Welcome to ExamTopics
ExamTopics Logo
- Expert Verified, Online, Free.

ISC CISSP Exam Actual Questions

The questions for CISSP were last updated on Jan. 30, 2024.
  • Viewing page 1 out of 49 pages.
  • Viewing questions 1-10 out of 488 questions

Topic 1 - Single Topic

Question #1 Topic 1

Physical assets defined in an organization's business impact analysis (BIA) could include which of the following?

  • A. Personal belongings of organizational staff members
  • B. Disaster recovery (DR) line-item revenues
  • C. Cloud-based applications
  • D. Supplies kept off-site a remote facility
Reveal Solution Hide Solution   Discussion   52

Correct Answer: D 🗳️

Question #2 Topic 1

When assessing the audit capability of an application, which of the following activities is MOST important?

  • A. Identify procedures to investigate suspicious activity.
  • B. Determine if audit records contain sufficient information.
  • C. Verify if sufficient storage is allocated for audit records.
  • D. Review security plan for actions to be taken in the event of audit failure.
Reveal Solution Hide Solution   Discussion   40

Correct Answer: C 🗳️

Question #3 Topic 1

An organization would like to implement an authorization mechanism that would simplify the assignment of various system access permissions for many users with similar job responsibilities. Which type of authorization mechanism would be the BEST choice for the organization to implement?

  • A. Role-based access control (RBAC)
  • B. Discretionary access control (DAC)
  • C. Content-dependent Access Control
  • D. Rule-based Access Control
Reveal Solution Hide Solution   Discussion   15

Correct Answer: A 🗳️

Question #4 Topic 1

What is the PRIMARY reason for criminal law being difficult to enforce when dealing with cybercrime?

  • A. Jurisdiction is hard to define.
  • B. Law enforcement agencies are understaffed.
  • C. Extradition treaties are rarely enforced.
  • D. Numerous language barriers exist.
Reveal Solution Hide Solution   Discussion   12

Correct Answer: A 🗳️

Question #5 Topic 1

Wi-Fi Protected Access 2 (WPA2) provides users with a higher level of assurance that their data will remain protected by using which protocol?

  • A. Extensible Authentication Protocol (EAP)
  • B. Internet Protocol Security (IPsec)
  • C. Secure Sockets Layer (SSL)
  • D. Secure Shell (SSH)
Reveal Solution Hide Solution   Discussion   11

Correct Answer: A 🗳️

Question #6 Topic 1

Which part of an operating system (OS) is responsible for providing security interfaces among the hardware, OS, and other parts of the computing system?

  • A. Reference monitor
  • B. Trusted Computing Base (TCB)
  • C. Time separation
  • D. Security kernel
Reveal Solution Hide Solution   Discussion   34

Correct Answer: A 🗳️

Question #7 Topic 1

What process facilitates the balance of operational and economic costs of protective measures with gains in mission capability?

  • A. Performance testing
  • B. Risk assessment
  • C. Security audit
  • D. Risk management
Reveal Solution Hide Solution   Discussion   10

Correct Answer: D 🗳️

Question #8 Topic 1

Clothing retailer employees are provisioned with user accounts that provide access to resources at partner businesses. All partner businesses use common identity and access management (IAM) protocols and differing technologies. Under the Extended Identity principle, what is the process flow between partner businesses to allow this IAM action?

  • A. Clothing retailer acts as User Self Service, confirms identity of user using industry standards, then sends credentials to partner businesses that act as a Service Provider and allows access to services.
  • B. Clothing retailer acts as identity provider (IdP), confirms identity of user using industry standards, then sends credentials to partner businesses that act as a Service Provider and allows access to services.
  • C. Clothing retailer acts as Service Provider, confirms identity of user using industry standards, then sends credentials to partner businesses that act as an identity provider (IdP) and allows access to resources.
  • D. Clothing retailer acts as Access Control Provider, confirms access of user using industry standards, then sends credentials to partner businesses that act as a Service Provider and allows access to resources.
Reveal Solution Hide Solution   Discussion   7

Correct Answer: B 🗳️

Question #9 Topic 1

Which of the following statements BEST describes least privilege principle in a cloud environment?

  • A. A single cloud administrator is configured to access core functions.
  • B. Internet traffic is inspected for all incoming and outgoing packets.
  • C. Routing configurations are regularly updated with the latest routes.
  • D. Network segments remain private if unneeded to access the internet.
Reveal Solution Hide Solution   Discussion   33

Correct Answer: D 🗳️

Question #10 Topic 1

An organization has been collecting a large amount of redundant and unusable data and filling up the storage area network (SAN). Management has requested the identification of a solution that will address ongoing storage problems. Which is the BEST technical solution?

  • A. Compression
  • B. Caching
  • C. Replication
  • D. Deduplication
Reveal Solution Hide Solution   Discussion   40

Correct Answer: A 🗳️

Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
Loading ...