CISSP Free Practice Test

- (Exam Topic 11)
Which of the following is the PRIMARY concern when using an Internet browser to access a cloud-based service?

1. A. Insecure implementation of Application Programming Interfaces (API)
2. B. Improper use and storage of management keys
3. C. Misconfiguration of infrastructure allowing for unauthorized access
4. D. Vulnerabilities within protocols that can expose confidential data

Correct Answer: D

- (Exam Topic 10)
If an attacker in a SYN flood attack uses someone else's valid host address as the source address, the system under attack will send a large number of Synchronize/Acknowledge (SYN/ACK) packets to the

1. A. default gateway.
2. B. attacker's address.
3. C. local interface being attacked.
4. D. specified source address.

Correct Answer: D

- (Exam Topic 11)
An organization has hired a security services firm to conduct a penetration test. Which of the following will the organization provide to the tester?

1. A. Limits and scope of the testing.
2. B. Physical location of server room and wiring closet.
3. C. Logical location of filters and concentrators.
4. D. Employee directory and organizational chart.

Correct Answer: A

- (Exam Topic 15)
An organization plans to acquire @ commercial off-the-shelf (COTS) system to replace their aging home-built reporting system. When should the organization's security team FIRST get involved in this acquisition’s life cycle?

1. A. When the system is being designed, purchased, programmed, developed, or otherwise constructed
2. B. When the system is verified and validated
3. C. When the system is deployed into production
4. D. When the need for a system is expressed and the purpose of the system Is documented

Correct Answer: D

- (Exam Topic 13)
Which of the following combinations would MOST negatively affect availability?

1. A. Denial of Service (DoS) attacks and outdated hardware
2. B. Unauthorized transactions and outdated hardware
3. C. Fire and accidental changes to data
4. D. Unauthorized transactions and denial of service attacks

Correct Answer: A