Certified Information Systems Security Professional (CISSP)
Last Update May 1, 2024
Total Questions : 1486
We are offering FREE CISSP ISC exam questions. All you do is to just go and sign up. Give your details, prepare CISSP free exam questions and then go for complete pool of Certified Information Systems Security Professional (CISSP) test questions that will help you more.
A manufacturing organization wants to establish a Federated Identity Management (FIM) system with its 20 different supplier companies. Which of the following is the BEST solution for the manufacturing organization?
What is the BEST approach for controlling access to highly sensitive information when employees have the same level of security clearance?
Which of the following BEST describes an access control method utilizing cryptographic keys derived from a smart card private key that is embedded within mobile devices?
Users require access rights that allow them to view the average salary of groups of employees. Which control would prevent the users from obtaining an individual employee’s salary?
In a Transmission Control Protocol/Internet Protocol (TCP/IP) stack, which layer is responsible for negotiating and establishing a connection with another node?
At what level of the Open System Interconnection (OSI) model is data at rest on a Storage Area Network (SAN) located?
Which of the following factors contributes to the weakness of Wired Equivalent Privacy (WEP) protocol?
An input validation and exception handling vulnerability has been discovered on a critical web-based system. Which of the following is MOST suited to quickly implement a control?
Which of the following is the BEST network defense against unknown types of attacks or stealth attacks in progress?
An external attacker has compromised an organization’s network security perimeter and installed a sniffer onto an inside computer. Which of the following is the MOST effective layer of security the organization could have implemented to mitigate the attacker’s ability to gain further information?
Which of the following operates at the Network Layer of the Open System Interconnection (OSI) model?
Which of the following is used by the Point-to-Point Protocol (PPP) to determine packet formats?
What is the BEST approach to addressing security issues in legacy web applications?
Which of the following is a web application control that should be put into place to prevent exploitation of Operating System (OS) bugs?
The configuration management and control task of the certification and accreditation process is incorporated in which phase of the System Development Life Cycle (SDLC)?
When in the Software Development Life Cycle (SDLC) MUST software security functional requirements be defined?
A Java program is being developed to read a file from computer A and write it to computer B, using a third computer C. The program is not working as expected. What is the MOST probable security feature of Java preventing the program from operating as intended?
Which of the following is the BEST method to prevent malware from being introduced into a production environment?
Which of the following is the PRIMARY risk with using open source software in a commercial software construction?
Which of the following would MINIMIZE the ability of an attacker to exploit a buffer overflow?
Which of the following management process allows ONLY those services required for users to accomplish
their tasks, change default user passwords, and set servers to retrieve antivirus updates?
A user has infected a computer with malware by connecting a Universal Serial Bus (USB) storage device.
Which of the following is MOST effective to mitigate future infections?
“Stateful” differs from “Static” packet filtering firewalls by being aware of which of the following?
An international medical organization with headquarters in the United States (US) and branches in France
wants to test a drug in both countries. What is the organization allowed to do with the test subject’s data?
A company receives an email threat informing of an Imminent Distributed Denial of Service (DDoS) attack
targeting its web application, unless ransom is paid. Which of the following techniques BEST addresses that threat?
It is MOST important to perform which of the following to minimize potential impact when implementing a new vulnerability scanning tool in a production environment?
What is the expected outcome of security awareness in support of a security awareness program?
Who has the PRIMARY responsibility to ensure that security objectives are aligned with organization goals?
Match the name of access control model with its associated restriction.
Drag each access control model to its appropriate restriction access on the right.
What is the correct order of steps in an information security assessment?
Place the information security assessment steps on the left next to the numbered boxes on the right in the
correct order.
An organization has doubled in size due to a rapid market share increase. The size of the Information Technology (IT) staff has maintained pace with this growth. The organization hires several contractors whose onsite time is limited. The IT department has pushed its limits building servers and rolling out workstations and has a backlog of account management requests.
Which contract is BEST in offloading the task from the IT staff?
When implementing a data classification program, why is it important to avoid too much granularity?
Which of the following is an effective control in preventing electronic cloning of Radio Frequency Identification (RFID) based access cards?
Which of the following is MOST important when assigning ownership of an asset to a department?
Which of the following BEST describes the responsibilities of a data owner?
Which of the following is an initial consideration when developing an information security management system?
Which of the following is the BEST way to determine if a particular system is able to identify malicious software without executing it?
Which of the following MOST influences the design of the organization's electronic monitoring policies?
An organization publishes and periodically updates its employee policies in a file on their intranet. Which of the following is a PRIMARY security concern?
Which of the following problems is not addressed by using OAuth (Open Standard to Authorization) 2.0 to integrate a third-party identity provider for a service?
Which of the following provides effective management assurance for a Wireless Local Area Network (WLAN)?
Refer to the information below to answer the question.
A large organization uses unique identifiers and requires them at the start of every system session. Application access is based on job classification. The organization is subject to periodic independent reviews of access controls and violations. The organization uses wired and wireless networks and remote access. The organization also uses secure connections to branch offices and secure backup and recovery strategies for selected information and processes.
Following best practice, where should the permitted access for each department and job classification combination be specified?
Refer to the information below to answer the question.
A large organization uses unique identifiers and requires them at the start of every system session. Application access is based on job classification. The organization is subject to periodic independent reviews of access controls and violations. The organization uses wired and wireless networks and remote access. The organization also uses secure connections to branch offices and secure backup and recovery strategies for selected information and processes.
What MUST the access control logs contain in addition to the identifier?
Host-Based Intrusion Protection (HIPS) systems are often deployed in monitoring or learning mode during their initial implementation. What is the objective of starting in this mode?
When dealing with compliance with the Payment Card Industry-Data Security Standard (PCI-DSS), an organization that shares card holder information with a service provider MUST do which of the following?
What is the BEST method to detect the most common improper initialization problems in programming languages?
Which of the following is the BEST solution to provide redundancy for telecommunications links?
Which of the following MUST system and database administrators be aware of and apply when configuring systems used for storing personal employee data?
Given the various means to protect physical and logical assets, match the access management area to the technology.
Refer to the information below to answer the question.
A large organization uses unique identifiers and requires them at the start of every system session. Application access is based on job classification. The organization is subject to periodic independent reviews of access controls and violations. The organization uses wired and wireless networks and remote access. The organization also uses secure connections to branch offices and secure backup and recovery strategies for selected information and processes.
In addition to authentication at the start of the user session, best practice would require re-authentication
Refer to the information below to answer the question.
In a Multilevel Security (MLS) system, the following sensitivity labels are used in increasing levels of sensitivity: restricted, confidential, secret, top secret. Table A lists the clearance levels for four users, while Table B lists the security classes of four different files.
Which of the following is true according to the star property (*property)?
Refer to the information below to answer the question.
An organization has hired an information security officer to lead their security department. The officer has adequate people resources but is lacking the other necessary components to have an effective security program. There are numerous initiatives requiring security involvement.
The security program can be considered effective when
Refer to the information below to answer the question.
During the investigation of a security incident, it is determined that an unauthorized individual accessed a system which hosts a database containing financial information.
If the intrusion causes the system processes to hang, which of the following has been affected?
Which of the following assures that rules are followed in an identity management architecture?
When is security personnel involvement in the Systems Development Life Cycle (SDLC) process MOST beneficial?
Which of the following BEST mitigates a replay attack against a system using identity federation and Security Assertion Markup Language (SAML) implementation?
During an investigation of database theft from an organization's web site, it was determined that the Structured Query Language (SQL) injection technique was used despite input validation with client-side scripting. Which of the following provides the GREATEST protection against the same attack occurring again?
Which of the following is a process within a Systems Engineering Life Cycle (SELC) stage?
A system is developed so that its business users can perform business functions but not user administration functions. Application administrators can perform administration functions but not user business functions. These capabilities are BEST described as
A large university needs to enable student access to university resources from their homes. Which of the following provides the BEST option for low maintenance and ease of deployment?
Which of the following is the BEST countermeasure to brute force login attacks?
Which of the following types of technologies would be the MOST cost-effective method to provide a reactive control for protecting personnel in public areas?
Intellectual property rights are PRIMARY concerned with which of the following?
Which of the following represents the GREATEST risk to data confidentiality?
A company whose Information Technology (IT) services are being delivered from a Tier 4 data center, is preparing a companywide Business Continuity Planning (BCP). Which of the following failures should the IT manager be concerned with?
When assessing an organization’s security policy according to standards established by the International Organization for Standardization (ISO) 27001 and 27002, when can management responsibilities be defined?
What is the MOST important consideration from a data security perspective when an organization plans to relocate?
Which of the following actions will reduce risk to a laptop before traveling to a high risk area?
All of the following items should be included in a Business Impact Analysis (BIA) questionnaire EXCEPT questions that
An important principle of defense in depth is that achieving information security requires a balanced focus on which PRIMARY elements?
Which of the following is a PRIMARY benefit of using a formalized security testing report format and structure?
Which of the following could cause a Denial of Service (DoS) against an authentication system?
In which of the following programs is it MOST important to include the collection of security process data?
Which of the following is of GREATEST assistance to auditors when reviewing system configurations?
A Virtual Machine (VM) environment has five guest Operating Systems (OS) and provides strong isolation. What MUST an administrator review to audit a user’s access to data files?
The use of private and public encryption keys is fundamental in the implementation of which of the following?
Who in the organization is accountable for classification of data information assets?
What is the second phase of Public Key Infrastructure (PKI) key/certificate life-cycle management?
Which security service is served by the process of encryption plaintext with the sender’s private key and decrypting cipher text with the sender’s public key?
Which technique can be used to make an encryption scheme more resistant to a known plaintext attack?
Which component of the Security Content Automation Protocol (SCAP) specification contains the data required to estimate the severity of vulnerabilities identified automated vulnerability assessments?
Building blocks for software-defined networks (SDN) require which of the following?
Which of the following documents specifies services from the client's viewpoint?
What is the MOST appropriate hierarchy of documents when implementing a security program?
Which of the following is the MOST effective strategy to prevent an attacker from disabling a network?
Which of the following are mandatory canons for the (ISC)* Code of Ethics?
Which of the following is the BEST way to mitigate circumvention of access controls?
Which of the following measures serves as the BEST means for protecting data on computers, smartphones, and external storage devices when traveling to high-risk countries?
If the wide area network (WAN) is supporting converged applications like Voice over Internet Protocol (VoIP), which of the following becomes even MORE essential to the assurance of network?
An IT technician suspects a break in one of the uplinks that provides connectivity to the core switch. Which of the following command-line tools should the technician use to determine where the incident is occurring?
Which of the following explains why classifying data is an important step in performing a Risk assessment?
Which of the following does the security design process ensure within the System Development Life Cycle (SDLC)?
The personal laptop of an organization executive is stolen from the office, complete with personnel and project records. Which of the following should be done FIRST to mitigate future occurrences?
Which of the following is the FIRST step an organization's security professional performs when defining a cyber-security program based upon industry standards?
In Disaster Recovery (DR) and business continuity training, which BEST describes a functional drill?
The use of strong authentication, the encryption of Personally Identifiable Information (PII) on database servers, application security reviews, and the encryption of data transmitted across networks provide
Which of the following is a potential risk when a program runs in privileged mode?
An organization is designing a large enterprise-wide document repository system. They plan to have several different classification level areas with increasing levels of controls. The BEST way to ensure document confidentiality in the repository is to
What is the term commonly used to refer to a technique of authenticating one machine to another by forging packets from a trusted source?
Which of the following is the FIRST action that a system administrator should take when it is revealed during a penetration test that everyone in an organization has unauthorized access to a server holding sensitive data?
As one component of a physical security system, an Electronic Access Control (EAC) token is BEST known for its ability to
Which of the following is ensured when hashing files during chain of custody handling?
Which of the following is a limitation of the Common Vulnerability Scoring System (CVSS) as it relates to conducting code review?
Which of the following elements MUST a compliant EU-US Safe Harbor Privacy Policy contain?
Which one of the following security mechanisms provides the BEST way to restrict the execution of privileged procedures?
Which of the following is considered best practice for preventing e-mail spoofing?
Which of the following MUST be done when promoting a security awareness program to senior management?
Which of the following is the MOST important consideration when storing and processing Personally Identifiable Information (PII)?
Which of the following methods protects Personally Identifiable Information (PII) by use of a full replacement of the data element?
What is an effective practice when returning electronic storage media to third parties for repair?
How can a forensic specialist exclude from examination a large percentage of operating system files residing on a copy of the target system?
A system has been scanned for vulnerabilities and has been found to contain a number of communication ports that have been opened without authority. To which of the following might this system have been subjected?
What maintenance activity is responsible for defining, implementing, and testing updates to application systems?
Alternate encoding such as hexadecimal representations is MOST often observed in which of the following forms of attack?
Which of the following is a physical security control that protects Automated Teller Machines (ATM) from skimming?
By allowing storage communications to run on top of Transmission Control Protocol/Internet Protocol (TCP/IP) with a Storage Area Network (SAN), the
Which one of these risk factors would be the LEAST important consideration in choosing a building site for a new computer facility?
Which one of the following is a threat related to the use of web-based client side input validation?
Which security action should be taken FIRST when computer personnel are terminated from their jobs?
What is the MOST important purpose of testing the Disaster Recovery Plan (DRP)?
The World Trade Organization's (WTO) agreement on Trade-Related Aspects of Intellectual Property Rights (TRIPS) requires authors of computer software to be given the
Which one of the following is a common risk with network configuration management?
Match the objectives to the assessment questions in the governance domain of Software Assurance Maturity Model (SAMM).
During the risk assessment phase of the project the CISO discovered that a college within the University is collecting Protected Health Information (PHI) data via an application that was developed in-house. The college collecting this data is fully aware of the regulations for Health Insurance Portability and Accountability Act (HIPAA) and is fully compliant.
What is the best approach for the CISO?
During the risk assessment phase of the project the CISO discovered that a college within the University is collecting Protected Health Information (PHI) data via an application that was developed in-house. The college collecting this data is fully aware of the regulations for Health Insurance Portability and Accountability Act (HIPAA) and is fully compliant.
What is the best approach for the CISO?
Which of the following BEST describes the purpose of performing security certification?
Which of the following is the MOST important goal of information asset valuation?
A global organization wants to implement hardware tokens as part of a multifactor authentication solution for remote access. The PRIMARY advantage of this implementation is
Between which pair of Open System Interconnection (OSI) Reference Model layers are routers used as a communications device?
In the Software Development Life Cycle (SDLC), maintaining accurate hardware and software inventories is a critical part of
Which of the following is the PRIMARY reason to perform regular vulnerability scanning of an organization network?
An employee of a retail company has been granted an extended leave of absence by Human Resources (HR). This information has been formally communicated to the access provisioning team. Which of the following is the BEST action to take?
Who is ultimately responsible to ensure that information assets are categorized and adequate measures are taken to protect them?
Application of which of the following Institute of Electrical and Electronics Engineers (IEEE) standards will prevent an unauthorized wireless device from being attached to a network?
How does an organization verify that an information system's current hardware and software match the standard system configuration?
How does a Host Based Intrusion Detection System (HIDS) identify a potential attack?
Which technology is a prerequisite for populating the cloud-based directory in a federated identity solution?
The PRIMARY characteristic of a Distributed Denial of Service (DDoS) attack is that it
Which of the following is the PRIMARY reason for employing physical security personnel at entry points in facilities where card access is in operation?
A user sends an e-mail request asking for read-only access to files that are not considered sensitive. A Discretionary Access Control (DAC) methodology is in place. Which is the MOST suitable approach that the administrator should take?
Which of the following controls is the FIRST step in protecting privacy in an information system?
What is the process called when impact values are assigned to the security objectives for information types?
Which Web Services Security (WS-Security) specification maintains a single authenticated identity across multiple dissimilar environments? Click on the correct specification in the image below.
The goal of a Business Continuity Plan (BCP) training and awareness program is to
Which of the following is MOST important when deploying digital certificates?
While inventorying storage equipment, it is found that there are unlabeled, disconnected, and powered off devices. Which of the following is the correct procedure for handling such equipment?
Which of the following is the BIGGEST weakness when using native Lightweight Directory Access Protocol (LDAP) for authentication?
Which of the following is BEST suited for exchanging authentication and authorization messages in a multi-party decentralized environment?
For an organization considering two-factor authentication for secure network access, which of the following is MOST secure?
If an identification process using a biometric system detects a 100% match between a presented template and a stored template, what is the interpretation of this result?
Place in order, from BEST (1) to WORST (4), the following methods to reduce the risk of data remanence on magnetic media.
What security risk does the role-based access approach mitigate MOST effectively?
Which of the following statements is TRUE regarding value boundary analysis as a functional software testing technique?
What should be the FIRST action to protect the chain of evidence when a desktop computer is involved?
An organization is found lacking the ability to properly establish performance indicators for its Web hosting solution during an audit. What would be the MOST probable cause?
A continuous information security-monitoring program can BEST reduce risk through which of the following?
Which of the following is a PRIMARY advantage of using a third-party identity service?
What is the MOST important step during forensic analysis when trying to learn the purpose of an unknown application?
What would be the MOST cost effective solution for a Disaster Recovery (DR) site given that the organization’s systems cannot be unavailable for more than 24 hours?
Which of the following types of business continuity tests includes assessment of resilience to internal and external risks without endangering live operations?
With what frequency should monitoring of a control occur when implementing Information Security Continuous Monitoring (ISCM) solutions?
A Business Continuity Plan/Disaster Recovery Plan (BCP/DRP) will provide which of the following?
Which of the following is the FIRST step in the incident response process?
Recovery strategies of a Disaster Recovery planning (DRIP) MUST be aligned with which of the following?