Free ISC2 CISSP Exam Questions

Become ISC2 Certified with updated CISSP exam questions and correct answers

Page: 1 / 301

Total 1502 Questions | Updated On: Mar 26, 2026

Add To Cart

Question 1

When conducting a security assessment of access controls , Which activity is port of the data analysis phase?

A : llect logs and reports.

B : esent solutions to address audit exceptions.

C : tegorize and Identify evidence gathered during the audit

D : nduct statiscal sampling of data transactions.

Answer: C

Question 2

The Open Web Application Security Project's (OWASP) Software Assurance Maturity Model (SAMM) allows organizations to implement a flexible software security strategy to

measure organizational impact based on what risk management aspect?

A : k tolerance

B : k exception

C : k treatment

D : k response

Answer: D

Question 3

What is the MINIMUM standard for testing a disaster recovery plan (DRP)?

A : mi-annually and in alignment with a fiscal half-year business cycle

B : nually or less frequently depending upon audit department requirements

C : arterly or more frequently depending upon the advice of the information security manager

D : often as necessary depending upon the stability of the environment and business requirements

Answer: D

Question 4

If traveling abroad and a customs official demands to examine a personal computer, which of the following should be assumed?

A : hard drive has been stolen.

B : Internet Protocol (IP) address has been copied.

C : hard drive has been copied.

D : Media Access Control (MAC) address was stolen

Answer: C

Question 5

The security team plans on using automated account reconciliation in the corporate user access review process. Which of the following must be implemented for the BEST results with fewest errors when running the audit?

A : moval of service accounts from review

B : gregation of Duties (SoD)

C : ear provisioning policies

D : equent audits

Answer: C

Page: 1 / 301

Total 1502 Questions | Updated On: Mar 26, 2026

Add To Cart