Are you preparing for the challenging yet rewarding CISSP exam? Testing your knowledge with realistic mock questions is a crucial part of your study process.
This two-part blog series will present five sample CISSP questions, allowing you to assess your current understanding. In this first part, we'll present the questions.
Can't wait for Part 2: CISSP Mock Exam - Questions 1-5 (Answers and Explanations!)?
Listen below to the CarlsCloud™ Podcast discussing the 5 mock exam question answers!
So, grab a pen and paper (or open a new document!) and see how you fare with these CISSP-style questions:
Question 1:
In an infrastructure-as-a-service (IaaS) cloud model, who bears primary responsibility for securing physical and information assets?
A. Responsibility primarily rests with the customer
B. Responsibility primarily rests with the provider
C. Responsibility is shared between the customer and provider
D. Responsibility primarily rests with the cloud access security broker
Question 2:
You are implementing a new firewall for your organization and are writing rules that allow a web server to be reachable by anyone in the world. In a typical firewall deployment, what network zone would be most appropriate for this server?
A. DMZ
B. Intranet
C. Extranet
D. Internet
Question 3:
Nick is conducting an audit of an organization's endpoint security program to ensure that it is meeting the control objective of locking down system security configurations. Which one of the following actions would he least likely take as part of this process?
A. Review the endpoint security policy
B. Examine the configuration settings in the centralized configuration management system
C. Review the security configuration of a randomly selected set of endpoints
D. Perform a penetration test to verify endpoints are secure
Question 4:
In a federated identity access management solution, what task is most commonly handled by the identity provider (IdP)?
A. Identification
B. Authorization
C. Provisioning
D. Authentication
Question 5:
You are working with a team of software and hardware developers on the creation of a new product that will deploy sensors to factory floors and then analyze the data from those sensors using a back-end SaaS solution. Before you develop the software, you would like to understand the potential paths that an attacker could take to undermine the security of the system.
What activity would best provide you with this perspective?
A. Threat hunting
B. Threat modeling
C. Penetration testing
D. Vulnerability scanning
Don't rush!
Stay tuned for CarlsCloud™ Part 2: CISSP Mock Exam - Questions 1-5 (Answers and Explanations!) where I will reveal the answers and provide detailed explanations to help solidify your understanding.
Good luck!
Did you enjoy this CarlsCloud™ today? If so, buy me a coffee or just shoot me a note via LinkedIn to say thanks!