CISSP Free Practice Test

- (Exam Topic 15)
What is the MAIN objective of risk analysis in Disaster Recovery (DR) planning?

1. A. Establish Maximum Tolerable Downtime (MTD) Information Systems (IS).
2. B. Define the variable cost for extended downtime scenarios.
3. C. Identify potential threats to business availability.
4. D. Establish personnel requirements for various downtime scenarios.

Correct Answer: C

- (Exam Topic 15)
What is the FINAL step in the waterfall method for contingency planning?

1. A. Maintenance
2. B. Testing
3. C. Implementation
4. D. Training

Correct Answer: A

- (Exam Topic 14)
Which of the following initiates the system recovery phase of a disaster recovery plan?

1. A. Evacuating the disaster site
2. B. Assessing the extent of damage following the disaster
3. C. Issuing a formal disaster declaration
4. D. Activating the organization's hot site

Correct Answer: C

- (Exam Topic 10)
With data labeling, which of the following MUST be the key decision maker?

1. A. Information security
2. B. Departmental management
3. C. Data custodian
4. D. Data owner

Correct Answer: D

- (Exam Topic 15)
Which of the following is an indicator that a company's new user security awareness training module has been effective?

1. A. There are more secure connections to the internal database servers.
2. B. More incidents of phishing attempts are being reported.
3. C. There are more secure connections to internal e-mail servers.
4. D. Fewer incidents of phishing attempts are being reported.

Correct Answer: B