CISSP Practice Questions 1021-1040

Q: Which of the following is a responsibility of the information owner? A. Ensure that users and personnel complete the required security training to access the Information System (IS) B. Defining proper access to the Information System (IS), including privileges or access rights C. Managing identification, implementation, and assessment of common security controls D. Ensuring the Information System (IS) is operated according to agreed upon security requirements

Correct answer: B. The information owner is responsible for classifying information and defining who should have access to it, including specifying appropriate privileges and access rights based on business need and sensitivity.

Q: Proven application security principles include which of the following? A. Minimizing attack surface area B. Hardening the network perimeter C. Accepting infrastructure security controls D. Developing independent modules

Correct answer: A. Reducing an application’s attack surface limits potential entry points for exploitation.

Q: Which of the following would an attacker BEST be able to accomplish through the use of Remote Access Tools (RAT)? A. Reduce the probability of identification B. Detect further compromise of the target C. Destabilize the operation of the host D. Maintain and expand control

Correct answer: D. RATs enable persistent unauthorized access and control over compromised systems.

Q: What is the PRIMARY goal of fault tolerance? A. Elimination of single point of failure B. Isolation using a sandbox C. Single point of repair D. Containment to prevent propagation

Correct answer: A. Fault tolerance ensures system availability by eliminating single points of failure through redundancy.

Q: An organization recently conducted a review of the security of its network applications. One of the vulnerabilities found was that the session key used in encrypting sensitive information to a third party server had been hard-coded in the client and server applications. Which of the following would be MOST effective in mitigating this vulnerability? A. Diffle-Hellman (DH) algorithm B. Elliptic Curve Cryptography (ECC) algorithm C. Digital Signature algorithm (DSA) D. Rivest-Shamir-Adleman (RSA) algorithm

Correct answer: A. Diffie-Hellman enables secure key exchange dynamically, removing the need to hard-code keys.

Q: Within the company, desktop clients receive Internet Protocol (IP) address over Dynamic Host Configuration Protocol (DHCP). Which of the following represents a valid measure to help protect the network against unauthorized access? A. Implement patch management B. Implement port based security through 802.1x C. Implement session border controllers D. Implement application white listing

Correct answer: B. 802.1x provides port-based access control, ensuring only authenticated devices connect to the network.

Q: What is the PRIMARY reason to conduct periodic security audits? A. Ensure compliance and verify control effectiveness B. Detect intrusions in real time C. Monitor bandwidth usage D. Validate encryption algorithms

Correct answer: A. Regular audits confirm that implemented controls remain effective and compliant with policies and regulations.

Q: Which of the following is MOST appropriate for protecting confidentiality of data stored on a hard drive? A. Triple Data Encryption Standard (3DES) B. Advanced Encryption Standard (AES) C. Message Digest 5 (MD5) D. Secure Hash Algorithm 2 (SHA-2)

Correct answer: B. AES is the industry standard for encrypting data at rest, providing strong confidentiality for stored information.

Q: What is the expected outcome of security awareness in support of a security awareness program? A. Awareness activities should be used to focus on security concerns and respond to those concerns accordingly B. Awareness is not an activity or part of the training but rather a state of persistence to support the program C. Awareness is training. The purpose of awareness presentations is to broaden attention of security. D. Awareness is not training. The purpose of awareness presentation is simply to focus attention on security.

Correct answer: D. Awareness is not the same as training. In CISSP, security awareness aims simply to focus attention on security and influence behavior, whereas training is used to build specific skills and procedural knowledge.

Q: An Information Technology (IT) professional attends a cybersecurity seminar on current incident response methodologies. What code of ethics canon is being observed? A. Provide diligent and competent service to principals B. Protect society, the commonwealth, and the infrastructure C. Advance and protect the profession D. Act honorably, honestly, justly, responsibly, and legally

Correct answer: C. Continuing education and professional development demonstrate commitment to advancing and protecting the cybersecurity profession.

Question 1021

Question 1021

Which of the following is a responsibility of the information owner?
A. Ensure that users and personnel complete the required security training to access the Information System (IS)
B. Defining proper access to the Information System (IS), including privileges or access rights
C. Managing identification, implementation, and assessment of common security controls
D. Ensuring the Information System (IS) is operated according to agreed upon security requirements

Question 1022

Question 1022

Proven application security principles include which of the following?
A. Minimizing attack surface area
B. Hardening the network perimeter
C. Accepting infrastructure security controls
D. Developing independent modules

Question 1023

Question 1023

Which of the following would an attacker BEST be able to accomplish through the use of Remote Access Tools (RAT)?
A. Reduce the probability of identification
B. Detect further compromise of the target
C. Destabilize the operation of the host
D. Maintain and expand control

Question 1024

Question 1024

What is the PRIMARY goal of fault tolerance?
A. Elimination of single point of failure
B. Isolation using a sandbox
C. Single point of repair
D. Containment to prevent propagation

Question 1025

Question 1025

An organization recently conducted a review of the security of its network applications. One of the vulnerabilities found was that the session key used in encrypting sensitive information to a third party server had been hard-coded in the client and server applications. Which of the following would be MOST effective in mitigating this vulnerability?
A. Diffle-Hellman (DH) algorithm
B. Elliptic Curve Cryptography (ECC) algorithm
C. Digital Signature algorithm (DSA)
D. Rivest-Shamir-Adleman (RSA) algorithm

Question 1026

Question 1026

Within the company, desktop clients receive Internet Protocol (IP) address over Dynamic Host Configuration Protocol (DHCP). Which of the following represents a valid measure to help protect the network against unauthorized access?
A. Implement patch management
B. Implement port based security through 802.1x
C. Implement session border controllers
D. Implement application white listing

Question 1027

Question 1027

What is the PRIMARY reason to conduct periodic security audits?
A. Ensure compliance and verify control effectiveness
B. Detect intrusions in real time
C. Monitor bandwidth usage
D. Validate encryption algorithms

Question 1028

Question 1028

Which of the following is MOST appropriate for protecting confidentiality of data stored on a hard drive?
A. Triple Data Encryption Standard (3DES)
B. Advanced Encryption Standard (AES)
C. Message Digest 5 (MD5)
D. Secure Hash Algorithm 2 (SHA-2)

Question 1029

Question 1029

What is the expected outcome of security awareness in support of a security awareness program?
A. Awareness activities should be used to focus on security concerns and respond to those concerns accordingly
B. Awareness is not an activity or part of the training but rather a state of persistence to support the program
C. Awareness is training. The purpose of awareness presentations is to broaden attention of security.
D. Awareness is not training. The purpose of awareness presentation is simply to focus attention on security.

Question 1030

Question 1030

An Information Technology (IT) professional attends a cybersecurity seminar on current incident response methodologies. What code of ethics canon is being observed?
A. Provide diligent and competent service to principals
B. Protect society, the commonwealth, and the infrastructure
C. Advance and protect the profession
D. Act honorably, honestly, justly, responsibly, and legally

Question 1031

Question 1031

Transport Layer Security (TLS) provides which of the following capabilities for a remote access server?
A. Transport layer handshake compression
B. Application layer negotiation
C. Peer identity authentication
D. Digital certificate revocation

Question 1032

Question 1032

Which of the following MUST be scalable to address security concerns raised by the integration of third-party identity services?
A. Mandatory Access Controls (MAC)
B. Enterprise security architecture
C. Enterprise security procedures
D. Role Based Access Controls (RBAC)

Question 1033

Question 1033

Which of the following entails identification of data and links to business processes, applications, and data stores as well as assignment of ownership responsibilities?
A. Security governance
B. Risk management
C. Security portfolio management
D. Risk assessment

Question 1034

Question 1034

When developing a business case for updating a security program, the security program owner MUST do which of the following?
A. Identify relevant metrics
B. Prepare performance test reports
C. Obtain resources for the security program
D. Interview executive management

Question 1035

Question 1035

When network management is outsourced to third parties, which of the following is the MOST effective method of protecting critical data assets?
A. Log all activities associated with sensitive systems
B. Provide links to security policies
C. Confirm that confidentiality agreements are signed
D. Employ strong access controls

Question 1036

Question 1036

Who is accountable for the information within an Information System (IS)?
A. Security manager
B. System owner
C. Data owner
D. Data processor

Question 1037

Question 1037

A chemical plant wants to upgrade the Industrial Control System (ICS) to transmit data using Ethernet instead of RS422. The project manager wants to simplify administration and maintenance by utilizing the office network infrastructure and staff to implement this upgrade.

Which of the following is the GREATEST impact on security for the network?
A. The network administrators have no knowledge of ICS
B. The ICS is now accessible from the office network
C. The ICS does not support the office password policy
D. RS422 is more reliable than Ethernet

Question 1038

Question 1038

Which of the following is part of a Trusted Platform Module (TPM)?
A. A non-volatile tamper-resistant storage for storing both data and signing keys in a secure fashion
B. A protected Pre-Basic Input/Output System (BIOS) which specifies a method or a metric for “measuring” the state of a computing platform
C. A secure processor targeted at managing digital keys and accelerating digital signing
D. A platform-independent software interface for accessing computer functions

Question 1039

Question 1039

Which of the following is a responsibility of a data steward?
A. Ensure alignment of the data governance effort to the organization
B. Conduct data governance interviews with the organization
C. Document data governance requirements
D. Ensure that data decisions and impacts are communicated to the organization

Question 1040

Question 1040

What does a Synchronous (SYN) flood attack do?
A. Forces Transmission Control Protocol/Internet Protocol (TCP/IP) connections into a reset state
B. Establishes many new Transmission Control Protocol/Internet Protocol (TCP/IP) connections
C. Empties the queue of pending Transmission Control Protocol/Internet Protocol (TCP/IP) requests
D. Exceeds the limits for new Transmission Control Protocol/Internet Protocol (TCP/IP) connections