CISSP Practice Questions 921-940

Q: Which of the following is a function of Security Assertion Markup Language (SAML)? A. File allocation B. Redundancy check C. Extended validation D. Policy enforcement

Correct answer: D. SAML enforces authentication and authorization policies for federated identity management.

Q: Which of the following is the BEST approach to take in order to effectively incorporate the concepts of business continuity into the organization? A. Ensure end users are aware of the planning activities B. Validate all regulatory requirements are known and fully documented C. Develop training and awareness programs that involve all stakeholders D. Ensure plans do not violate the organization's cultural objectives and goals

Correct answer: C. Training and awareness across all levels ensure business continuity principles are integrated into organizational culture.

Q: If compromised, which of the following would lead to the exploitation of multiple virtual machines? A. Virtual device drivers B. Virtual machine monitor C. Virtual machine instance D. Virtual machine file system

Correct answer: B. Compromise of the virtual machine monitor (hypervisor) can expose all hosted virtual machines.

Q: A mobile device application that restricts the storage of user information to just that which is needed to accomplish lawful business goals adheres to what privacy principle? A. Onward transfer B. Collection Limitation C. Collector Accountability D. Individual Participation

Correct answer: B. The Collection Limitation principle ensures that only the minimal amount of necessary personal data is gathered.

Q: Regarding asset security and appropriate retention, which of the following INITIAL top three areas are important to focus on? A. Security control baselines, access controls, employee awareness and training B. Human resources, asset management, production management C. Supply chain lead time, inventory control, encryption D. Polygraphs, crime statistics, forensics

Correct answer: A. Proper security baselines, access controls, and employee training form the foundation of asset retention and protection.

Q: Disaster Recovery Plan (DRP) training material should be A. consistent so that all audiences receive the same training. B. stored in a fire proof safe to ensure availability when needed. C. only delivered in paper format. D. presented in a professional looking manner.

Correct answer: A. Consistency ensures all personnel understand their roles and receive uniform, accurate recovery instructions.

Q: Which of the following types of security testing is the MOST effective in providing a better indication of the everyday security challenges of an organization when performing a security risk assessment? A. External B. Overt C. Internal D. Covert

Correct answer: D. Covert testing simulates real-world attacks and insider threats, providing the most realistic view of security posture.

Q: Which of the following is the BEST method to assess the effectiveness of an organization's vulnerability management program? A. Review automated patch deployment reports B. Periodic third party vulnerability assessment C. Automated vulnerability scanning D. Perform vulnerability scan by security team

Correct answer: B. Independent third-party assessments provide unbiased evaluation of program effectiveness and maturity.

Q: Which of the following entities is ultimately accountable for data remanence vulnerabilities with data replicated by a cloud service provider? A. Data owner B. Data steward C. Data custodian D. Data processor

Correct answer: A. The data owner retains accountability for ensuring proper data handling, even when using third-party services.

Q: Which of the following roles has the obligation to ensure that a third party provider is capable of processing and handling data in a secure manner and meeting the standards set by the organization? A. Data Custodian B. Data Owner C. Data Creator D. Data User

Correct answer: B. The data owner is responsible for selecting, authorizing, and ensuring third parties comply with security requirements.

Question 921

Question 921

Which of the following is a function of Security Assertion Markup Language (SAML)?
A. File allocation
B. Redundancy check
C. Extended validation
D. Policy enforcement

Question 922

Question 922

Which of the following is the BEST approach to take in order to effectively incorporate the concepts of business continuity into the organization?
A. Ensure end users are aware of the planning activities
B. Validate all regulatory requirements are known and fully documented
C. Develop training and awareness programs that involve all stakeholders
D. Ensure plans do not violate the organization's cultural objectives and goals

Question 923

Question 923

If compromised, which of the following would lead to the exploitation of multiple virtual machines?
A. Virtual device drivers
B. Virtual machine monitor
C. Virtual machine instance
D. Virtual machine file system

Question 924

Question 924

A mobile device application that restricts the storage of user information to just that which is needed to accomplish lawful business goals adheres to what privacy principle?
A. Onward transfer
B. Collection Limitation
C. Collector Accountability
D. Individual Participation

Question 925

Question 925

Regarding asset security and appropriate retention, which of the following INITIAL top three areas are important to focus on?
A. Security control baselines, access controls, employee awareness and training
B. Human resources, asset management, production management
C. Supply chain lead time, inventory control, encryption
D. Polygraphs, crime statistics, forensics

Question 926

Question 926

Disaster Recovery Plan (DRP) training material should be
A. consistent so that all audiences receive the same training.
B. stored in a fire proof safe to ensure availability when needed.
C. only delivered in paper format.
D. presented in a professional looking manner.

Question 927

Question 927

Which of the following types of security testing is the MOST effective in providing a better indication of the everyday security challenges of an organization when performing a security risk assessment?
A. External
B. Overt
C. Internal
D. Covert

Question 928

Question 928

Which of the following is the BEST method to assess the effectiveness of an organization's vulnerability management program?
A. Review automated patch deployment reports
B. Periodic third party vulnerability assessment
C. Automated vulnerability scanning
D. Perform vulnerability scan by security team

Question 929

Question 929

Which of the following entities is ultimately accountable for data remanence vulnerabilities with data replicated by a cloud service provider?
A. Data owner
B. Data steward
C. Data custodian
D. Data processor

Question 930

Question 930

Which of the following roles has the obligation to ensure that a third party provider is capable of processing and handling data in a secure manner and meeting the standards set by the organization?
A. Data Custodian
B. Data Owner
C. Data Creator
D. Data User

Question 931

Question 931

What is the PRIMARY difference between security policies and security procedures?
A. Policies are used to enforce violations, and procedures create penalties
B. Policies point to guidelines, and procedures are more contractual in nature
C. Policies are included in awareness training, and procedures give guidance
D. Policies are generic in nature, and procedures contain operational details

Question 932

Question 932

How does Encapsulating Security Payload (ESP) in transport mode affect the Internet Protocol (IP)?
A. Encrypts and optionally authenticates the IP header, but not the IP payload
B. Encrypts and optionally authenticates the IP payload, but not the IP header
C. Authenticates the IP payload and selected portions of the IP header
D. Encrypts and optionally authenticates the complete IP packet

Question 933

Question 933

When planning a penetration test, the tester will be MOST interested in which information?
A. Places to install back doors
B. The main network access points
C. Job application handouts and tours
D. Exploits that can attack weaknesses

Question 934

Question 934

Which of the following describes the BEST configuration management practice?
A. After installing a new system, the configuration files are copied to a separate back-up system and hashed to detect tampering.
B. After installing a new system, the configuration files are copied to an air-gapped system and hashed to detect tampering.
C. The firewall rules are backed up to an air-gapped system.
D. A baseline configuration is created and maintained for all relevant systems.

Question 935

Question 935

To protect auditable information, which of the following MUST be configured to only allow read access?
A. Logging configurations
B. Transaction log files
C. User account configurations
D. Access control lists (ACL)

Question 936

Question 936

Which of the following is the BEST example of weak management commitment to the protection of security assets and resources?
A. Poor governance over security processes and procedures
B. Immature security controls and procedures
C. Variances against regulatory requirements
D. Unanticipated increases in security incidents and threats

Question 937

Question 937

The BEST example of the concept of "something that a user has" when providing an authorized user access to a computing system is
A. the user's hand geometry.
B. a credential stored in a token.
C. a passphrase.
D. the user's face.

Question 938

Question 938

A security professional is asked to provide a solution that restricts a bank teller to only perform a savings deposit transaction but allows a supervisor to perform corrections after the transaction. Which of the following is the MOST effective solution?
A. Access is based on rules.
B. Access is determined by the system.
C. Access is based on user's role.
D. Access is based on data sensitivity.

Question 939

Question 939

Which methodology is recommended for penetration testing to be effective in the development phase of the life-cycle process?
A. White-box testing
B. Software fuzz testing
C. Black-box testing
D. Visual testing

Question 940

Question 940

The implementation of which features of an identity management system reduces costs and administration overhead while improving audit and accountability?
A. Two-factor authentication
B. Single Sign-On (SSO)
C. User self-service
D. A metadirectory