CISSP Free Practice Test

- (Exam Topic 15)
What is the MOST common cause of Remote Desktop Protocol (RDP) compromise?

1. A. Port scan
2. B. Brute force attack
3. C. Remote exploit
4. D. Social engineering

Correct Answer: B

- (Exam Topic 14)
An organization implements a Remote Access Server (RAS). Once users correct to the server, digital certificates are used to authenticate their identity. What type of Extensible Authentication Protocol (EAP) would the organization use dring this authentication?

1. A. Transport layer security (TLS)
2. B. Message Digest 5 (MD5)
3. C. Lightweight Extensible Authentication Protocol (EAP)
4. D. Subscriber Identity Module (SIM)

Correct Answer: A

- (Exam Topic 14)
Which of the following BEST describes how access to a system is granted to federated user accounts?

1. A. With the federation assurance level
2. B. Based on defined criteria by the Relying Party (RP)
3. C. Based on defined criteria by the Identity Provider (IdP)
4. D. With the identity assurance level

Correct Answer: C
Reference: https://resources.infosecinstitute.com/cissp-domain-5-refresh-identity-and-access-management/

- (Exam Topic 9)
The BEST method of demonstrating a company's security level to potential customers is

1. A. a report from an external auditor.
2. B. responding to a customer's security questionnaire.
3. C. a formal report from an internal auditor.
4. D. a site visit by a customer's security team.

Correct Answer: A

- (Exam Topic 15)
Which of the following features is MOST effective in mitigating against theft of data on a corporate mobile device which has been stolen?

1. A. Mobile Device Management (MDM) with device wipe
2. B. Whole device encryption with key escrow
3. C. Virtual private network (VPN) with traffic encryption
4. D. Mobile device tracking with geolocation

Correct Answer: A