Welcome to ExamTopics
ExamTopics Logo
- Expert Verified, Online, Free.

ISC CISSP Exam Actual Questions

The questions for CISSP were last updated at Jan. 24, 2022.
  • Viewing page 1 out of 57 pages.
  • Viewing questions 1-10 out of 565 questions

Topic 1 - Single Topic

Question #1 Topic 1

All of the following items should be included in a Business Impact Analysis (BIA) questionnaire EXCEPT questions that

  • A. determine the risk of a business interruption occurring
  • B. determine the technological dependence of the business processes
  • C. Identify the operational impacts of a business interruption
  • D. Identify the financial impacts of a business interruption
Reveal Solution Hide Solution   Discussion   37

Correct Answer: B 🗳️
Reference:
https://www.google.com/url?sa=t&rct=j&q=&esrc=s&source=web&cd=1&cad=rja&uact=8&ved=0ahUKEwjbktbTp-
LaAhVIr48KHZuhB0UQFggmMAA&url=http%3A%2F%2Fwww.oregon.gov%2Fdas%2FProcurement%2FGuiddoc%
2FBusImpAnalysQs.doc&usg=AOvVaw1wBxcnLP8ceI_yhv2rsI9h

Question #2 Topic 1

Which of the following actions will reduce risk to a laptop before traveling to a high risk area?

  • A. Examine the device for physical tampering
  • B. Implement more stringent baseline configurations
  • C. Purge or re-image the hard disk drive
  • D. Change access codes
Reveal Solution Hide Solution   Discussion   32

Correct Answer: B 🗳️

Question #3 Topic 1

Which of the following represents the GREATEST risk to data confidentiality?

  • A. Network redundancies are not implemented
  • B. Security awareness training is not completed
  • C. Backup tapes are generated unencrypted
  • D. Users have administrative privileges
Reveal Solution Hide Solution   Discussion   34

Correct Answer: C 🗳️

Question #4 Topic 1

What is the MOST important consideration from a data security perspective when an organization plans to relocate?

  • A. Ensure the fire prevention and detection systems are sufficient to protect personnel
  • B. Review the architectural plans to determine how many emergency exits are present
  • C. Conduct a gap analysis of a new facilities against existing security requirements
  • D. Revise the Disaster Recovery and Business Continuity (DR/BC) plan
Reveal Solution Hide Solution   Discussion   32

Correct Answer: C 🗳️

Question #5 Topic 1

A company whose Information Technology (IT) services are being delivered from a Tier 4 data center, is preparing a companywide Business Continuity Planning
(BCP). Which of the following failures should the IT manager be concerned with?

  • A. Application
  • B. Storage
  • C. Power
  • D. Network
Reveal Solution Hide Solution   Discussion   32

Correct Answer: C 🗳️
Reference:
https://www.colocationamerica.com/data-center/tier-standards-overview.htm

Question #6 Topic 1

When assessing an organization's security policy according to standards established by the International Organization for Standardization (ISO) 27001 and
27002, when can management responsibilities be defined?

  • A. Only when assets are clearly defined
  • B. Only when standards are defined
  • C. Only when controls are put in place
  • D. Only procedures are defined
Reveal Solution Hide Solution   Discussion   13

Correct Answer: A 🗳️

Question #7 Topic 1

Which of the following types of technologies would be the MOST cost-effective method to provide a reactive control for protecting personnel in public areas?

  • A. Install mantraps at the building entrances
  • B. Enclose the personnel entry area with polycarbonate plastic
  • C. Supply a duress alarm for personnel exposed to the public
  • D. Hire a guard to protect the public area
Reveal Solution Hide Solution   Discussion   31

Correct Answer: C 🗳️

Question #8 Topic 1

An important principle of defense in depth is that achieving information security requires a balanced focus on which PRIMARY elements?

  • A. Development, testing, and deployment
  • B. Prevention, detection, and remediation
  • C. People, technology, and operations
  • D. Certification, accreditation, and monitoring
Reveal Solution Hide Solution   Discussion   9

Correct Answer: C 🗳️
Reference:
https://www.giac.org/paper/gsec/3873/information-warfare-cyber-warfare-future-warfare/106165
(14)

Question #9 Topic 1

Intellectual property rights are PRIMARY concerned with which of the following?

  • A. Ownerג€™s ability to realize financial gain
  • B. Ownerג€™s ability to maintain copyright
  • C. Right of the owner to enjoy their creation
  • D. Right of the owner to control delivery method
Reveal Solution Hide Solution   Discussion   22

Correct Answer: A 🗳️

Question #10 Topic 1

A control to protect from a Denial-of-Service (DoS) attach has been determined to stop 50% of attacks, and additionally reduces the impact of an attack by 50%.
What is the residual risk?

  • A. 25%
  • B. 50%
  • C. 75%
  • D. 100%
Reveal Solution Hide Solution   Discussion   12

Correct Answer: A 🗳️

Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
Loading ...