Free ISC2 CISSP Exam Questions

Become ISC2 Certified with updated CISSP exam questions and correct answers

Page: 1 / 301

Total 1502 Questions | Updated On: Aug 21, 2019

Add To Cart

Question 1

Which of the following is the BEST method a security practitioner can use to ensure that systems and sub-system gracefully handle invalid input?

A : gative testing

B : tegration testing

C : it testing

D : ceptance testing

Answer: B

Question 2

An international medical organization with headquarters in the United States (US) and branches in France

wants to test a drug in both countries. What is the organization allowed to do with the test subject's data?

A : gregate it into one database in the US

B : ocess it in the US, but store the information in France

C : are it with a third party

D : onymize it and process it in the US

Answer: B

Question 3

Which of the following is established to collect information Se eee ee ee nation readily available in part through implemented security controls?

A : curity Assessment Report (SAR)

B : ganizational risk tolerance

C : formation Security Continuous Monitoring (ISCM)

D : k assessment report

Answer: D

Question 4

Which of the following is a weakness of Wired Equivalent Privacy (WEP)?

A : ngth of Initialization Vector (IV)

B : otection against message replay

C : tection of message tampering

D : ilt-in provision to rotate keys

Answer: A

Question 5

Which of the following actions MUST be taken if a vulnerability is discovered during the maintenance stage in a System Development Life Cycle (SDLC)?

A : ke changes following principle and design guidelines.

B : op the application until the vulnerability is fixed.

C : port the vulnerability to product owner.

D : nitor the application and review code.

Answer: C

Page: 1 / 301

Total 1502 Questions | Updated On: Aug 21, 2019

Add To Cart