Home > CISSP > Quizzes > CISSP Domain 2: Asset Security
CISSP Domain 2: Asset Security
Fast practice, instant feedback. Timer auto-submits when time’s up.
Avg score: 44% Most missed: “Miomir needs to tighten security access into the server room and wants to add th…”

Domain 2: Asset Security Practice Questions
Questions from the following topics are included in this domain:
Identifying and classifying assets
Provisioning resources securely
Managing the data lifecycle
Security controls and compliance
Asset management
Data protection methods

CISSP Domain 2: Asset Security
Time left 00:00
25 Questions

1. Large United States companies that do not offer data subjects the right to be forgotten may not do which of the following?
2. Marton is the CEO of Generic Smartphones and is holding an emergency meeting with the CISO because their new unpublished phone designs were just published on the internet. He asks the CISO what more can be done since they already have an EDLP solution?
3. Magda, a security engineer, has been tasked with lowering the threshold of monitoring activities as part of her seeking to discover an external threat. What is one of the FIRST things she notices?
4. Donna learned on Linux systems that passwords are stored in a file called /etc/shadow. She uses the sudo command to view the contents of the file, and although she sees her username, she does not see her password. This is because?
5. The Center for Strategic and International Studies (CSIS) has defined 20 critical security controls. Which of the following options is NOT included in the top 5?
6. Ankita is president of SUN Mail Order Services and is a vendor to firms that need bulk letters sent to their clients. According to GDPR, what is SUN Mail Order Services BEST considered as?
7. Hubert desires the best and most expensive security protection for his firm. Which of the following does he select?
8. Jelena, a security administrator, alerts her manager to unencrypted data that's accessible to their customers and prospects. Why does her manager request she leave it unencrypted?
9. A control category that reacts after an incident is called:
10. Iga needs an asset inventory system to help track hardware and software assets, as well as system updates and upgrades. Which of the following systems would assist her BEST?
11. DLP is the securing and protection of data that does which of the following?
12. David-Michael runs the RMS hospital in Cleveland. Randigreg is the owner/operator of SGI Medical Billing, a supplier to the RMS hospital. SGI Medical Billing was attacked by overseas hackers, and the RMS hospital's records were stolen. Which organization is legally accountable for the data breach?
13. Barbara is a junior administrator given privileges to manage printers and hard drives. She is not given the privilege to manage networks and users. This is an example of enforcing which practice?
14. Tempest equipment is used to mitigate which of the following?
15. Fiona, a security manager, is putting together a minimum level of requirements for specific levels of classifications. These are also known as what?
16. Agent-based CASBs inspect which of the following data?
17. This type of IDS learns what is normal for the environment, and triggers events when outside of these profiles. What is this BEST described as?
18. Juan, a security manager, decides to use the United States Government Configuration Baseline system, but needs to remove some of the options because they do not fit with his environment. This is also known as what?
19. Which of the following is NOT one of the Generally Accepted Security Principles?
20. Corentin, a systems administrator, received notification that several systems he supports will reach EOL in 12 months. What is the biggest risk to his organization?
21. Which of the following is NOT a physical access control type?
22. Aljaz, a security engineer, is tasked with finding and installing a device that monitors network activities. Which of the following does he recommend?
23. Which of the following options is a non-technical method to obtain a user's password?
24. An SSO system is characterized by which of the following options?
25. Lorenzo has been transferred from the marketing department to sales. Six months earlier he worked in the finance department. Which risk should be MOST considered?