Free ISC2 CISSP Exam Questions

Become ISC2 Certified with updated CISSP exam questions and correct answers

Page: 1 / 301

Total 1502 Questions | Updated On: Jan 13, 2026

Add To Cart

Question 1

Which of the fallowing statements is MOST accurate regarding information assets?

A : ternational Organization for Standardization (ISO) 27001 compliance specifies which information assets must be included in asset inventory.

B : Information assets include any information that is valuable to the organization,

C : ilding an information assets register is a resource-intensive job.

D : formation assets inventory is not required for risk assessment.

Answer: B

Question 2

An organization allows ping traffic into and out of their network. An attacker has installed a program on the network that uses the payload portion of the ping packet to move data into and out of the network. What type of attack has the organization experienced?

A : ta leakage

B : filtered channel

C : ta emanation

D : vert channel

Answer: A

Question 3

Which of the following is the PRIMARY risk with using open source software in a commercial software construction?

A : ck of software documentation

B : cense agreements requiring release of modified code

C : piration of the license agreement

D : ts associated with support of the software

Answer: D

Question 4

An employee receives a promotion that entities them to access higher-level functions on the company's accounting system, as well as keeping their access to the previous system that is no longer needed or applicable. What is the name of the process that tries to remove this excess privilege?

A : cess provisioning

B : gregation of Duties (SoD)

C : cess certification

D : cess aggregation

Answer: B

Question 5

What is the foundation of cryptographic functions?

A : cryption

B : pher

C : h

D : tropy

Answer: D

Page: 1 / 301

Total 1502 Questions | Updated On: Jan 13, 2026

Add To Cart