CISSP Online Practice Questions and Answers

Reciprocal backup site agreements are considered to be

A. a better alternative than the use of warm sites.

B. difficult to test for complex systems.

C. easy to implement for similar types of organizations.

D. easy to test and implement for complex systems.

A user has infected a computer with malware by connecting a Universal Serial Bus (USB) storage device.

Which of the following is MOST effective to mitigate future infections?

A. Develop a written organizational policy prohibiting unauthorized USB devices

B. Train users on the dangers of transferring data in USB devices

C. Implement centralized technical control of USB port connections

D. Encrypt removable USB devices containing data at rest

Which of the following are Systems Engineering Life Cycle (SELC) Technical Processes?

A. Concept, Development, Production, Utilization, Support, Retirement

B. Stakeholder Requirements Definition, Architectural Design, Implementation, Verification, Operation

C. Acquisition, Measurement, Configuration Management, Production, Operation, Support

D. Concept, Requirements, Design, Implementation, Production, Maintenance, Support, Disposal

Which of the following is MOST effective in detecting information hiding in Transmission Control Protocol/Internet Protocol (TCP/IP) traffic?

A. Packet-filter firewall

B. Content-filtering web proxy

C. Stateful inspection firewall

D. Application-level firewall

Which of the following is the BEST defense against password guessing?

A. Limit external connections to the network

B. Disable the account after a limited number of unsuccessful attempts

C. Force the password to be changed after an invalid password has been entered

D. Require a combination of letters, numbers, and special characters in the password

Which of the following techniques is effective to detect taps in fiber optic cables?

A. Taking baseline signal level of the cable

B. Measuring signal through external oscillator solution devices

C. Outlining electromagnetic field strength

D. Performing network vulnerability scanning

For a federated identity solution, a third-party Identity Provider (IdP) is PRIMARILY responsible for which of the following?

A. Access Control

B. Account Management

C. Authentication

D. Authorization

Which of the following BEST describes centralized identity management?

A. Service providers rely on a trusted third party (TTP) to provide requestors with both credentials and identifiers.

B. Service providers agree to integrate identity system recognition across organizational boundaries.

C. Service providers identify an entity by behavior analysis versus an identification factor.

D. Service providers perform as both the credential and identity provider (IdP).

To ensure compliance with the General Data Protection Regulation (GDPR), who in the organization should the help desk manager confer with before selecting a Software as a Service (SaaS) solution?

A. Data owner

B. Database administrator (DBA)

C. Data center manager

D. Data Protection Officer (DPO)

A large organization's human resources and security teams are planning on implementing technology to eliminate manual user access reviews and improve compliance. Which of the following options is MOST likely to resolve the issues associated with user access?

A. Implement a Privileged Access Management (PAM) system.

B. Implement a role-based access control (RBAC) system.

C. Implement identity and access management (IAM) platform.

D. Implement a single sign-on (SSO) platform.