CISSP Free Practice Test

- (Exam Topic 15)
Before allowing a web application into the production environment, the security practitioner performs multiple types of tests to confirm that the web application performs as expected. To test the username field, the security practitioner creates a test that enters more characters into the field than is allowed. Which of the following BEST describes the type of test performed?

1. A. Misuse case testing
2. B. Penetration testing
3. C. Web session testing
4. D. Interface testing

Correct Answer: A

- (Exam Topic 14)
What is the MAIN reason to ensure the appropriate retention periods are enforced for data stored on electronic media?

1. A. To reduce the carbon footprint by eliminating paper
2. B. To create an inventory of data assets stored on disk for backup and recovery
3. C. To declassify information that has been improperly classified
4. D. To reduce the risk of loss, unauthorized access, use, modification, and disclosure

Correct Answer: D

- (Exam Topic 11)
Which of the following is the PRIMARY benefit of implementing data-in-use controls?

1. A. If the data is lost, it must be decrypted to be opened.
2. B. If the data is lost, it will not be accessible to unauthorized users.
3. C. When the data is being viewed, it can only be printed by authorized users.
4. D. When the data is being viewed, it must be accessed using secure protocols.

Correct Answer: C

- (Exam Topic 14)
Which of the following threats exists with an implementation of digital signatures?

1. A. Spoofing
2. B. Substitution
3. C. Content tampering
4. D. Eavesdropping

Correct Answer: A

- (Exam Topic 11)
Place in order, from BEST (1) to WORST (4), the following methods to reduce the risk of data remanence on magnetic media.

Solution:


Does this meet the goal?

1. A. Yes
2. B. No

Correct Answer: A