CISSP Free Practice Test

- (Exam Topic 11)
A mobile device application that restricts the storage of user information to just that which is needed to accomplish lawful business goals adheres to what privacy principle?

1. A. Onward transfer
2. B. Collection Limitation
3. C. Collector Accountability
4. D. Individual Participation

Correct Answer: B

- (Exam Topic 11)
Which of the following is the MOST likely cause of a non-malicious data breach when the source of the data breach was an un-marked file cabinet containing sensitive documents?

1. A. Ineffective data classification
2. B. Lack of data access controls
3. C. Ineffective identity management controls
4. D. Lack of Data Loss Prevention (DLP) tools

Correct Answer: A

- (Exam Topic 14)
When a system changes significantly, who is PRIMARILY responsible for assessing the security impact?

1. A. Chief Information Security Officer (CISO)
2. B. Information System Owner
3. C. Information System Security Officer (ISSO)
4. D. Authorizing Official

Correct Answer: B

- (Exam Topic 15)
At which phase of the software assurance life cycle should risks associated with software acquisition strategies be identified?

1. A. Follow-on phase
2. B. Planning phase
3. C. Monitoring and acceptance phase
4. D. Contracting phase

Correct Answer: C

- (Exam Topic 15)
Which of the following is a Key Performance Indicator (KPI) for a security training and awareness program?

1. A. The number of security audits performed
2. B. The number of attendees at security training events
3. C. The number of security training materials created
4. D. The number of security controls implemented

Correct Answer: B