ISC CISSP Practice Questions

RBAC (Role Based Access Control): A role is assigned permissions, and subjects in that role are added to the group, if they move to another position they are moved to the permissions group for that position.

Question 272

Our organization has a lot of different and diverse leadership. Who is responsible for the day-to-day leadership?

The CSO.

The CIO.

The CEO.

The CFO

check_circle

Correct AnswerC

The Chief Executive Officer is responsible for the day to day leadership of the organization, the board may provide the direction.

Question 273

Which type of fire extinguisher would you use on a metal fire?

Wet chemical.

Class A.

Dry powder.

Soda-Acid.

check_circle

Correct AnswerC

Dry Powder Extinguishers (sodium chloride, graphite, ternary eutectic chloride). Lowers the temperature and removes oxygen in the area. Primarily used for metal fires (sodium, magnesium, graphite).

Question 274

Which of these is a COMMON attack against data at rest?

Screen scrapers.

Stealing unencrypted laptops.

Keyloggers.

MITM.

check_circle

Correct AnswerB

If we do not encrypt our laptops which uses the data from our database, it is a very good attack vector for someone wanting to steal our data.

Question 275

When we look at using type 3 authentication, we would talk about all these terms EXCEPT which?

FAR.

FRR.

CER.

CRR.

check_circle

Correct AnswerD

Something you are - Type 3 Authentication (Biometrics), uses Errors for Biometric Authentication: FRR (False rejection rate), FAR (False accept rate) and CER (Crossover Error Rate).

Question 276

Looking at our relational databases and the errors they can have, if we talk about semantic integrity, to what are we referring?

Each tuple has a unique primary value that is not null.

Each attribute value is consistent with the attribute data type.

When the database has errors.

When every foreign key in a secondary table matches the primary key in the parent table.

check_circle

Correct AnswerB

Semantic integrity: Each attribute value is consistent with the attribute data type.

Question 277

A new network administrator is asking questions about a security audit we are having done. What would you explain to her it is?

Testing against a published standard.

Internal IT Security employees double checking their work.

External auditors comes in.

Internal auditors looking for flaws.

check_circle

Correct AnswerA

Security audit: A test against a published standard. Purpose is to validate/verify that an organization meets the requirements as stated in the published standard.

Question 278

We have had a security breach. We have already reissued Type 1 and 2 authentications to our users. How would we reissue a new type 3 authentication to them?

Give them a new password.

We can't.

Give them a new ID card.

Give them a HOTP token.

check_circle

Correct AnswerB

With biometrics we can't reissue authentication factors. You have the same fingerprints. If compromised, nothing can be done other than to stop using them.

Question 279

We have smoke photoelectric detectors installed in our data center. What do they detect?

A change in the light indicating higher particle density.

A rise in temperature indicating a fire.

The infrared light emitted from a fire.

If the light is off in the data center.

check_circle

Correct AnswerA

Smoke Detectors: Photoelectric uses LED (Light Emitting Diode) and a photoelectric sensor that produces a small charge while receiving light. Triggers when smoke or any higher particle density interrupts the light.

Question 280

When Jane is designing the specifications in our Disaster Recovery Plan (DRP), she is including technology and countermeasures for hurricanes. Which type of disasters is the focused on?

All of these.

Natural.

Environmental.

Man made.

check_circle

Correct AnswerB

Natural: Hurricanes, floods, earthquakes, blizzards, anything that is caused by nature.

chevron_left 1...27 28 29...33 chevron_right

AcingExam

Precision in Certification. Momentum in Career.

Product

Home
View All Exams

Company

About Us
Privacy Policy
Terms of Service

Connect

public alternate_email share

System Status: Optimal

AcingExam

homeHome local_fire_departmentPopular Exams library_booksView All Exams mailContact

AcingExam

Precision in Certification. Momentum in Career.

Product

Home
View All Exams

Company

About Us
Privacy Policy
Terms of Service

Connect

public alternate_email share

System Status: Optimal

ISC CISSP Practice Questions - AcingExam

mail[email protected]

Trusted by 1.5M+ IT Professionals

AcingExam

homeHome local_fire_departmentPopular Exams library_booksView All Exams mailContact

Homechevron_rightISCchevron_rightCISSPchevron_rightPractice Questions

The latest changes and updates from the administration for this exam.

verified

Latest Update: Jun 13 2026

All questions are working fine.

All Questions (645)bookmarkBookmarked (0)

All645Show all accessible questions in this exam.Missed645Questions you haven't attempted yet.Incorrect0Questions you answered incorrectly on your last attempt.

Question 271

We have an employee who is moving from IT to HR. If we are using Role Based Access Control (RBAC) access control, what would we do to his access?

Add HR to his rights.

Have the data owner give the employee the rights he needs.

Check his clearance and add access accordingly to that.

Add HR remove IT.

check_circle

Correct AnswerD

Question 272

Our organization has a lot of different and diverse leadership. Who is responsible for the day-to-day leadership?

The CSO.

The CIO.

The CEO.

The CFO

check_circle

Correct AnswerC

The Chief Executive Officer is responsible for the day to day leadership of the organization, the board may provide the direction.

Question 273

Which type of fire extinguisher would you use on a metal fire?

Wet chemical.

Class A.

Dry powder.

Soda-Acid.

check_circle

Correct AnswerC

Dry Powder Extinguishers (sodium chloride, graphite, ternary eutectic chloride). Lowers the temperature and removes oxygen in the area. Primarily used for metal fires (sodium, magnesium, graphite).

Question 274

Which of these is a COMMON attack against data at rest?

Screen scrapers.

Stealing unencrypted laptops.

Keyloggers.

MITM.

check_circle

Correct AnswerB

If we do not encrypt our laptops which uses the data from our database, it is a very good attack vector for someone wanting to steal our data.

Question 275

When we look at using type 3 authentication, we would talk about all these terms EXCEPT which?

FAR.

FRR.

CER.

CRR.

check_circle

Correct AnswerD

Something you are - Type 3 Authentication (Biometrics), uses Errors for Biometric Authentication: FRR (False rejection rate), FAR (False accept rate) and CER (Crossover Error Rate).

Question 276

Looking at our relational databases and the errors they can have, if we talk about semantic integrity, to what are we referring?

Each tuple has a unique primary value that is not null.

Each attribute value is consistent with the attribute data type.

When the database has errors.

When every foreign key in a secondary table matches the primary key in the parent table.

check_circle

Correct AnswerB

Semantic integrity: Each attribute value is consistent with the attribute data type.

Question 277

A new network administrator is asking questions about a security audit we are having done. What would you explain to her it is?

Testing against a published standard.

Internal IT Security employees double checking their work.

External auditors comes in.

Internal auditors looking for flaws.

check_circle

Correct AnswerA

Security audit: A test against a published standard. Purpose is to validate/verify that an organization meets the requirements as stated in the published standard.

Question 278

We have had a security breach. We have already reissued Type 1 and 2 authentications to our users. How would we reissue a new type 3 authentication to them?

Give them a new password.

We can't.

Give them a new ID card.

Give them a HOTP token.

check_circle

Correct AnswerB

With biometrics we can't reissue authentication factors. You have the same fingerprints. If compromised, nothing can be done other than to stop using them.

Question 279

We have smoke photoelectric detectors installed in our data center. What do they detect?

A change in the light indicating higher particle density.

A rise in temperature indicating a fire.

The infrared light emitted from a fire.

If the light is off in the data center.

check_circle

Correct AnswerA

Question 280

When Jane is designing the specifications in our Disaster Recovery Plan (DRP), she is including technology and countermeasures for hurricanes. Which type of disasters is the focused on?

All of these.

Natural.

Environmental.

Man made.

check_circle

Correct AnswerB

Natural: Hurricanes, floods, earthquakes, blizzards, anything that is caused by nature.

chevron_left 1...27 28 29...33 chevron_right

AcingExam

Precision in Certification. Momentum in Career.

Product

Home
View All Exams

Company

About Us
Privacy Policy
Terms of Service

Connect

public alternate_email share

System Status: Optimal

Update History

Update History