CISSP ISC2 Exam Questions and Free Practice Test

Question 73

- (Exam Topic 12)
What is the MOST important element when considering the effectiveness of a training program for Business Continuity (BC) and Disaster Recovery (DR)?

A. Management support

B. Consideration of organizational need

C. Technology used for delivery

D. Target audience

Correct Answer:B

Question 74

- (Exam Topic 9)
The process of mutual authentication involves a computer system authenticating a user and authenticating the

A. user to the audit process.

B. computer system to the user.

C. user's access to all authorized objects.

D. computer system to the audit process.

Correct Answer:B

Question 75

- (Exam Topic 10)
Refer to the information below to answer the question.
A security practitioner detects client-based attacks on the organization’s network. A plan will be necessary to address these concerns.
What MUST the plan include in order to reduce client-side exploitation?

A. Approved web browsers

B. Network firewall procedures

C. Proxy configuration

D. Employee education

Correct Answer:D

Question 76

- (Exam Topic 12)
Which of the following countermeasures is the MOST effective in defending against a social engineering attack?

A. Mandating security policy acceptance

B. Changing individual behavior

C. Evaluating security awareness training

D. Filtering malicious e-mail content

Correct Answer:C

Question 77

- (Exam Topic 12)
In the Software Development Life Cycle (SDLC), maintaining accurate hardware and software inventories is a critical part of

A. systems integration.

B. risk management.

C. quality assurance.

D. change management.

Correct Answer:D

Question 78

- (Exam Topic 11)
Which of the following is the PRIMARY concern when using an Internet browser to access a cloud-based service?

A. Insecure implementation of Application Programming Interfaces (API)

B. Improper use and storage of management keys

C. Misconfiguration of infrastructure allowing for unauthorized access

D. Vulnerabilities within protocols that can expose confidential data

Correct Answer:D

START CISSP EXAM