ISC CISSP Certified Information Systems Security Professional Online Training
ISC CISSP Online Training
The questions for CISSP were last updated at Apr 03,2025.
- Exam Code: CISSP
- Exam Name: Certified Information Systems Security Professional
- Certification Provider: ISC
- Latest update: Apr 03,2025
Intellectual property rights are PRIMARY concerned with which of the following?
- A . Owner’s ability to realize financial gain
- B . Owner’s ability to maintain copyright
- C . Right of the owner to enjoy their creation
- D . Right of the owner to control delivery method
Which of the following types of technologies would be the MOST cost-effective method to provide a reactive control for protecting personnel in public areas?
- A . Install mantraps at the building entrances
- B . Enclose the personnel entry area with polycarbonate plastic
- C . Supply a duress alarm for personnel exposed to the public
- D . Hire a guard to protect the public area
Which of the following actions will reduce risk to a laptop before traveling to a high risk area?
- A . Examine the device for physical tampering
- B . Implement more stringent baseline configurations
- C . Purge or re-image the hard disk drive
- D . Change access codes
All of the following items should be included in a Business Impact Analysis (BIA) questionnaire EXCEPT questions that
- A . determine the risk of a business interruption occurring
- B . determine the technological dependence of the business processes
- C . Identify the operational impacts of a business interruption
- D . Identify the financial impacts of a business interruption
What is the MOST important consideration from a data security perspective when an organization plans to relocate?
- A . Ensure the fire prevention and detection systems are sufficient to protect personnel
- B . Review the architectural plans to determine how many emergency exits are present
- C . Conduct a gap analysis of a new facilities against existing security requirements
- D . Revise the Disaster Recovery and Business Continuity (DR/BC) plan
Which of the following represents the GREATEST risk to data confidentiality?
- A . Network redundancies are not implemented
- B . Security awareness training is not completed
- C . Backup tapes are generated unencrypted
- D . Users have administrative privileges
When assessing an organization’s security policy according to standards established by the International Organization for Standardization (ISO) 27001 and 27002, when can management responsibilities be defined?
- A . Only when assets are clearly defined
- B . Only when standards are defined
- C . Only when controls are put in place
- D . Only procedures are defined
A company whose Information Technology (IT) services are being delivered from a Tier 4 data center, is preparing a companywide Business Continuity Planning (BCP) .
Which of the following failures should the IT manager be concerned with?
- A . Application
- B . Storage
- C . Power
- D . Network
An important principle of defense in depth is that achieving information security requires a balanced focus on which PRIMARY elements?
- A . Development, testing, and deployment
- B . Prevention, detection, and remediation
- C . People, technology, and operations
- D . Certification, accreditation, and monitoring
In a data classification scheme, the data is owned by the
- A . system security managers
- B . business managers
- C . Information Technology (IT) managers
- D . end users