CISSP Free Practice Test

- (Exam Topic 4)
At what level of the Open System Interconnection (OSI) model is data at rest on a Storage Area Network (SAN) located?

1. A. Link layer
2. B. Physical layer
3. C. Session layer
4. D. Application layer

Correct Answer: D

- (Exam Topic 15)
Which of the following is the BEST method to identify security controls that should be implemented for a web-based application while in development?

1. A. Application threat modeling
2. B. Secure software development.
3. C. Agile software development
4. D. Penetration testing

Correct Answer: A

- (Exam Topic 15)
Which of the following attacks, if successful, could give an intruder complete control of a software-defined networking (SDN) architecture?

1. A. Sniffing the traffic of a compromised host inside the network
2. B. Sending control messages to open a flow that does not pass a firewall from a compromised host within the network
3. C. A brute force password attack on the Secure Shell (SSH) port of the controller
4. D. Remote Authentication Dial-In User Service (RADIUS) token replay attack

Correct Answer: B

- (Exam Topic 12)
Which of the following is a document that identifies each item seized in an investigation, including date and time seized, full name and signature or initials of the person who seized the item, and a detailed description of the item?

1. A. Property book
2. B. Chain of custody form
3. C. Search warrant return
4. D. Evidence tag

Correct Answer: D

- (Exam Topic 15)
he security organization is loading for a solution that could help them determine with a strong level of confident that attackers have breached their network. Which solution is MOST effective at discovering successful network breach?

1. A. Installing an intrusion prevention system (IPS)
2. B. Deploying a honeypot
3. C. Installing an intrusion detection system (IDS)
4. D. Developing a sandbox

Correct Answer: B