CISSP Premium Bundle

CISSP Premium Bundle

Certified Information Systems Security Professional (CISSP) Certification Exam

4.5 
(37680 ratings)
0 QuestionsPractice Tests
0 PDFPrint version
December 4, 2024Last update

ISC2 CISSP Free Practice Questions

Q1. In order for a security policy to be effective within an organization, it MUST include 

A. strong statements that clearly define the problem. 

B. a list of all standards that apply to the policy. 

C. owner information and date of last revision. 

D. disciplinary measures for non compliance. 

Answer:

Q2. Which of the following is the BEST mitigation from phishing attacks? 

A. Network activity monitoring 

B. Security awareness training 

C. Corporate policy and procedures 

D. Strong file and directory permissions 

Answer:

Q3. An advantage of link encryption in a communications network is that it 

A. makes key management and distribution easier. 

B. protects data from start to finish through the entire network. 

C. improves the efficiency of the transmission. 

D. encrypts all information, including headers and routing information. 

Answer:

Q4. HOTSPOT 

Which.Web Services Security (WS-Security) specification.handles the management of security tokens and the underlying policies for granting access? Click on the correct specification in the image below. 

Answer:  

Q5. Which of the following BEST describes a rogue Access Point (AP)? 

A. An AP that is not protected by a firewall 

B. An.AP not configured to use Wired Equivalent Privacy (WEP) with Triple Data Encryption Algorithm (3DES) 

C. An.AP connected to the wired infrastructure but not under the management of authorized network administrators 

D. An.AP infected by any kind of Trojan or Malware 

Answer:

Q6. According to best practice, which of the following is required when implementing third party software in a production environment? 

A. Scan the application for vulnerabilities 

B. Contract the vendor for patching 

C. Negotiate end user application training 

D. Escrow a copy of the software 

Answer:

Q7. Why MUST a Kerberos server be well protected from unauthorized access? 

A. It contains the keys of all clients. 

B. It always operates at root privilege. 

C. It contains all the tickets for services. 

D. It contains the Internet Protocol (IP) address of all network entities. 

Answer:

Q8. A security professional has just completed their organization's Business Impact Analysis (BIA). Following Business Continuity Plan/Disaster Recovery Plan (BCP/DRP) best practices, what would be the professional's NEXT step? 

A. Identify and select recovery strategies. 

B. Present the findings to management for funding. 

C. Select members for the organization's recovery teams. 

D. Prepare a plan to test the organization's ability to recover its operations. 

Answer:

Q9. For an organization considering two-factor authentication for secure network access, which of the following is MOST secure? 

A. Challenge response and private key 

B. Digital certificates and Single Sign-On (SSO) 

C. Tokens and passphrase 

D. Smart card and biometrics 

Answer:

Q10. Refer.to the information below to answer the question. 

A security practitioner detects client-based attacks on the organization’s network. A plan will be necessary to address these concerns. 

What MUST the plan include in order to reduce client-side exploitation? 

A. Approved web browsers 

B. Network firewall procedures 

C. Proxy configuration 

D. Employee education 

Answer:

Q11. Which of the following is a critical factor for implementing a successful data classification program? 

A. Executive sponsorship 

B. Information security sponsorship 

C. End-user acceptance 

D. Internal audit acceptance 

Answer:

Q12. Which of the following wraps the decryption key of a full disk encryption implementation and ties the hard disk drive to a particular device? 

A. Trusted Platform Module (TPM) 

B. Preboot eXecution Environment (PXE) 

C. Key Distribution Center (KDC) 

D. Simple Key-Management for Internet Protocol (SKIP) 

Answer:

Q13. The overall goal of a penetration test is to determine a system's 

A. ability to withstand an attack. 

B. capacity management. 

C. error recovery capabilities. 

D. reliability under stress. 

Answer:

Q14. In a financial institution, who has the responsibility for assigning the classification to a piece of information? 

A. Chief Financial Officer (CFO) 

B. Chief Information Security Officer (CISO) 

C. Originator or nominated owner of the information 

D. Department head responsible for ensuring the protection of the information 

Answer:

Q15. Which of the following is an effective method for avoiding magnetic media data 

remanence? 

A. Degaussing 

B. Encryption 

C. Data Loss Prevention (DLP) 

D. Authentication 

Answer:

START CISSP EXAM