Purpose

This book provides free CISSP questions covering over 2 sets exams
essentials approx. 600 CISSP questions without any charges, the purpose
providing CISSP questions is to give CISSP exam candidate a confidence with
what kind different types of questioned can be asked during the exam, the
question is designed covering all eight distinct domains.

CISSP Exam Information

Length of the Exam : 6 hours
Number of Questions: 250
Format: Multiple Choice, Drag & drop, Match the Items, Pictorial
Passing grade : 700 out of 1000

About Exam
The CISSP certification is based on a Common Body of Knowledge (CBK)
identified by the (ISC)2 and defined through eight distinct domains, this book
will have assessment related to
Security and Risk Management
Asset Security
Security Engineering
Communications and Network Security
Identity and Access Management
Security Assessment and Testing
Security Operations
Software Development Security

Exam Tips
Attempt All question DONOT leave any question.
Only 225 question counted toward your final score, the other 25 are
trial question for future version of CISSP examination
The CISSP question can also come on the situation
Answer simple question first and read through all of the answers
Each question is multiple-choice and includes four possible answers.
Only one answer is the best answer. Ideally, you should not only
know what the correct answer is, but also why it is correct and why
the incorrect answers are incorrect.
Twisted Questions
Drag & Drop Type of questions
Assessment Tests
1) Which of the following statement is not completely true when applying
governance policies
a. Security is Only IT issue.
b. Security is organizational process.
c. Security governance vary from organization to organization
d. Security governance should be managed throughout the
organization.

2) In a organization the internal threat agents gain access to the

unauthorized data, the agent is not able to read the data, because of
____ protection mechanisms is in placed
a. The data is hidden from at the end of the file.
b. The data is readable doesnt carry any meaning.
c. The data is hashed.
d. The data is obfuscated with encryption.

3) The radius protocol provides the AAA services what does these three
refer to in the CIA Triad when discussing the five elements of AAA.
a. Authentication, Availability, Adaptable, identification, accounting
b. Identification, Authentication, Authorization, Auditing, Accounting
c. Identification, Authentication, Nonrepudiation, Auditing,
Accounting
d. Nonrepudiation, Identification, Authentication, Authorization
4) Which of these three controls concepts applied for monitoring the
access.
a. SHA, RBAC, MAC
b. MAC, DAC, RBAC
c. MD5, DAC, RBAC
d. RBAC, SHA, MD5
5) The process of______ is maintained if the subject are held for ______
a. accountability, accountable
b. auditing, accountability
c. identification, auditing
d. identification, accountability
6) Which of the following is most likely not a mandatory document?
a. Standard
b. baseline
c. policy
d. None of the Above
 7) Who led the InfoSec team?
a. CIO
b. CEO
c. CSO
d. Chairman
8) XYZ organization has an Infosec team, the XYZ is expanding and
growing, The organization XYZ has decided to increase the customer
base, and started the new project alpha, the Infosec team should not
do the following
a. InfoSec team started reporting under the project alpla
management
b. InfoSec team halt other security activities and give more
preference to project alpha
c. InfoSec team continue to work independently under the direction
of CSO and align with company mission and objectives
d. None of the Above
9) XYZ organization is practicing and implementing security policy which
of two legal terms describe the best match to it
a. due care
b. due diligence
c. both a & b
d. None of the above

10) Which one will be the right policy structure for an organization
following top down structure

a. B
b. A
c. C
d. None of the Above

11) ITSEC is ___ country standard

a. European
b. US
c. Canadian
d. None of the Above

12) CTCPEC is ___ country standard

 a. European
b. US
c. Canadian
d. None of the Above

13) An ____ is a piece of software, a command, or a methodology that

attacks a particular security vulnerability
a. Virus
b. Worm
c. Exploit
d. Bots
14) ______ is a lethal kind of Malware that Encrypts your harddrive and
holds them hostage, providing the decryption key if you pay the
hostage-taker
a. keylogger
b. Ransomware
c. Worm
d. Trojan Horse

15) You are working on Microsoft Excel and the excel warns you that a
document contains a macro.
a. Its a Virus
b. Its a Worm
c. Its not a Virus
d. Its a Trojan horse
16) A ___ is memory resident viruses and infect disks
a. File infector Virus
b. Master boot record viruses
c. Boot Sector Virus
d. Macro Virus

Download the Free-Book covers 600+ CISSP Exam

Questions
This is the Place from where the Book can be downloaded for free (Absolutely
No charges )
https://leanpub.com/cisspexamquestions

About the Author

My Name is Anish Nath, I work as Security Advocate for a Product company having 12+ year
of IT experience, Perform ethical hacking through Official HackerOne & Bugcrowd Channel ,
Author of the Book Packet Analysis with Wireshark, having own youtube channel with
the name http://youtube.com/zarigatongy
You can reach me through my twitter handle @anish2good