CISSP Free Practice Exam

5 questions would be shown from a total of 30 free practice questions to prepare you for CISSP exam. Enjoy!

1 / 5

1. Which of the following is the BEST definition of Cross-Site Request Forgery (CSRF)?
Explanation/Reference:

A. An attack that makes an illegal request across security zones and thereby forges itself into the security database of the system

B. An attack which forces an end user to execute unwanted actions on a web application in which they are currently authenticated

C. An attack that injects a script into a web page to execute a privileged command

D. An attack that forges a false Structure Query Language (SQL) command across systems

Reference: https://portswigger.net/web-security/csrf

2 / 5

2. An application team is running tests to ensure that user entry fields will not accept invalid input of any length.
Explanation/Reference:
What type of negative testing is this an example of?

A. Session testing

B. Population of required fields

C. Reasonable data

D. Allowed number of characters

Reference: https://www.softwaretestinghelp.com/what-is-negative-testing/

3 / 5

3. All of the following items should be included in a Business Impact Analysis (BIA) questionnaire EXCEPT questions that

A. determine the technological dependence of the business processes

B. determine the risk of a business interruption occurring

C. Identify the operational impacts of a business interruption

D. Identify the financial impacts of a business interruption

Reference: https://www.google.com/url?sa=t&rct=j&q=&esrc=s&source=web&cd=1&cad=rja&uact=8&ved=0ahUKEwjbktbTp- LaAhVIr48KHZuhB0UQFggmMAA&url=http%3A%2F%2Fwww.oregon.gov%2Fdas%2FProcurement% 2FGuiddoc%2FBusImpAnalysQs.doc&usg=AOvVaw1wBxcnLP8ceI_yhv2rsI9h

4 / 5

4. A manufacturing organization wants to establish a Federated Identity Management (FIM) system with its 20 different supplier companies. Which of the following is the BEST solution for the manufacturing organization?
Explanation/Reference:

A. Cross-certification

B. Security Assertion Markup language (SAML)

C. Trusted third-party certification

D. Lightweight Directory Access Protocol (LDAP)

Reference: https://www.netiq.com/documentation/access-manager-43/applications-configuration-guide/data/ b1ka6lkd.html

5 / 5

5. Which of the following is a process in the access provisioning lifecycle that will MOST likely identify access aggregation issues?
Explanation/Reference:

A. Peer review

B. Review

C. Assessment

D. Test

Reference: https://books.google.com.pk/books?id=W2TvAgAAQBAJ&pg=PA256&lpg=PA256&dq=process+in +the+access+provisioning+lifecycle+that+will+MOST+likely+identify+access+aggregation +issues&source=bl&ots=OBJo9fbGP3&sig=ACfU3U1eAWDu3q4EoiusrOi_hvtu6WyaIg&hl=en&sa=X&ved=2ah UKEwiu-Mac0anpAhXIxIUKHQi2BFsQ6AEwAXoECBAQAQ#v=onepage&q=process%20in%20the%20access %20provisioning%20lifecycle%20that%20will%20MOST%20likely%20identify%20access%20aggregation% 20issues&f=false

Free sign-up(click) to

1. skip this part 2. access all free questions 3. show explanations

Your score is

The average score is 54%

CISSP Free Practice Test

Log in and start practising

Free sign-up(click) to

1. skip this part 2. access all free questions 3. show explanations

Company

Learn More

Click below to chat on WhatsApp

CISSP Free Practice Test

Log in and start practising

Free sign-up(click) to

1. skip this part 2. access all free questions 3. show explanations

Company

Learn More

Click below to chat on WhatsApp

More learning resources are waiting for you!