CISSP Practice Exam


CISSP Practice Exam

Certified Information Systems Security Professional

After you study your text books it is important to test your newly acquired knowledge and see just how well you have absorbed the material. Practice exams….

* Reinforces what you learnt – fill in the gaps of what you missed

* Gets you used to answering questions to build confidence and familiarity

Here are 10 Multiple choice exams questions for you to practice on:


Question 1# – Which risk management methodology uses the exposure factor multiplied by the asset value to determine its outcome?

A. Annualized Loss Expectancy

B. Single Loss Expectancy

C. Annualized Rate of Occurrence

D. Information Risk Management


Question 2# – Which of the following is *NOT* a symmetric key algorithm?

A.) Blowfish

B.) Digital Signature Standard (DSS)

C.) Triple DES (3DES)

D.) RC5


Question 3# – Related to information security, availability is the opposite of which of the following?

A. Delegation

B. Distribution

C. Documentation

D. Destruction


Question 4# – Why should organizations enforce separation of duties?

A. It ensures compliance with federal union rules

B. It helps verify that all employees know their job tasks

C. It provides for a better work environment

D. It encourages collusion

E. It is considered valuable in deterring fraud


Question 5# – Which of the following is most concerned with personnel security?

A. Management controls

B. Operational controls

C. Technical controls

D. Human resources controls.


Question 6# – Which one of the following devices might be used to commit telecommunications fraud using the “shoulder surfing” technique?

A. Magnetic stripe copier

B. Tone generator

C. Tone recorder

D. Video recorder


Question 7# – What are database views used for?

A. To ensure referential integrity.

B. To allow easier access to data in a database.

C. To restrict user access to data in a database.

D. To provide audit trails.


Question 8# – Which of the following services is not provided by the digital signature standard (DSS)?

A.) Encryption

B.) Integrity

C.) Digital signature

D.) Authentication


Question 9# – Which one of the following describes a covert timing channel?

A. Modulated to carry an unintended information signal that can only be detected by special, sensitive receivers.

B. Used by a supervisor to monitor the productivity of a user without their knowledge.

C. Provides the timing trigger to activate a malicious program disguised as a legitimate function.

D. Allows one process to signal information to another by modulating its own use of system resources.


Question 10# – Valuable paper insurance coverage does not cover damage to which of the following?

A.) Inscribed, printed and written documents

B.) Manuscripts

C.) Records

D.) Money and Securities



Question 1# – Correct Answers: B

Question 2# – Correct Answers: B

Question 3# – Correct Answers: D

Question 4# – Correct Answers: E

Question 5# – Correct Answers: B

Question 6# – Correct Answers: C

Question 7# – Correct Answers: C

Question 8# – Correct Answers: A

Question 9# – Correct Answers: D

Question 10# – Correct Answers: D


Source by Georgia Stath

· · · · ·

Related Articles & Comments

Menu Title