Home > CISSP > Quizzes > CISSP Practice Exam 2
CISSP Practice Exam 2
Fast practice, instant feedback. Timer auto-submits when time’s up.
Avg score: 39% Most missed: “Carla, a security technician, has installed a fingerprint scanner to authenticat…”

Contains practice exam questions from all eight adomains and are weighted for the real Certified Information Systems Security Professional (CISSP) exam as follows:    
15% from Security and Risk Management    
10% from Asset Security    
13% from Security Architecture and Engineering    
13% from Communication and Network Security    
13% from Identity and Access Management (IAM)    
12% from Security Assessment and Testing    
13% from Security Operations    
11% from Software Development Security    

CISSP Practice Exam 2
Time left 00:00
25 Questions

1. Jerry is an ethical hacker attacking LUANG hospital as authorized by their chief information security officer (CISO). Federal investigators notice the attack and raid Jerry's office and arrest him. Why was he MOST LIKELY arrested?
2. Microsoft has put which system together to help analyze common software threats?
3. Jaquan is a security manager creating a corporate security document that states laptops must maintain the latest patches, use ClamAV malware detection software, LibreOffice suite, and Thunderbird email client. This document BEST fits which category?
4. Several signs and emails warn staff not to pick up and use Universal Serial Bus (USB) drives found in parking lots or elsewhere. These types of security notices fall under which category?
5. Buffer overflow attacks occur because of poorly written applications. Attackers exploit the vulnerability and can potentially gain access to the entire computer. These attacks occur where?
6. Computer system features such as the UEFI, a globally unique identifier (GUID) partition table, a universally unique ID (UUID), a trusted platform module (TPM), and SELinux are a part of which security feature?
7. Which of the following represents an acceptable amount of data loss measured in time?
8. Diskless computers with memory and fast central processing units (CPUs), networked to obtain their operating system and data from a centralized server, are called?
9. Terminal Access Controller Access-Control System (TACACS) and TACACS+ systems contain which of the following features?
10. Which of the following describes an infrastructure of using asymmetric keys and certificates for mutual verification?
11. Arthur, chief executive officer (CEO) of Funutek, wishes to implement online purchasing via their website. The chief marketing officer (CMO) likes the idea because the new system can double sales. The CSO fears internet attacks and suggests NOT moving forward. How should Arthur proceed?
12. Phillip, a systems analyst, insists that he did not send an email requesting a ransom. Further analysis shows that the public key of the letter directly relates to Phillip's private key. This is an example of?
13. Ken is a network engineer tuning the network to meet corporate standards. His supervisor informs him that the security measures are making the network perform poorly, and he must remove them. What must BEST be done for the security of the organization?
14. Neicy is a software developer making a computer game. She has the option to reuse source code from previous video games to simplify the task. How should the manager respond?
15. SSO systems have which characteristics?
16. Arie is a hacker who wishes to launch an attack with the least technology possible. Which attack does he MOST Likely perform?
17. Casey, an information technology (IT) intern, opens a case with the corporate support department but they refuse to assist her. This is MOST LIKELY for which reason?
18. What is the primary purpose of configuring a computer room with hot and cold aisles?
19. Prixy is a chef seeking to visit his daughter at the Federal Bureau of Investigation (FBI). He's instructed to go through a door, and the door in front and behind him are locked. While locked in the room, he hears over the speaker that metal is detected and he is being detained. What is the name of this room?
20. SHA-1 hashing has a longer message digest than MD5 hashing. This makes SHA-1 less vulnerable to which kind of attack?
21. Lisa's credit card information was stolen, and she realizes this occurred at the Luke petrol station. She believes the owner should go to prison. Which would MOST LIKELY occur?
22. Brett is a network manager architecting a wired network through Klout Co. Part of the cabling will run above drop ceilings and through raised floors. Which of the following is his BEST recommendation?
23. Bee-Ar Restaurant suffers an incident where a male cook followed a woman into a bathroom, took a photo, and ran out. He is finally caught, and newspapers ask employees for answers. All staff, except for public relations (PR), should be trained to say which of the following?
24. Which of the following is NOT a directive control type?
25. Julie is setting up an intrusion detection system (IDS) that is rule-based. A rule-based IDS has which of the following attributes?