensure that business continuity policy, objectives, targets, controls, processes and procedures relevant to improving business continuity
have been established.
Correct Answer: C

C (59%) B (38%)
What industry-recognized document could be used as a baseline reference that is related to data security and business operations or conducting
a security assessment?
A. Service Organization Control (SOC) 1 Type 2
B. Service Organization Control (SOC) 1 Type 1
C. Service Organization Control (SOC) 2 Type 2
D. Service Organization Control (SOC) 2 Type 1
Correct Answer: D

D (89%) 11%
A criminal organization is planning an attack on a government network. Which of the following scenarios presents the HIGHEST risk to the
organization?
A. Organization loses control of their network devices.
B. Network is flooded with communication traffic by the attacker.
C. Network management communications is disrupted.
D. Attacker accesses sensitive information regarding the network topology.
Correct Answer: A

A (80%) D (20%)
Which reporting type requires a service organization to describe its system and define its control objectives and controls that are relevant to
users' internal control over financial reporting?
A. Statement on Auditing Standards (SAS) 70
B. Service Organization Control 1 (SOC1)
C. Service Organization Control 2 (SOC2)
D. Service Organization Control 3 (SOC3)
Correct Answer: B

B (88%) 13%
Which of the following is the BEST method to validate secure coding techniques against injection and overflow attacks?
A. Scheduled team review of coding style and techniques for vulnerability patterns
B. The regular use of production code routines from similar applications already in use
C. Using automated programs to test for the latest known vulnerability patterns
D. Ensure code editing tools are updated against known vulnerability patterns
Correct Answer: C

C (73%) A (27%)
When resolving ethical conflicts, the information security professional MUST consider many factors. In what order should the considerations be
prioritized?
A. Public safety, duties to individuals, duties to the profession, and duties to principals
B. Public safety, duties to principals, duties to the profession, and duties to individuals
C. Public safety, duties to principals, duties to individuals, and duties to the profession
D. Public safety, duties to the profession, duties to principals, and duties to individuals
Correct Answer: B

C (68%) 14% Other
Which service management process BEST helps information technology (IT) organizations with reducing cost, mitigating risk, and improving
customer service?
A. Kanban
B. Lean Six Sigma
C. Information Technology Service Management (ITSM)
D. Information Technology Infrastructure Library (ITIL)
Correct Answer: D

D (69%) C (31%)
A company is attempting to enhance the security of its user authentication processes. After evaluating several options, the company has decided
to utilize Identity as a Service (IDaaS). Which of the following factors leads the company to choose an IDaaS as their solution?
A. In-house team lacks resources to support an on-premise solution.
B. Third-party solutions are inherently more secure.
C. Third-party solutions are known for transferring the risk to the vendor.
D. In-house development provides more control.
Correct Answer: A

A (67%) C (24%) 10%
An organization recently suffered from a web-application attack that resulted in stolen user session cookie information. The attacker was able to
obtain the information when a user's browser executed a script upon visiting a compromised website. What type of attack MOST likely occurred?
A. SQL injection (SQLi)
B. Extensible Markup Language (XML) external entities
C. Cross-Site Scripting (XSS)
D. Cross-Site Request Forgery (CSRF)
Correct Answer: C

C (100%)
An attack utilizing social engineering and a malicious Uniform Resource Locator (URL) link to take advantage of a victim's existing browser
session with a web application is an example of which of the following types of attack?
A. Clickjacking
B. Cross-site request forgery (CSRF)
C. Cross-Site Scripting (XSS)
D. Injection
Correct Answer: C

B (87%) 13%
Which of the following encryption technologies has the ability to function as a stream cipher?
A. Cipher Block Chaining (CBC) with error propagation
B. Electronic Code Book (ECB)
C. Cipher Feedback (CFB)
D. Feistel cipher
Correct Answer: C

C (100%)
In a disaster recovery (DR) test, which of the following would be a trait of crisis management?
A. Process
B. Anticipate
C. Strategic
D. Wide focus
Correct Answer: B

A (50%) B (36%) 14%
Which of the following BEST describes the purpose of the reference monitor when defining access control to enforce the security model?
A. Strong operational security to keep unit members safe
B. Policies to validate organization rules
C. Cyber hygiene to ensure organizations can keep systems healthy
D. Quality design principles to ensure quality by design
Correct Answer: B

B (58%) D (21%) A (21%)
Which of the following is security control volatility?
A. A reference to the impact of the security control.
B. A reference to the likelihood of change in the security control.
C. A reference to how unpredictable the security control is.
D. A reference to the stability of the security control.
Correct Answer: C

B (96%) 4%
When auditing the Software Development Life Cycle (SDLC) which of the following is one of the high-level audit phases?
A. Planning
B. Risk assessment
C. Due diligence
D. Requirements
Correct Answer: C

A (43%) D (39%) Other
What is the term used to define where data is geographically stored in the cloud?
A. Data privacy rights
B. Data sovereignty
C. Data warehouse
D. Data subject rights
Correct Answer: B

B (100%)
Which of the following does the security design process ensure within the System Development Life Cycle (SDLC)?
A. Proper security controls, security objectives, and security goals are properly initiated.
B. Security objectives, security goals, and system test are properly conducted.
C. Proper security controls, security goals, and fault mitigation are properly conducted.
D. Security goals, proper security controls, and validation are properly initiated.
Correct Answer: D

A (73%) D (27%)
Which of the following is MOST important to follow when developing information security controls for an organization?
A. Use industry standard best practices for security controls in the organization.
B. Exercise due diligence with regard to all risk management information to tailor appropriate controls.
C. Review all local and international standards and choose the most stringent based on location.
D. Perform a risk assessment and choose a standard that addresses existing gaps.
Correct Answer: C

B (52%) C (29%) D (19%)
When recovering from an outage, what is the Recovery Point Objective (RPO), in terms of data recovery?
A. The RPO is the minimum amount of data that needs to be recovered.
B. The RPO is the amount of time it takes to recover an acceptable percentage of data lost.
C. The RPO is a goal to recover a targeted percentage of data lost.
D. The RPO is the maximum amount of time for which loss of data is acceptable.
Correct Answer: D

D (91%) 9%
Which of the following attacks, if successful, could give an intruder complete control of a software-defined networking (SDN) architecture?
A. A brute force password attack on the Secure Shell (SSH) port of the controller
B. Sending control messages to open a flow that does not pass a firewall from a compromised host within the network
C. Remote Authentication Dial-In User Service (RADIUS) token replay attack
D. Sniffing the traffic of a compromised host inside the network
Correct Answer: B

B (52%) A (42%) 6%
Which of the following is the BEST option to reduce the network attack surface of a system?
A. Disabling unnecessary ports and services
B. Ensuring that there are no group accounts on the system
C. Uninstalling default software on the system
D. Removing unnecessary system user accounts
Correct Answer: A

A (100%)
The security architect is designing and implementing an internal certification authority to generate digital certificates for all employees. Which of
the following is the
BEST solution to securely store the private keys?
A. Physically secured storage device
B. Trusted Platform Module (TPM)
C. Encrypted flash drive
D. Public key infrastructure (PKI)
Correct Answer: B

B (58%) D (27%) A (15%)
The existence of physical barriers, card and personal identification number (PIN) access systems, cameras, alarms, and security guards BEST
describes this security approach?
A. Access control
B. Security information and event management (SIEM)
C. Defense-in-depth
D. Security perimeter
Correct Answer: D

C (45%) D (44%) 11%
A hospital enforces the Code of Fair Information Practices. What practice applies to a patient requesting their medical records from a web portal?
A. Purpose specification
B. Collection limitation
C. Use limitation
D. Individual participation
Correct Answer: A

D (84%) A (16%)
A colleague who recently left the organization asked a security professional for a copy of the organization's confidential incident management
policy. Which of the following is the BEST response to this request?
A. Access the policy on a company-issued device and let the former colleague view the screen.
B. E-mail the policy to the colleague as they were already part of the organization and familiar with it.
C. Do not acknowledge receiving the request from the former colleague and ignore them.
D. Submit the request using company official channels to ensure the policy is okay to distribute.
Correct Answer: C

C (50%) D (50%)
Which of the following BEST describes when an organization should conduct a black box security audit on a new software protect?
A. When the organization wishes to check for non-functional compliance
B. When the organization wants to enumerate known security vulnerabilities across their infrastructure
C. When the organization is confident the final source code is complete
D. When the organization has experienced a security incident
Correct Answer: C

C (71%) A (21%) 7%
In software development, which of the following entities normally signs the code to protect the code integrity?
A. The organization developing the code
B. The quality control group
C. The developer
D. The data owner
Correct Answer: A

A (63%) C (37%)
Which of the following technologies can be used to monitor and dynamically respond to potential threats on web applications?
A. Field-level tokenization
B. Web application vulnerability scanners
C. Runtime application self-protection (RASP)
D. Security Assertion Markup Language (SAML)
Correct Answer: B

C (88%) 13%
A security architect is developing an information system for a client. One of the requirements is to deliver a platform that mitigates against
common vulnerabilities and attacks. What is the MOST efficient option used to prevent buffer overflow attacks?
A. Access control mechanisms
B. Process isolation
C. Address Space Layout Randomization (ASLR)
D. Processor states
Correct Answer: C

C (93%) 7%
In a quarterly system access review, an active privileged account was discovered that did not exist in the prior review on the production system.
The account was created one hour after the previous access review. Which of the following is the BEST option to reduce overall risk in addition to
quarterly access reviews?
A. Implement bi-annual reviews.
B. Create policies for system access.
C. Implement and review risk-based alerts.
D. Increase logging levels.
Correct Answer: B

C (50%) B (48%)
A corporation does not have a formal data destruction policy. During which phase of a criminal legal proceeding will this have the MOST impact?
A. Sentencing
B. Trial
C. Discovery
D. Arraignment
Correct Answer: C

C (83%) Other
What is considered the BEST explanation when determining whether to provide remote network access to a third-party security service?
A. Contract negotiation
B. Supplier request
C. Business need
D. Vendor demonstration
Correct Answer: A

C (82%) A (18%)
The acquisition of personal data being obtained by a lawful and fair means is an example of what principle?
A. Collection Limitation Principle
B. Openness Principle
C. Purpose Specification Principle
D. Data Quality Principle
Correct Answer: A

A (93%) 7%
Which of the following is the MOST appropriate control for asset data labeling procedures?
A. Categorizing the types of media being used
B. Logging data media to provide a physical inventory control
C. Reviewing off-site storage access controls
D. Reviewing audit trails of logging records
Correct Answer: A

A (62%) D (38%)
What is the BEST approach to anonymizing personally identifiable information (PII) in a test environment?
A. Swapping data
B. Randomizing data
C. Encoding data
D. Encrypting data
Correct Answer: D

B (56%) A (26%) D (19%)
Which of the following departments initiates the request, approval, and provisioning business process?
A. Operations
B. Security
C. Human resources (HR)
D. Information technology (IT)
Correct Answer: A

A (69%) C (31%)
An organization is setting a security assessment scope with the goal of developing a Security Management Program (SMP). The next step is to
select an approach for conducting the risk assessment. Which of the following approaches is MOST effective for the SMP?
A. Security controls driven assessment that focuses on controls management
B. Business processes based risk assessment with a focus on business goals
C. Asset driven risk assessment with a focus on the assets
D. Data driven risk assessment with a focus on data
Correct Answer: D

B (46%) C (37%) Other
Which technique helps system designers consider potential security concerns of their systems and applications?
A. Threat modeling
B. Manual inspections and reviews
C. Source code review
D. Penetration testing
Correct Answer: A

A (100%)
A security professional can BEST mitigate the risk of using a Commercial Off-The-Shelf (COTS) solution by deploying the application with which of
the following controls in place?
A. Network segmentation
B. Blacklisting application
C. Whitelisting application
D. Hardened configuration
Correct Answer: D

D (56%) A (37%) 7%
Which of the following BEST describes centralized identity management?
A. Service providers perform as both the credential and identity provider (IdP).
B. Service providers identify an entity by behavior analysis versus an identification factor.
C. Service providers agree to integrate identity system recognition across organizational boundaries.
D. Service providers rely on a trusted third party (TTP) to provide requestors with both credentials and identifiers.
Correct Answer: C

D (40%) C (40%) A (20%)
What is the MOST significant benefit of role-based access control (RBAC)?
A. Reduces inappropriate access
B. Management of least privilege
C. Most granular form of access control
D. Reduction in authorization administration overhead
Correct Answer: D

B (61%) D (39%)
What is the MOST common security risk of a mobile device?
A. Data spoofing
B. Malware infection
C. Insecure communications link
D. Data leakage
Correct Answer: B

B (52%) D (48%)
What level of Redundant Array of Independent Disks (RAID) is configured PRIMARILY for high-performance data reads and writes?
A. RAID-0
B. RAID-1
C. RAID-5
D. RAID-6
Correct Answer: A

A (100%)
What type of risk is related to the sequences of value-adding and managerial activities undertaken in an organization?
A. Control risk
B. Demand risk
C. Supply risk
D. Process risk
Correct Answer: D

D (100%)
International bodies established a regulatory scheme that defines how weapons are exchanged between the signatories. It also addresses cyber
weapons, including malicious software, Command and Control (C2) software, and internet surveillance software. This is a description of which of
the following?
A. International Traffic in Arms Regulations (ITAR)
B. Palermo convention
C. Wassenaar arrangement
D. General Data Protection Regulation (GDPR)
Correct Answer: C

C (100%)
An organization has implemented a protection strategy to secure the network from unauthorized external access. The new Chief Information
Security Officer
(CISO) wants to increase security by better protecting the network from unauthorized internal access. Which Network Access Control (NAC)
capability BEST meets this objective?
A. Port security
B. Two-factor authentication (2FA)
C. Strong passwords
D. Application firewall
Correct Answer: B

A (63%) B (38%)
Which section of the assessment report addresses separate vulnerabilities, weaknesses, and gaps?
A. Findings definition section
B. Risk review section
C. Executive summary with full details
D. Key findings section
Correct Answer: D

D (54%) A (31%) B (15%)
Why is data classification control important to an organization?
A. To enable data discovery
B. To ensure security controls align with organizational risk appetite
C. To ensure its integrity, confidentiality and availability
D. To control data retention in alignment with organizational policies and regulation
Correct Answer: B

C (53%) B (44%)
To monitor the security of buried data lines inside the perimeter of a facility, which of the following is the MOST effective control?
A. Fencing around the facility with closed-circuit television (CCTV) cameras at all entry points
B. Ground sensors installed and reporting to a security event management (SEM) system
C. Regular sweeps of the perimeter, including manual inspection of the cable ingress points
D. Steel casing around the facility ingress points
Correct Answer: C

B (63%) C (21%) A (16%)
An enterprise is developing a baseline cybersecurity standard its suppliers must meet before being awarded a contract. Which of the following
statements is TRUE about the baseline cybersecurity standard?
A. It should be expressed as general requirements.
B. It should be expressed as technical requirements.
C. It should be expressed in business terminology.
D. It should be expressed in legal terminology.
Correct Answer: B

B (38%) C (31%) A (31%)
Which access control method is based on users issuing access requests on system resources, features assigned to those resources, the
operational or situational context, and a set of policies specified in terms of those features and context?
A. Mandatory Access Control (MAC)
B. Attribute Based Access Control (ABAC)
C. Role Based Access Control (RBAC)
D. Discretionary Access Control (DAC)
Correct Answer: B

B (86%) 14%
What is a security concern when considering implementing software-defined networking (SDN)?
A. It has a decentralized architecture.
B. It increases the attack footprint.
C. It uses open source protocols.
D. It is cloud based.
Correct Answer: B

B (92%) 8%
What is the BEST way to restrict access to a file system on computing systems?
A. Use least privilege at each level to restrict access.
B. Restrict access to all users.
C. Allow a user group to restrict access.
D. Use a third-party tool to restrict access.
Correct Answer: A

A (100%)
Which of the following is the PRIMARY reason for selecting the appropriate level of detail for audit record generation?
A. Avoid lengthy audit reports
B. Enable generation of corrective action reports
C. Facilitate a root cause analysis (RCA)
D. Lower costs throughout the System Development Life Cycle (SDLC)
Correct Answer: B

C (68%) B (32%)
What is the correct order of execution for security architecture?
A. Governance, strategy and program management, operations, project delivery
B. Governance, strategy and program management, project delivery, operations
C. Strategy and program management, project delivery, governance, operations
D. Strategy and program management, governance, project delivery, operations
Correct Answer: C

B (77%) C (23%)
An international organization has decided to use a Software as a Service (SaaS) solution to support its business operations. Which of the
following compliance standards should the organization use to assess the international code security and data privacy of the solution?
A. Service Organization Control (SOC) 2
B. Information Assurance Technical Framework (IATF)
C. Health Insurance Portability and Accountability Act (HIPAA)
D. Payment Card Industry (PCI)
Correct Answer: B

A (96%) 4%
An authentication system that uses challenge and response was recently implemented on an organization's network, because the organization
conducted an annual penetration test showing that testers were able to move laterally using authenticated credentials. Which attack method was
MOST likely used to achieve this?
A. Hash collision
B. Pass the ticket
C. Brute force
D. Cross-Site Scripting (XSS)
Correct Answer: B

B (73%) A (27%)
Which of the following would qualify as an exception to the "right to be forgotten" of the General Data Protection Regulation (GDPR)?
A. For the establishment, exercise, or defense of legal claims
B. The personal data has been lawfully processed and collected
C. For the reasons of private interest
D. The personal data remains necessary to the purpose for which it was collected
Correct Answer: A

A (100%)
Dumpster diving is a technique used in which stage of penetration testing methodology?
A. Attack
B. Reporting
C. Planning
D. Discovery
Correct Answer: D

D (100%)
Which of the following is performed to determine a measure of success of a security awareness training program designed to prevent social
engineering attacks?
A. Employee evaluation of the training program
B. Internal assessment of the training program's effectiveness
C. Multiple choice tests to participants
D. Management control of reviews
Correct Answer: B

B (79%) 14% 7%
The security team is notified that a device on the network is infected with malware. Which of the following is MOST effective in enabling the
device to be quickly located and remediated?
A. Data loss protection (DLP)
B. Intrusion detection
C. Vulnerability scanner
D. Information Technology Asset Management (ITAM)
Correct Answer: D

D (95%) 5%
Which of the following threats would be MOST likely mitigated by monitoring assets containing open source libraries for vulnerabilities?
A. Distributed denial-of-service (DDoS) attack
B. Advanced persistent threat (APT) attempt
C. Zero-day attack
D. Phishing attempt
Correct Answer: C

B (59%) C (34%) 6%
As a design principle, which one of the following actors is responsible for identifying and approving data security requirement in a cloud
ecosystem?
A. Cloud auditor
B. Cloud broker
C. Cloud provider
D. Cloud consumer
Correct Answer: C

D (83%) C (17%)
Which of the following is the MOST effective way to ensure the endpoint devices used by remote users are compliant with an organization's
approved policies before being allowed on the network?
A. Network Access Control (NAC)
B. Privileged Access Management (PAM)
C. Group Policy Object (GPO)
D. Mobile Device Management (MDM)
Correct Answer: A

A (62%) D (38%)
Which one of the following BEST protects vendor accounts that are used for emergency maintenance?
A. Vendor access should be disabled until needed
B. Frequent monitoring of vendor access
C. Role-based access control (RBAC)
D. Encryption of routing tables
Correct Answer: C

A (52%) C (48%)
Which event magnitude is defined as deadly, destructive, and disruptive when a hazard interacts with human vulnerability?
A. Crisis
B. Catastrophe
C. Accident
D. Disaster
Correct Answer: C

B (55%) D (42%)
Which of the following BEST describes the purpose of software forensics?
A. To analyze possible malicious intent of malware
B. To perform cyclic redundancy check (CRC) verification and detect changed applications
C. To determine the author and behavior of the code
D. To review program code to determine the existence of backdoors
Correct Answer: C

C (79%) 14% 7%
A web developer is completing a new web application security checklist before releasing the application to production. The task of disabling
unnecessary services is on the checklist. Which web application threat is being mitigated by this action?
A. Session hijacking
B. Security misconfiguration
C. Broken access control
D. Sensitive data exposure
Correct Answer: B

B (86%) 14%
What is the BEST method to use for assessing the security impact of acquired software?
A. Threat modeling
B. Common vulnerability review
C. Software security compliance validation
D. Vendor assessment
Correct Answer: A

A (100%)
Which of the following ensures old log data is not overwritten?
A. Log retention
B. Implement Syslog
C. Increase log file size
D. Log preservation
Correct Answer: C

A (49%) D (41%) 11%
Under the General Data Protection Regulation (GDPR), what is the maximum amount of time allowed for reporting a personal data breach?
A. 24 hours
B. 48 hours
C. 72 hours
D. 96 hours
Correct Answer: C

C (100%)
A financial organization that works according to agile principles has developed a new application for their external customer base to request a line
of credit. A security analyst has been asked to assess the security risk of the minimum viable product (MVP). Which is the MOST important
activity the analyst should assess?
A. The software has been signed off for release by the product owner.
B. The software had been branded according to corporate standards.
C. The software has the correct functionality.
D. The software has been code reviewed.
Correct Answer: D

D (72%) A (17%) 11%
An application developer receives a report back from the security team showing their automated tools were able to successfully enter unexpected
data into the organization's customer service portal, causing the site to crash. This is an example of which type of testing?
A. Performance
B. Positive
C. Non-functional
D. Negative
Correct Answer: D

D (83%) B (17%)
Which of the following is the MOST effective strategy to prevent an attacker from disabling a network?
A. Design networks with the ability to adapt, reconfigure, and fail over.
B. Test business continuity and disaster recovery (DR) plans.
C. Follow security guidelines to prevent unauthorized network access.
D. Implement network segmentation to achieve robustness.
Correct Answer: C

A (41%) C (41%) Other
What is the FIRST step that should be considered in a Data Loss Prevention (DLP) program?
A. Policy creation
B. Information Rights Management (IRM)
C. Data classification
D. Configuration management (CM)
Correct Answer: C

C (58%) A (33%) 8%
Which change management role is responsible for the overall success of the project and supporting the change throughout the organization?
A. Change driver
B. Project manager
C. Program sponsor
D. Change implementer
Correct Answer: B

C (53%) B (37%) 11%
A company needs to provide shared access of sensitive data on a cloud storage to external business partners. Which of the following identity
models is the BEST to blind identity providers (IdP) and relying parties (RP) so that subscriber lists of other parties are not disclosed?
A. Proxied federation
B. Dynamic registration
C. Federation authorities
D. Static registration
Correct Answer: C

A (100%)
A security professional needs to find a secure and efficient method of encrypting data on an endpoint. Which solution includes a root key?
A. Bitlocker
B. Trusted Platform Module (TPM)
C. Virtual storage array network (VSAN)
D. Hardware security module (HSM)
Correct Answer: B

B (42%) D (33%) A (25%)
Which combination of cryptographic algorithms are compliant with Federal Information Processing Standard (FIPS) Publication 140-2 for non-
legacy systems?
A. Diffie-hellman (DH) key exchange: DH (>=2048 bits) Symmetric Key: Advanced Encryption Standard (AES) > 128 bits Digital Signature:
Digital Signature Algorithm (DSA) (>=2048 bits)
B. Diffie-hellman (DH) key exchange: DH (>=2048 bits) Symmetric Key: Advanced Encryption Standard (AES) > 128 bits Digital Signature:
Rivest-Shamir-Adleman (RSA) (1024 bits)
C. Diffie-hellman (DH) key exchange: DH (<=1024 bits) Symmetric Key: Blowfish Digital Signature: Rivest-Shamir-Adleman (RSA) (>=2048 bits)
D. Diffie-hellman (DH) key exchange: DH (>=2048 bits) Symmetric Key: Advanced Encryption Standard (AES) < 128 bits Digital Signature:
Elliptic Curve Digital Signature Algorithm (ECDSA) (>=256 bits)
Correct Answer: B

A (85%) B (15%)
What is the PRIMARY purpose of creating and reporting metrics for a security awareness, training, and education program?
A. Measure the effect of the program on the organization's workforce.
B. Make all stakeholders aware of the program's progress.
C. Facilitate supervision of periodic training events.
D. Comply with legal regulations and document due diligence in security practices.
Correct Answer: A

A (78%) D (22%)

CISSP Exam - Free Actual Q&as, Page 1 - 100

Uploaded by

Copyright:

Available Formats

CISSP Exam - Free Actual Q&as, Page 1 - 100

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

CISSP Exam - Free Actual Q&as, Page 1 - 100

Uploaded by

Copyright:

Available Formats

24/03/2024 11:26 CISSP Exam - Free Actual Q&As, Page 1 | ExamTopics

- Expert Verified, Online, Free.

 Custom View Settings

Topic 1 - Single Topic

A. Personal belongings of organizational staff members

B. Disaster recovery (DR) line-item revenues

D. Supplies kept off-site a remote facility

Community vote distribution

A. Identify procedures to investigate suspicious activity.

B. Determine if audit records contain sufficient information.

C. Verify if sufficient storage is allocated for audit records.

Community vote distribution

A. Role-based access control (RBAC)

B. Discretionary access control (DAC)

C. Content-dependent Access Control

D. Rule-based Access Control

Community vote distribution

A. Jurisdiction is hard to define.

B. Law enforcement agencies are understaffed.

C. Extradition treaties are rarely enforced.

D. Numerous language barriers exist.

Community vote distribution

A. Extensible Authentication Protocol (EAP)

B. Internet Protocol Security (IPsec)

C. Secure Sockets Layer (SSL)

D. Secure Shell (SSH)

Community vote distribution

B. Trusted Computing Base (TCB)

Community vote distribution

Community vote distribution

flow between partner businesses to allow this IAM action?

that act as a Service Provider and allows access to services.

businesses that act as a Service Provider and allows access to services.

that act as an identity provider (IdP) and allows access to resources.

businesses that act as a Service Provider and allows access to resources.

Community vote distribution

A. A single cloud administrator is configured to access core functions.

B. Internet traffic is inspected for all incoming and outgoing packets.

C. Routing configurations are regularly updated with the latest routes.

D. Network segments remain private if unneeded to access the internet.

Community vote distribution

Question #10 Topic 1

Community vote distribution

Question #11 Topic 1

for other routers in the path to make independent determinations?

A. Synchronous Optical Networking (SONET)

B. Multiprotocol Label Switching (MPLS)

C. Fiber Channel Over Ethernet (FCoE)

D. Session Initiation Protocol (SIP)

Community vote distribution

Question #12 Topic 1

A. File Integrity Checker

B. Security information and event management (SIEM) system

D. Intrusion detection system (IDS)

Community vote distribution

Question #13 Topic 1

Which of the following is included in change management?

A. Technical review by business owner

B. User Acceptance Testing (UAT) before implementation