CISSP PRACTICE QUESTIONS – 20210517

Effective CISSP Questions

Your company initiated a business continuity program (BCP) to implement the business continuity management system (BCMS) compliant with ISO 22301. The BCP team is planning for business continuity. Which of the following is the most feasible requirement? (Wentz QOTD)
A. The BCP team shall also consider the incident response.
B. Risk assessment shall be completed before business impact analysis.
C. Risk assessment shall be completed during business impact analysis.
D. The scope of BCP shall be enterprise-wide to cover the enterprise as a whole.

Continue reading

CISSP PRACTICE QUESTIONS – 20210515

Your company is a well-known global cloud service provider serving millions of customers. Which of the following best supports the multi-tenancy feature mentioned in ISO/IEC 17888? (Wentz QOTD)
A. EAP over LAN (EAPoL) based on 802.1X
B. Virtual LAN (VLAN) based on IEEE 802.1Q
C. Virtual eXtensible Local Area Network (VXLAN) based on RFC 7348
D. Spanning Tree Protocol based on 802.1D

Continue reading

CISSP PRACTICE QUESTIONS – 20210512

Fuzz testing is an automated software testing technique that employs a fuzzer to generate test data as inputs to software under test randomly. Which of the following is correct? (Wentz QOTD)
A. Fuzzing test using a smart fuzzer is white-box testing.
B. A smart fuzzer aware of input structure primarily mutates meaningful test data.
C. A generation-based fuzzer relies on modifying existing test data randomly.
D. A dumb fuzzer doesn’t rely on detecting input structure to generate test data.

Continue reading

CISSP PRACTICE QUESTIONS – 20210511

There exist many perspectives of Zero Trust. Which of the following is correct? (Wentz QOTD)
A. Zero Trust adoption uses the big bang strategy.
B. Zero Trust networks may coexist with legacy networks isolated by firewalls.
C. Zero Trust prevents lateral movement through the castle-and-moat architecture.
D. Zero Trust, aka perimeterless security, doesn’t define any forms of the perimeter.

Continue reading