CISSP Free Practice Test

- (Exam Topic 12)
Which of the following would BEST describe the role directly responsible for data within an organization?

1. A. Data custodian
2. B. Information owner
3. C. Database administrator
4. D. Quality control

Correct Answer: A

- (Exam Topic 12)
In which identity management process is the subject’s identity established?

1. A. Trust
2. B. Provisioning
3. C. Authorization
4. D. Enrollment

Correct Answer: D

- (Exam Topic 11)
Match the objectives to the assessment questions in the governance domain of Software Assurance Maturity Model (SAMM).

Solution:


Does this meet the goal?

1. A. Yes
2. B. No

Correct Answer: A

- (Exam Topic 14)
When can a security program be considered effective?

1. A. Audits are rec/party performed and reviewed.
2. B. Vulnerabilities are proactively identified.
3. C. Risk is lowered to an acceptable level.
4. D. Badges are regulatory performed and validated

Correct Answer: C

- (Exam Topic 15)
A company-wide penetration test result shows customers could access and read files through a web browser. Which of the following can be used to mitigate this vulnerability?

1. A. Enforce the chmod of files to 755.
2. B. Enforce the control of file directory listings.
3. C. Implement access control on the web server.
4. D. Implement Secure Sockets Layer (SSL) certificates throughout the web server.

Correct Answer: B