CISSP Online Practice Questions and Answers

Secure real-time transport protocol (SRTP) provides security for which of the following?

A. time sensitive e-communication

B. Voice communication

C. Satellite communication

D. Network Communication for real-time operating systems

Which of the following approaches is the MOST effective way to dispose of data on multiple hard drives?

A. Delete every file on each drive.

B. Destroy the partition table for each drive using the command line.

C. Degauss each drive individually.

D. Perform multiple passes on each drive using approved formatting methods.

How should an organization determine the priority of its remediation efforts after a vulnerability assessment has been conducted?

A. Use an impact-based approach.

B. Use a risk-based approach.

C. Use a criticality-based approach.

D. Use a threat-based approach.

What MUST each information owner do when a system contains data from multiple information owners?

A. Provide input to the Information System (IS) owner regarding the security requirements of the data

B. Review the Security Assessment report (SAR) for the Information System (IS) and authorize the IS to operate.

C. Develop and maintain the System Security Plan (SSP) for the Information System (IS) containing the data

D. Move the data to an Information System (IS) that does not contain data owned by other information owners

Which of the following provides the minimum set of privileges required to perform a job function and restricts the user to a domain with the required privileges?

A. Access based on rules

B. Access based on user's role

C. Access determined by the system

D. Access based on data sensitivity

When defining a set of security controls to mitigate a risk, which of the following actions MUST occur?

A. Each control's effectiveness must be evaluated individually

B. Each control must completely mitigate the risk

C. The control set must adequately mitigate the risk

D. The control set must evenly divide the risk

Wireless users are reporting intermittent Internet connectivity. Connectivity is restored when the users disconnect and reconnect, utilizing the web authentication process each time.

The network administrator can see the devices connected to the APs at all times. Which of the following steps will MOST likely determine the cause of the issue?

A. Verify the session time-out configuration on the captive portal settings

B. Check for encryption protocol mismatch on the client's wireless settings.

C. Confirm that a valid passphrase is being used during the web authentication.

D. Investigate for a client's disassociation caused by an evil twin AP

A small office is running WiFi 4 APs, and neighboring offices do not want to increase the throughput to associated devices. Which of the following is the MOST cost-efficient way for the office to increase network performance?

A. Add another AP.

B. Disable the 2.4GHz radios

C. Enable channel bonding.

D. Upgrade to WiFi 5.

Which of the following has the responsibility of information technology (IT) governance?

A. Chief Information Officer (CIO)

B. Senior IT Management

C. Board of Directors

D. Chief Information Security Officer (CISO)

The development team has been tasked with collecting data from biometric devices. The application will support a variety of collection data streams. During the testing phase, the team utilizes data from an old production database in a secure testing environment. What principle has the team taken into consideration?

A. biometric data cannot be changed.

B. Separate biometric data streams require increased security.

C. The biometric devices are unknown.

D. Biometric data must be protected from disclosure.