If you are planning to prepare for CISSP exam, but not sure how the hard the exam is and you want to try out a sample test, you can take our CISSP practice test.
CISSP Sample Test
Start
Congratulations - you have completed CISSP Sample Test.
You scored %%SCORE%% out of %%TOTAL%%.
Your performance has been rated as %%RATING%%
Your answers are highlighted below.
Question 1 |
Which of the following is the number one priority of a disaster recovery planning?
A | Preservation of IT assets |
B | resumption of business functionalities |
C | Personnel evacuation and safety |
D | minimize reputation damage |
Question 2 |
An access control system that grants access to information based on that information's classification and the clearance of the individual is known as:
A | Mandatory access control |
B | Identity-based access control |
C | Clearance-based access control |
D | Role-based access control |
Question 3 |
What do we call a database that contains the data structures used by an application:
A | data schema |
B | data controller |
C | meta data |
D | data dictionary |
Question 4 |
The process used to break the key and the plain text from an enciphered text is called
A | decryption |
B | data ciphering |
C | cryptanalysis |
D | data extraction |
Question 5 |
Access control and card keys are examples of which control systems?
A | preventive controls |
B | detection controls |
C | correction controls |
D | access controls |
Question 6 |
What is the main purpose of separation of authority in an organization?
A | to ensure that only one person can perform a specific task. |
B | to limit the capabilities of each individual |
C | to ensure access control systems are effective |
D | to improve change management systems |
Question 7 |
Why UDP is known as unreliable protocol?
A | UDP has less priority than TCP. |
B | UDP does not use communication channel coding . |
C | UDP packets are prone to errors. |
D | UDP does not guarantee delivery of packets. |
Question 8 |
Which one is not a goal of business impact assessment?
A | to identify critical business functions |
B | to determine the maximum acceptable downtime |
C | to identify critical IT resources |
D | to determine the effectiveness of access control systems |
Question 9 |
What is the purpose of service level agreement(SLA)?
A | to guarantee a maximum level of quality of service required for an application. |
B | to guarantee a minimum level of quality of service required for an application. |
C | to troubleshoot the issues and faults as soon as they occurs. |
D | to ensure a high level of customer satisfaction. |
Question 10 |
The method of cryptography in which both the sender and the recipient use the same key is known as
A | public key cryptography |
B | private key cryptography |
C | message hashing |
D | secret key cryptography |
Question 11 |
What does forensics mean?
A | the process of discovering compromised file. |
B | tracking down the prepertator who access the data illegally. |
C | preserving evidence of breached system files and data |
D | the activity of discovering, preserving, and recording evidence. |
Question 12 |
Security cameras and audit trails are examples of:
A | detective controls. |
B | preventive controls. |
C | correction conrols. |
D | access controls. |
Question 13 |
where can you find Firmware?
A | RAM |
B | Hard disk |
C | ROM or EPROM |
D | USB device |
Question 14 |
Why TCP is a poor choice for streaming video?
A | it does not allow bursty data flow. |
B | TCP adds unnecessary overhead such as acknowledgement and sequencing. |
C | it has poor error control mechanism. |
D | it does not support real time protocol |
Question 15 |
Why does the distribtution of a user's public key not compromise the secrecy of the PKI ?
A | because public key is encrypted. |
B | because it only uses the hash value of the actual public key. |
C | because a private key is required in conjunction with the public key to decipher the messages. |
D | because public key is encrypted with a secret key. |
Question 16 |
Who is responsible for classifying information?
A | information asset custodian. |
B | risk manager. |
C | information owner. |
D | IT auditor |
Question 17 |
What is the main differene between a warm site and a hot site?
A | warm is always powered down and not connected to the main site. |
B | warm site is much closer the head office of an organization than a hot site. |
C | there is no major difference between a warm site and a hot site. |
D | the warm site's IT systems don't have the organization's software or data installed. |
Question 18 |
What is data mining?
A | storing and securing data in a hot site |
B | searches for correlations, patterns, and trends in a data warehouse. |
C | archiving unnessary data for future use. |
D | synchromizing data among all the relational databases in an organization. |
Question 19 |
The process of mapping the available physical memory into a larger memory is known as
A | memory swapping. |
B | spooling. |
C | memory extention. |
D | virtual memory. |
Question 20 |
Who is responsible for information protection?
A | data custodian. |
B | data owner. |
C | security manager. |
D | system engineer. |
Once you are finished, click the button below. Any items you have not completed will be marked incorrect.
Get Results
There are 20 questions to complete.
You have completed
questions
question
Your score is
Correct
Wrong
Partial-Credit
You have not finished your quiz. If you leave this page, your progress will be lost.
Correct Answer
You Selected
Not Attempted
Final Score on Quiz
Attempted Questions Correct
Attempted Questions Wrong
Questions Not Attempted
Total Questions on Quiz
Question Details
Results
Date
Score
Hint
Time allowed
minutes
seconds
Time used
Answer Choice(s) Selected
Question Text
All done
Need more practice!
Keep trying!
Not bad!
Good work!
Perfect!
