Free ISC2 CISSP Exam Questions

Become ISC2 Certified with updated CISSP exam questions and correct answers

Page: 1 / 301

Total 1502 Questions | Updated On: Jan 13, 2026

Add To Cart

Question 1

Which event magnitude is defined as deadly, destructive, and disruptive when a hazard interacts with human vulnerability?

A : aster

B : tastrophe

C : isis

D : cident

Answer: B

Question 2

While impersonating an Information Security Officer (ISO), an attacker obtains information from company employees about their User IDs and passwords. Which method of information gathering has the attacker used?

A : usted path

B : licious logic

C : cial engineering

D : ive misuse

Answer: C

Question 3

When designing a Cyber-Physical System (CPS), which of the following should be a security practitioner's first consideration?

A : tection of sophisticated attackers

B : iliency of the system

C : pology of the network used for the system

D : k assessment of the system

Answer: B

Question 4

Which of the following is true of Service Organization Control (SOC) reports?

A : 1 Type 2 reports assess the security, confidentiality, integrity, and availability of an organization's controls

B : 2 Type 2 reports include information of interest to the service organization's management

C : 2 Type 2 reports assess internal controls for financial reporting

D : 3 Type 2 reports assess internal controls for financial reporting

Answer: B

Question 5

Commercial off-the-shelf (COTS) software presents which of the following additional security concerns?

A : ndors take on the liability for COTS software vulnerabilities.

B : -house developed software is inherently less secure.

C : ploits for COTS software are well documented and publicly available.

D : TS software is inherently less secure.

Answer: C

Page: 1 / 301

Total 1502 Questions | Updated On: Jan 13, 2026

Add To Cart