CISSP Free Practice Test

- (Exam Topic 15)
Which of the following is a key responsibility for a data steward assigned to manage an enterprise data lake?

1. A. Ensure proper business definition, value, and usage of data collected and stored within the enterprise data lake.
2. B. Ensure proper and identifiable data owners for each data element stored within an enterprise data lake.
3. C. Ensure adequate security controls applied to the enterprise data lake.
4. D. Ensure that any data passing within remit is being used in accordance with the rules and regulations of the business.

Correct Answer: A

- (Exam Topic 15)
A security practitioner needs to implementation solution to verify endpoint security protections and operating system (0S) versions. Which of the following is the BEST solution to implement?

1. A. An intrusion prevention system (IPS)
2. B. An intrusion prevention system (IPS)
3. C. Network Access Control (NAC)
4. D. A firewall

Correct Answer: B

- (Exam Topic 15)
The security team plans on using automated account reconciliation in the corporate user access review process. Which of the following must be implemented for the BEST results with fewest errors when running the audit?

1. A. Removal of service accounts from review
2. B. Segregation of Duties (SoD)
3. C. Clear provisioning policies
4. D. Frequent audits

Correct Answer: C

- (Exam Topic 15)
What is the MOST appropriate hierarchy of documents when implementing a security program?

1. A. Organization principle, policy, standard, guideline
2. B. Policy, organization principle, standard, guideline
3. C. Standard, policy, organization principle, guideline
4. D. Organization principle, guideline, policy, standard

Correct Answer: C

- (Exam Topic 15)
Which of the following is the BEST way to protect an organization's data assets?

1. A. Monitor and enforce adherence to security policies.
2. B. Encrypt data in transit and at rest using up-to-date cryptographic algorithms.
3. C. Create the Demilitarized Zone (DMZ) with proxies, firewalls and hardened bastion hosts.
4. D. Require Multi-Factor Authentication (MFA) and Separation of Duties (SoD).

Correct Answer: B