CISSP Free Practice Test

- (Exam Topic 14)
A large corporation is looking for a solution to automate access based on where the request is coming from, who the user is, what device they are connecting with, and what and time of day they are attempting this access. What type of solution would suit their needs?

1. A. Mandatory Access Control (MAC)
2. B. Network Access Control (NAC)
3. C. Role Based Access Control (RBAC)
4. D. Discretionary Access Control (DAC)

Correct Answer: B

- (Exam Topic 15)
When reviewing vendor certifications for handling and processing of company data, which of the following is the BEST Service Organization Controls (SOC) certification for the vendor to possess?

1. A. SOC 1 Type 1
2. B. SOC 2 Type 1
3. C. SOC 2 Type 2
4. D. SOC 3

Correct Answer: C

- (Exam Topic 15)
Which of the following types of firewall only examines the “handshaking” between packets before forwarding traffic?

1. A. Proxy firewalls
2. B. Host-based firewalls
3. C. Circuit-level firewalls
4. D. Network Address Translation (NAT) firewalls

Correct Answer: C

- (Exam Topic 15)
Which change management role is responsible for the overall success of the project and supporting the change throughout the organization?

1. A. Change driver
2. B. Change implementer
3. C. Program sponsor
4. D. Project manager

Correct Answer: D

- (Exam Topic 14)
What is the BEST method if an investigator wishes to analyze a hard drive which may be used as evidence?

1. A. Leave the hard drive in place and use only verified and authenticated Operating Systems (OS) utilities ...
2. B. Log into the system and immediately make a copy of all relevant files to a Write Once, Read Many ...
3. C. Remove the hard drive from the system and make a copy of the hard drive's contents using imaging hardware.
4. D. Use a separate bootable device to make a copy of the hard drive before booting the system and analyzing the hard drive.

Correct Answer: C