CISSP PRACTICE QUESTIONS – 20220407

Effective CISSP Questions

When you go to see a doctor, which of the following best describes your right to maintain control over and confidentiality of information about yourself and your health? (Wentz QOTD)
A. Privacy
B. Sensitive personal data
C. Protected Health Information (PHI)
D. Personally identifiable information (PII)


Kindly be reminded that the suggested answer is for your reference only. It doesn’t matter whether you have the right or wrong answer. What really matters is your reasoning process and justifications.

Continue reading

CISSP PRACTICE QUESTIONS – 20220406

Effective CISSP Questions

Which of the following is the best instrument introduced in the NIST Privacy Framework to conduct privacy gap analysis? (Wentz QOTD)
A. Functions
B. Categories
C. Profiles
D. Implementation tiers


Kindly be reminded that the suggested answer is for your reference only. It doesn’t matter whether you have the right or wrong answer. What really matters is your reasoning process and justifications.

Continue reading

CISSP PRACTICE QUESTIONS – 20220405

Effective CISSP Questions

Which of the following is not an outcome of the “Identify” function of the NIST Cybersecurity Framework? (Wentz QOTD)
A. Governance
B. Asset management
C. Business environment
D. Information protection processes and procedures


Kindly be reminded that the suggested answer is for your reference only. It doesn’t matter whether you have the right or wrong answer. What really matters is your reasoning process and justifications.

Continue reading

CISSP PRACTICE QUESTIONS – 20220404

Effective CISSP Questions

It’s commonly agreed that security and privacy are two sides of a coin and there is no privacy without security. Which of the following is not one of the NIST privacy engineering objectives? (Wentz QOTD)
A. Traceability
B. Predictability
C. Manageability
D. Disassociability


Kindly be reminded that the suggested answer is for your reference only. It doesn’t matter whether you have the right or wrong answer. What really matters is your reasoning process and justifications.

Continue reading

CISSP PRACTICE QUESTIONS – 20220403

Effective CISSP Questions

Which of the following software engineering practices is the most streamlined that entails the least human intervention? (Wentz QOTD)
A. Continous testing
B. Continous integration
C. Continous delivery
D. Continous deployment


Kindly be reminded that the suggested answer is for your reference only. It doesn’t matter whether you have the right or wrong answer. What really matters is your reasoning process and justifications.

Continue reading

CISSP PRACTICE QUESTIONS – 20220402

Effective CISSP Questions

The level to which legal privacy protections are implemented varies across countries and regions. Which of the following privacy protection legal models is most likely to be implemented in the European Union? (Wentz QOTD)
A. Laws and regulations govern all data processing actions for all industries.
B. Laws and regulations govern some data processing actions for all industries.
C. No laws and regulations govern data processing actions for all industries.
D. Privacy protection actions are divided between government and private parties.


Kindly be reminded that the suggested answer is for your reference only. It doesn’t matter whether you have the right or wrong answer. What really matters is your reasoning process and justifications.

Continue reading

CISSP PRACTICE QUESTIONS – 20220401

Effective CISSP Questions

Virtual Private Network (VPN) is a generic term that refers to the use of public or private networks to interconnect separated network users so that they may communicate as if on a private network. Which of the following is least likely to be implemented to support VPN? (Wentz QOTD)
A. Interconnect LAN segments over a packet-switched network as one single LAN.
B. Encapsulate a MAC frame in UDP to create an overlay network or tunnel.
C. Use a delivery protocol operating equal to or higher than the payload to create a tunnel.
D. Encapsulate IPsec traffic in tunnel mode using ESP to enforce end-to-end confidentiality.


Kindly be reminded that the suggested answer is for your reference only. It doesn’t matter whether you have the right or wrong answer. What really matters is your reasoning process and justifications.

Continue reading

CISSP PRACTICE QUESTIONS – 20220331

Effective CISSP Questions

You are conducting threat modeling based on the Microsoft approach. Which of the following stages will you apply the categorized threat list, STRIDE? (Wentz QOTD)
A. Identify threats
B. Document & validate
C. Diagram application architecture
D. Identify, prioritize & implement controls


Kindly be reminded that the suggested answer is for your reference only. It doesn’t matter whether you have the right or wrong answer. What really matters is your reasoning process and justifications.

Continue reading