CISSP Domain 1 - Example Exam Questions -

CISSP Domain 1 Questions

CISSP Domain 1 Questions – List of free CISSP Domain 1 Questions and answers to help you prepare for the CISSP Exam.

Risk Management is commonly understood as all of the following EXCEPT:

Analyzing and assessing risk
Likelihood of a risk occurring
Identifying risk
Accepting or mitigation of risk

Note: Risk management involves Identifying the risk, Analyzing the risk and mitigating the risk. Remember – Identify, Analyse, Mitigate.

All of the following items should be included in a Business Impact Analysis (BIA) questionnaire EXCEPT
questions that

determine the risk of a business interruption occurring
determine the technological dependence of the business processes
Identify the operational impacts of a business interruption
Identify the financial impacts of a business interruption

Brian recently purchased a cybersecurity insurance policy that will cover his organization’s expenses in the event of a data breach. What risk management strategy is Brian pursuing?

Risk mitigation
Risk transference
Risk avoidance
Risk acceptance

When assessing the security of Industry Control Systems (ICS) What is the primary focus of a “Red Team” Engagement?

Auditing compliance with industry standards and regulations
Simulating realistic cyber-attacks to test ICS defenses
Conducting penetration tests on ICS devices
Identifying vulnerabilities in the ICS network infrastructure

What is Masquerading?

When a threat actor spoofs his IP address
Attempting to hack a system through backdoors to an operating system
Pretending to be an authorized user
When you apply a subnet mask to an IP address range

What supports the principle of “least privilege” by providing that only authorized individuals, processes, or systems should have access to information on a need-to-know basis.

Deterrent Controls
Confidentiality
Incident
Availibility

Darren is deploying full disk encryption on all of the laptops belonging to his organization. What security goal is he most likely attempting to meet?

Confidentiality
Non-repudiation
Integrity
Availability

Gina is conducting a business impact analysis for the threat of an earthquake damaging her facility. She consults with experts and determines that there is a 1 percent risk of a significant earthquake in any given year. The facility is valued at $10,000,000 and Gina estimates that the earthquake would cause approximately $1,000,000 in damage.

What is the ARO in this scenario?

0.01
1
1,000,000
10,000

Which of the following is the MOST critical consideration when designing a disaster recovery plan for a data centre?

Redundant power providers
Geographical location of the backup Data center
Backup of disaster recovery plan
Knowledge of geographic disasters

All of the following are basic components of a security policy EXCEPT the

Definition of the issue and statement of relevant terms.
Statement of roles and responsibilities
Statement of applicability and compliance requirements.
Statement of performance of characteristics and requirements.

The US-EU Safe Harbor process has been created to address which of the following?

Integrity of data transferred between U.S. and European companies
Confidentiality of data transferred between U.S and European companies
Protection of personal data transferred between U.S and European companies
Confidentiality of data transferred between European and international companies

Imprisonment is a possible sentence under:

Civil (tort) law
Criminal law
Both civil and criminal law
Neither civil nor criminal law

Which one is not an Access Control Type

Preventative
Detective
Corrective
Administrative

Who “owns” an organization’s data?

Users
Business units
Data custodians
Information technology group

Which business continuity document is a functional analysis that lists the critical and necessary business functions, their resources dependencies and their level of criticality to the overall organisation?

DRP
BIA
Contingency Plan
BCP

Which of the following represents the GREATEST risk to data confidentiality?

Network redundancies are not implemented
Security awareness training is not completed
Backup tapes are generated unencrypted
Users have administrative privileges

Helen is designing a security document that will include optional advice to administrators of Windows systems. What type of document is she creating?

Guideline
Standard
Procedure
Policy

After Identifying a fraud, a security professional seeks to implement policies to reduce fraud and the possibility of employe collaboration. Which of the following is the MOST effective control to detect and prevent similar fraud in the future?

Separation of duties
Job rotation
Mandatory vacation
Least privilege

Who is accountable for the information within an Information System (IS)?

Security manager
System owner
Data owner
Data processor

Procedures implemented to define the roles, responsibilities, policies, and administrative functions needed to manage the control environment.

Integrity
Risk transfer
Compensating controls
Administrative controls

What is the MOST important element when considering the effectiveness of a training program for Business Continuity (BC) and Disaster Recovery (DR)?

Management support
Consideration of organizational need
Technology used for delivery
Target audience

According to the Internet Activities Board (IAB), an activity that causes which of the following is considered a violation of ethical behavior on the Internet?

Wasting resources
Appropriating other people’s intellectual output
Using a computer to steal
Using a computer to bear false witness

Integrity is the protection of data from all of the following except

Accidental changes
Intentional manipulation
Data analysis
Unauthorised changes

Which background check is MOST important when hiring someone who will be operating a motor vehicle?

Credit history
Driving record
Education verification
Immigration status

A security policy would include all of the following EXCEPT

Background
Scope statement
Audit requirements
Enforcement

Controls that substitute for the loss of primary controls and mitigate risk down to an acceptable level.

Compliance
Compensating controls
Corrective controls
Preventive controls

A main objective of security awareness training is:

Provide understanding of responsibilities
To be repetitive to ensure accountability
Overcoming all resistance to security procedures
entertaining the users through creative programs

A security event that compromises the confidentiality, integrity, or availability of an information asset.

Incident
Breach
Trademark
Due care

Which of the following is NOT a category of law under the Common Law System ?

Criminal law
Civil law
Administrative/Regulatory law
Derived law

A vendor provides you with a SOC2 type II report. Which of the following statements MOST accurately interprets this report?

The vendor’s system controls are properly designed
The vendor’s systems controls have been audited over a specific period of time and were to be found to be operating effectively
The vendor has no significant security vulnerabilities
The vendor has achieved a certain level of compliance with a recognised standard

In Disaster Recovery (DR) and Business Continuity (DC) training, which BEST describes a functional drill?

a functional evacuation of personnel
a specific test by response teams of individual emergency response functions
an activation of the backup site
a full-scale simulation of an emergency and the subsequent response functions.

Data classification can assist an organization in:

Eliminating regulatory mandates
Lowering accountability of data classifiers
Reducing costs for protecting data
Normalisation of databases

Which one of the following is an important characteristic of an information security policy?

Identifies major functional areas of information.
Quantifies the effect of the loss of the information.
Requires the identification of information owners.
Lists applications that support the business function.

In a security Incident response plan, what is the MOST crucial step immediately after detecting a security incident?

Identifying the scope and impact of the incident
Implement containment and mitigation measures
Gathering evidence for legal prosecution
Notifying executive management and stakeholders

Which one of the following U.S. Acts prohibits trading, manufacturing, or selling in any way that is intended to bypass copyright protection mechanisms?

The 1999 Uniform Information Transactions Act (UCITA)
The 1998 Digital Millennium Copyright Act (DMCA)
The 1998 Sonny Bono Copyright Term Extension Act
The 1987 U.S. Computer Security Act

In most cases, integrity is enforced through:

Physical security
Access controls
Logical security
Confidentiality

What is the first step of business continuity?

Develop recovery strategies
Develop the continuity planning policy statements
Develop the contingency plan
Identify preventative controls

Social engineering can take many forms EXCEPT:

Coercion or intimidation
Sympathy
Dumpster diving
Eavesdropping

What is the AV in this scenario?

$10,000,000
$10,000
$100,000
$1,000,000

Which one of the following items is NOT TRUE concerning the Platform for Privacy Preferences (P3P) developed by the World Wide Web Consortium (W3C)?

It allows Web sites to express their privacy practices in a standard format that can be retrieved automatically and interpreted easily by user agents.
It allows users to be informed of site practices in human-readable format.
It does not provide the site privacy practices to users in machine-readable format.
It automates decision-making based on the site’s privacy practices when appropriate.

A combination of the probability of an event and its consequence (ISO 27000) and an exception to loss expressed as the probability that a particular threat will exploit a particular vulnerability with a particular harmful result (RFC 2828).

Breach
Copyright
Patent
Risk

Which of the following Best describes the concept of “Due care” in security governance?

Assigning security responsibilities Soley to the IT department
Exercising reasonable security measures to protect assets
Implementing controls to prevent all security incidents
Conducting thorough security audits on a quarterly basis

Which of the following would be the first step in establishing an information security program?

Adoption of a corporate information security policy statement
Development and implementation of an information security standards manual
Development of a security awareness-training program
Purchase of security access control software

What is the SLE in this scenario?

$100,000
$10,000
$10,000,000
$1,000,000

What process facilitates the balance of operational and economic costs of protective measures with gains in mission capability?

Performance testing
Risk assessment
Security audit
Risk management

In a security incident response plan, what is the PRIMARY purpose of a post incident review?

Communicating the incident to external parties, like customers and the media
Assessing the effectiveness of the response and identifying areas for improvement
Identifying and prosecuting attackers responsible for the incident
Restoring affected systems and services to normal operation

A security program cannot address which of the following business goals?

Accuracy of Information
Prevention of fraud
User expectations
Change control

In which one of the following documents is the assignment of individual roles and
responsibilities MOST appropriately defined?

Security policy
Enforcement guidelines
Acceptable use policy
Program manual

Conducting a search without the delay of obtaining a warrant if destruction of evidence seems imminent is possible under:

Federal Sentencing Guidelines
Proximate Causation
Exigent Cirumstances
Prudent Man Rule

In which phase of the embedded device analysis are checksums utilized?

Collection
Preservation
Presentation
Analysis

Which of the following embodies all the detailed actions that personnel are required to follow?

Standards
Guidelines
Procedures
Baselines

Security is a process that is:

Continuous
Indicative
Examined
Abnormal

A trade secret:

Provides the owner with a legally enforceable right to exclude others from practicing the art covered for a specified time period
Protects original works of authorship
Secures and maintains the confidentiality of proprietary technical or business-related information that is adequately protected from disclosure by the owner
Is a word, name, symbol, color, sound, product shape, or device used to identify goods and to distinguish them from those made or sold by others

Preventive Controls: Authorizes the President to designate those items that shall be considered as defense articles and defense services and control their import and the export.

True
False

What is a primary target of a person employing social engineering?

An individual
An information system
Government agencies
A policy

Barry’s organization recently entered into a partnership with a healthcare system to perform analytics on patient data. The compliance team at the customer organization is asking Barry to sign a business associate agreement (BAA).

What regulation requires this agreement?

FERPA
PCI DSS
GLBA
HIPAA

What is enticement ?

Encouraging the commission of a crime when there was initially no intent to commit a crime
Assisting in the commission of a crime
Luring the perpetrator to an attractive area or presenting the perpetrator with a lucrative target after the crime has already been initiated
Encouraging the commission of the one crime over another

Due Care: Defined as the difference between the original value and the remaining value of an asset after a single exploit.

True
False

Which of the following is a series of steps or actions taken in order to achieve a particular end?

Workflow
Process
Runbook
Procedure

The percentage or degree of damage inflicted on an asset used in the calculation of single loss expectancy can be referred to as:

Likelihood
Exposure Factor (EF)
Vulnerability
Annualized rate of Occurrence (ARO)

Availability: The principle that ensures that information is available and accessible to users when needed.

True
False

In general, computer-based evidence is considered:

Conclusive
Circumstantial
Secondary
Hearsay

An information security policy does NOT usually include:

Guidelines for how to implement policy
Basis for data classification
Recognition of Information as an asset of the organisation
Authority for information security department

Recovery Controls: Controls implemented to restore conditions to normal after a security incident.

True
False

An organisation wants to ensure its sensitive data is unreadable if it is intercepted during transm,ission. Which principle is the organisation MOST concerned about?

Integrity
Confidentiality
Non-repudiation
Availability

The absence of a fire-suppression system would be best characterized as a(n):

Risk
Vulnerability
Threat
Exposure

What does the prudent man rule require ?

Senior officals to post performance bonds for their actions
Senior officials to perform their duties with the care that ordinary, prudent people would exercise under similar circumstances
Senior officials to guarantee that all precautions have been taken and that no breaches of security can occur
Senior officials to follow specified government standards

Trademark: Established to contribute to regional and international security and stability by promoting transparency and greater responsibility in transfers of conventional arms and dual use goods and technologies, thus preventing destabilizing accumulations.

True
False

In an accounting department, several people are required to complete a financial process. This is most likely an example of:

Segregation of duties
Rotation of duties
Need-to-know
Collusion

Investigating and prosecuting computer crimes is made more difficult because:

Backups may be difficult to find
Evidence is mostly intangible
Evidence cannot be preserved
Evidence is hearsay and can never be introduced into a court of law.

Responsibility for handling computer crimes in the United States is assigned to;

The Federal Bureau of Investigation (FBI) and the Secret Service
The FBI only
The National Security Agency (NSA)
The Central Intelligence Agency (CIA)

Detective Controls: Controls designed to signal a warning when a security control has been breached.

True
False

Which of the following is the MOST critical factor for ensuring the success of a security governance program?

Comprehensive security polices
Strong Executive support
Experienced security staff
Advanced technology solutions

A risk management project may be subject to overlooking certain types of threats. What can assist the risk management team to prevent that?

Automated tools
Recalculation of the work factor
adoption of qualitative risk assessment processes
Increased reliance on internal experts for risk assessment

Patent: Electronic hardware and software solutions implemented to control access to information and information networks.

True
False

What document is an agreement between a software vendor and a business customer, specifying the terms of use?

Non-disclosure agreement
Software license agreement
End user license agreement
Acceptable use policy

Incident response planning can be instrumental in:

Meeting regulatory requirements
Creating customer loyalty
Reducing the impact of an adverse event on the organisation
Ensuring management makes the correct decisions in a crisis

Integrity: A process designed to identify potential events that may affect the entity, manage risk so it is within its risk appetite, and provide reasonable assurance regarding the achievement of entity objectives.

True
False

The Kennedy-Kassebaum Act is also known as:

RICO
OECD
HIPAA
EU Directive

Risk Assessment includes all of the following EXCEPT:

Ensuring that risk is managed
Strategic analysis of risk
Analysis of the current state of security in the target environment
Implementation of effective counter measures

Risk Management: The practice of passing on the risk in question to another entity, such as an insurance company.

True
False

Data Disclosure: A breach for which it was confirmed that data was actually disclosed (not just exposed) to an unauthorized party.

True
False

Which organisational role owns a system and must work with other users to ensure that data is secure?

Data owner
System owner
Data custodian
Business owner

The role of an information custodian should NOT include:

Ensuring the availability of data
Regular backups of data
Establishing retention periods for data
Restoration of lost or corrupted data

Which of the following protocols will populate the protocol field of the IP header with a value of 6?

UDP
TCP
IGMP
ICMP

$100,000
$10,000,000
$1,000,000
$10,000

$10,000,000
$1,000,000
$100,000
$10,000

Which one of the following is not a canon of the (ISC)² code of ethics?

Protect society, the common good, necessary public trust and confidence, and the infrastructure.
Advance and protect the profession.
Report violations of law to appropriate authorities.
Act honorably, justly, responsibly, and legally.

Frances would like to ensure that a book she wrote is protected from unauthorized duplication. What type of intellectual property protection is most appropriate?

Copyright
Trade secret
Patent
Trademark

A loss of electricity is an example of which type of threat?

Man made threat
System threat
Natural threat
Internal threat

CISSP Domain 1 – Example Exam Questions

CISSP Domain 1 Questions

Related

By SuperTechman

Leave a Reply Cancel reply

Top Posts

How to Use Tabs in File Explorer on Windows 11

How to Use Focus Sessions in Windows 11 to Boost Productivity

How to Increase Security by Using Passkeys in Windows 11

How to Customize the Quick Settings Panel in Windows 11