CISMP-V9 Free Practice Test

What form of training SHOULD developers be undertaking to understand the security of the code they havewritten and how it can improvesecurity defence whilst being attacked?

1. A. Red Team Training.
2. B. Blue Team Training.
3. C. Black Hat Training.
4. D. Awareness Training.

Correct Answer: C

Which of the following is a framework and methodology for Enterprise Security Architecture and Service Management?

1. A. TOGAF
2. B. SABSA
3. C. PCI DSS.
4. D. OWASP.

Correct Answer: B

The policies, processes, practices, and tools used to align the business value of information with the most appropriate and cost-effectiveinfrastructure from the time information is conceived through its final disposition.
Which of the below business practices does this statement define?

1. A. Information Lifecycle Management.
2. B. Information Quality Management.
3. C. Total Quality Management.
4. D. Business Continuity Management.

Correct Answer: A
https://www.stitchdata.com/resources/glossary/information-lifecycle-management/#:~:text=“ILM%

What Is the PRIMARY security concern associated with the practice known as Bring Your Own Device (BYOD) that might affect a largeorganisation?

1. A. Most BYOD involves the use of non-Windows hardware which is intrinsically insecure and open to abuse.
2. B. The organisation has significantly less control over the device than over a corporately provided and managed device.
3. C. Privately owned end user devices are not provided with the same volume nor frequency of security patch updates as a corporation.
4. D. Under GDPR it is illegal for an individual to use a personal device when handling personal information under corporate control.

Correct Answer: A

What Is the KEY purpose of appending security classification labels to information?

1. A. To provide guidance and instruction on implementing appropriate security controls to protect the information.
2. B. To comply with whatever mandatory security policy framework is in place within the geographical location in question.
3. C. To ensure that should the information be lost in transit, it can be returned to the originator using the correct protocols.
4. D. To make sure the correct colour-coding system is used when the information is ready for archive.

Correct Answer: A