CISMP-V9 Free Practice Test

When considering the disposal of confidential data, equipment and storage devices, what social engineering technique SHOULD always betaken into consideration?

1. A. Spear Phishing.
2. B. Shoulder Surfing.
3. C. Dumpster Diving.
4. D. Tailgating.

Correct Answer: A

How does the use of a "single sign-on" access control policy improve the security for an organisation implementing the policy?

1. A. Password is better encrypted for system authentication.
2. B. Access controllogs are centrally located.
3. C. Helps prevent the likelihood of users writing down passwords.
4. D. Decreases the complexity of passwords users have to remember.

Correct Answer: B

In business continuity (BC) terms, what is the name of the individual responsible for recording all pertinent information associated with a BCexercise or real plan invocation?

1. A. Recorder.
2. B. Desk secretary.
3. C. Scribe.
4. D. Scrum Master.

Correct Answer: A

Which term describes the acknowledgement and acceptance of ownership of actions, decisions, policies and deliverables?

1. A. Accountability.
2. B. Responsibility.
3. C. Credibility.
4. D. Confidentiality.

Correct Answer: A
https://hr.nd.edu/assets/17442/behavior_model_4_ratings_3_.pdf

What types of web application vulnerabilities continue to be the MOST prolific according to the OWASP Top 10?

1. A. Poor Password Management.
2. B. Insecure Deserialsiation.
3. C. Injection Flaws.
4. D. Security Misconfiguration

Correct Answer: C