CISSP ISC2 Exam Questions and Free Practice Test

Question 133

- (Exam Topic 11)
If an identification process using a biometric system detects a 100% match between a presented template and a stored template, what is the interpretation of this result?

A. User error

B. Suspected tampering

C. Accurate identification

D. Unsuccessful identification

Correct Answer:B

Question 134

- (Exam Topic 10)
Which of the following actions MUST be taken if a vulnerability is discovered during the maintenance stage in a System Development Life Cycle (SDLC)?

A. Make changes following principle and design guidelines.

B. Stop the application until the vulnerability is fixed.

C. Report the vulnerability to product owner.

D. Monitor the application and review code.

Correct Answer:C

Question 135

- (Exam Topic 11)
Which of the following is the BIGGEST weakness when using native Lightweight Directory Access Protocol (LDAP) for authentication?

A. Authorizations are not included in the server response

B. Unsalted hashes are passed over the network

C. The authentication session can be replayed

D. Passwords are passed in cleartext

Correct Answer:D

Question 136

- (Exam Topic 13)
Which of the following is the MOST effective practice in managing user accounts when an employee is terminated?

A. Implement processes for automated removal of access for terminated employees.

B. Delete employee network and system IDs upon termination.

C. Manually remove terminated employee user-access to all systems and applications.

D. Disable terminated employee network ID to remove all access.

Correct Answer:B

Question 137

- (Exam Topic 10)
Refer to the information below to answer the question.
A large organization uses unique identifiers and requires them at the start of every system session. Application access is based on job classification. The organization is subject to periodic independent reviews of access controls and violations. The organization uses wired and wireless networks and remote access. The organization also uses secure connections to branch offices and secure backup and recovery strategies for selected information and processes.
What MUST the access control logs contain in addition to the identifier?

A. Time of the access

B. Security classification

C. Denied access attempts

D. Associated clearance

Correct Answer:A

Question 138

- (Exam Topic 9)
Which of the following is the FIRST step of a penetration test plan?

A. Analyzing a network diagram of the target network

B. Notifying the company's customers

C. Obtaining the approval of the company's management

D. Scheduling the penetration test during a period of least impact

Correct Answer:C

START CISSP EXAM