CISSP Free Practice Test

- (Exam Topic 9)
An organization is designing a large enterprise-wide document repository system. They plan to have several different classification level areas with increasing levels of controls. The BEST way to ensure document confidentiality in the repository is to

1. A. encrypt the contents of the repository and document any exceptions to that requirement.
2. B. utilize Intrusion Detection System (IDS) set drop connections if too many requests for documents are detected.
3. C. keep individuals with access to high security areas from saving those documents into lower security areas.
4. D. require individuals with access to the system to sign Non-Disclosure Agreements (NDA).

Correct Answer: A

- (Exam Topic 12)
Which of the following is a weakness of Wired Equivalent Privacy (WEP)?

1. A. Length of Initialization Vector (IV)
2. B. Protection against message replay
3. C. Detection of message tampering
4. D. Built-in provision to rotate keys

Correct Answer: A

- (Exam Topic 14)
Which of the following is a process in the access provisioning lifecycle that will MOST likely identify access aggregation issues?

1. A. Test
2. B. Assessment
3. C. Review
4. D. Peer review

Correct Answer: C
Reference: https://books.google.com.pk/books?id=W2TvAgAAQBAJ&pg=PA256&lpg=PA256&dq=process+in+the+acce

- (Exam Topic 13)
Which of the following management process allows ONLY those services required for users to accomplish their tasks, change default user passwords, and set servers to retrieve antivirus updates?

1. A. Configuration
2. B. Identity
3. C. Compliance
4. D. Patch

Correct Answer: A

- (Exam Topic 14)
Which of the following was developed to support multiple protocols as well as provide as well as provide login, password, and error correction capabilities?

1. A. Challenge Handshake Authentication Protocol (CHAP)
2. B. Point-to-Point Protocol (PPP)
3. C. Password Authentication Protocol (PAP)
4. D. Post Office Protocol (POP)

Correct Answer: A