Free CISSP Practice Questions Quiz

The 10 Question Challenge CISSP Practice Quiz

The CISSP is the ideal credential for those with proven deep technical and managerial competence, skills, and experience. But, at 6 hours in length and 250 questions in breadth, the CISSP exam is one tough test. It takes a great deal of preparation and practice to succeed.

Here is an example question to get started:

Data owners play a crucial role in assigning classifications to data. Which of the following is the PRIMARY advantage of data classification for an organization?

A.) Reducing the cost associated with securing data.
B.) Preventing unauthorized manipulation of data.
C.) Avoiding protecting data with unnecessary security controls.
D.) Formalizing the process of implementing strict and consistent security controls.

Reveal the answer and explanation.

Correct Answer:  D.) Formalizing the process of implementing strict and consistent security controls.

According to the (ISC)² Common Body of Knowledge, the primary goal of data classification is related to both business and security. Data classification, which is the process of categorizing data based on it sensitivity or need for security, helps keeps data secure and ensures that process is cost effective. All four answers are related to those goals.

However, Answer B can be eliminated because it only refers to the integrity of the data. Data classification schemes mainly relate to data confidentiality.

Answers A and C both relate to the very important goal of making the process of data protection cost effective. While Answer A’s link to cost effectiveness is explicit, Answer C is correct in stating that protecting data with unnecessary security controls is a waste of resources. Protecting data costs money, and money must only be spent on data that requires protection. Since both Answers A and C say the same thing, they can both be eliminated.

That leaves Answer D, which focuses on the long-term benefit of data classification. Having a data classification policy in place will force an organization to classify, and thus protect, data as it receives or creates it. Having this security process formalized is the PRIMARY benefit of data classification.

Want to test your skills? Take the 10 Question Challenge! This free practice quiz uses questions similar to those found on the CISSP exam. Simply select your answers to the 10 questions by clicking the "continue" button below and then submit within the 12 minute time limit to check your score!

1) Which of the following would be the most important factor for a successful IT security program in an organization?
2) Your company is purchasing a new timekeeping system. The software will need to be installed on servers in your virtual infrastructure. What is an example of providing due care for the new timekeeping system?
3) An asset manager is disposing of old hard drives that have held sensitive information. She is concerned about data remanence. Which of the following scenarios best illustrates a risk related to data remanence?
4) A solutions architect is working on a project to implement a virtual infrastructure to house a web application that will be accessible from the internet. How could the new solution best be designed securely?
5) A software company regularly posts new versions of their software publicly for download. The company also lists the MD5 hash value next to the download link. What is the software company concerned about that would cause them to post a hash value?
6) A newly hired Security Architect is reviewing the current remote access solution. He discovers that there is an SSL VPN configured to allow all employees to log in remotely. The Security Architect interviews the department heads and discovers that only two departments use the VPN for three unique applications. What method would both satisfy the needs of the two departments and be more secure?
7) A server administrator has been tasked with securing a directory on a server that contains sensitive financial information. There are 10 users that need full access to this folder and nobody else should be able to access it. What is the best logical access control to implement to obtain this goal?
8) You are an account administrator. A department manager has come to you complaining that a former employee of hers is still accessing sensitive information that only her department has permission to view. The employee was not fired but moved roles onto a different team. This is a reoccurring issue: employees switch roles and/or departments and gain new access rights, but retain their old rights as well. Which term best describes this situation?
9) An incident responder has discovered a significant breach and law enforcement has been called. They have instructed the company to maintain a chain of custody for all evidence involved in the breach. A chain of custody provides all of the following except:
10) A small software company has hired a third-party consultant to help them reach level 5 of the Capability Maturity Model Integration model. What would best describe when the software company reaches level 5 of the Capability Maturity Model Integration model?

Full Name* :

Email* (Quiz Results) :

Phone Number :

Free Whitepaper: 2017 Cybersecurity Workforce Analysis

CISSP - Certified Information Systems Security Professional Logo
isc-logo

PREPARE WITH CYBERVISTA

Led by (ISC)² authorized and CISSP certified instructors with an average of more than 10 years experience, you’ll enjoy the structure, delivery, and convenience of CyberVista’s 12-week, part-time, live online CISSP training course as you prepare to earn the industry-leading certification in information security.

Uniquely Comprehensive

Our unique course includes 300+ hours of structured learning including more than 70 hours of live and on-demand expert instruction from working cybersecurity practitioners.

Flexible and Convenient

Our 12-week program fits into your life. You don’t need to take time away from work or home. We combine the rigor of structured, scheduled sessions with the convenience of online instruction.

Innovative Course Delivery

CyberVista delivers the learning content to your fingertips in a state-of-the-art learning management system. Plus, for your live online classes, you’ll experience our expert instructors through light board technology.

color
https://www.cybervista.net/wp-content/themes/blake/
https://www.cybervista.net//
#0085c3
style1
scroll
Loading posts...
/nas/content/live/cybervista/
#
on
none
loading
#
Sort Gallery
https://www.cybervista.net/wp-content/themes/blake
on
no
off
Enter your email here
off
off