CISSP Free Practice Test

- (Exam Topic 15)
What is the PRIMARY objective of business continuity planning?

1. A. Establishing a cost estimate for business continuity recovery operations
2. B. Restoring computer systems to normal operations as soon as possible
3. C. Strengthening the perceived importance of business continuity planning among senior management
4. D. Ensuring timely recovery of mission-critical business processes

Correct Answer: B

- (Exam Topic 9)
Two companies wish to share electronic inventory and purchase orders in a supplier and client relationship. What is the BEST security solution for them?

1. A. Write a Service Level Agreement (SLA) for the two companies.
2. B. Set up a Virtual Private Network (VPN) between the two companies.
3. C. Configure a firewall at the perimeter of each of the two companies.
4. D. Establish a File Transfer Protocol (FTP) connection between the two companies.

Correct Answer: B

- (Exam Topic 15)
Which of the (ISC)? Code of Ethics canons is MOST reflected when preserving the value of systems, applications, and entrusted information while avoiding conflicts of interest?

1. A. Act honorably, honestly, justly, responsibly, and legally.
2. B. Protect society, the commonwealth, and the infrastructure.
3. C. Provide diligent and competent service to principles.
4. D. Advance and protect the profession.

Correct Answer: B

- (Exam Topic 15)
What is a use for mandatory access control (MAC)?

1. A. Allows for labeling of sensitive user accounts for access control
2. B. Allows for mandatory user identity and passwords based on sensitivity
3. C. Allows for mandatory system administrator access control over objects
4. D. Allows for object security based on sensitivity represented by a label

Correct Answer: D

- (Exam Topic 11)
What is the process called when impact values are assigned to the security objectives for information types?

1. A. Qualitative analysis
2. B. Quantitative analysis
3. C. Remediation
4. D. System security categorization

Correct Answer: D