CISSP Free Practice Test

- (Exam Topic 9)
The PRIMARY purpose of a security awareness program is to

1. A. ensure that everyone understands the organization's policies and procedures.
2. B. communicate that access to information will be granted on a need-to-know basis.
3. C. warn all users that access to all systems will be monitored on a daily basis.
4. D. comply with regulations related to data and information protection.

Correct Answer: A

- (Exam Topic 6)
Which of the following is a PRIMARY benefit of using a formalized security testing report format and structure?

1. A. Executive audiences will understand the outcomes of testing and most appropriate next steps for corrective actions to be taken
2. B. Technical teams will understand the testing objectives, testing strategies applied, and business risk associated with each vulnerability
3. C. Management teams will understand the testing objectives and reputational risk to the organization
4. D. Technical and management teams will better understand the testing objectives, results of each test phase, and potential impact levels

Correct Answer: D

- (Exam Topic 6)
A Virtual Machine (VM) environment has five guest Operating Systems (OS) and provides strong isolation. What MUST an administrator review to audit a user’s access to data files?

1. A. Host VM monitor audit logs
2. B. Guest OS access controls
3. C. Host VM access controls
4. D. Guest OS audit logs

Correct Answer: A

- (Exam Topic 1)
Which of the following types of technologies would be the MOST cost-effective method to provide a reactive control for protecting personnel in public areas?

1. A. Install mantraps at the building entrances
2. B. Enclose the personnel entry area with polycarbonate plastic
3. C. Supply a duress alarm for personnel exposed to the public
4. D. Hire a guard to protect the public area

Correct Answer: D

- (Exam Topic 14)
Which programming methodology allows a programmer to use pre-determined blocks of code end consequently reducing development time and programming costs?

1. A. Application security
2. B. Object oriented
3. C. Blocked algorithm
4. D. Assembly language

Correct Answer: B