CISSP Exam Details

  • Exam Code
    :CISSP
  • Exam Name
    :Certified Information Systems Security Professional (CISSP)
  • Certification
    :ISC Certifications
  • Vendor
    :ISC
  • Total Questions
    :1703 Q&As
  • Last Updated
    :Jul 08, 2026

ISC CISSP Online Questions & Answers

  • Question 91:

    What type of access control determines the authorization to resource based on pre-defined job titles within an organization?

    A. Role-Based Access Control (RBAC)
    B. Role-based access control
    C. Non-discretionary access control
    D. Discretionary Access Control (DAC)

  • Question 92:

    Which of the following objects should be removed FIRST prior to uploading code to public code repositories?

    A. Security credentials
    B. Known vulnerabilities
    C. Inefficient algorithms
    D. Coding mistakes

  • Question 93:

    A practice that permits the owner of a data object to grant other users access to that object would usually provide

    A. Mandatory Access Control (MAC).
    B. owner-administered control.
    C. owner-dependent access control.
    D. Discretionary Access Control (DAC).

  • Question 94:

    What is the FIRST step that should be considered in a Data Loss Prevention (DLP) program?

    A. Configuration management (CM)
    B. Information Rights Management (IRM)
    C. Policy creation
    D. Data classification

  • Question 95:

    Which of the following controls is the FIRST step in protecting privacy in an information system?

    A. Data Redaction
    B. Data Minimization
    C. Data Encryption
    D. Data Storage

  • Question 96:

    Which of the following BEST describles a protection profile (PP)?

    A. A document that expresses an implementation independent set of security requirements for an Information Technology (IT) product that meets specific consumer needs.
    B. A document that expresses an implementation dependent set of security retirements which contains only the security functional requirements.
    C. A document that represents evaluated products where there is a one-to-one correspondence between a PP and a Security Target (ST).
    D. A document that is used to develop an Information Technology (IT) security product from Its security requirements definition.

  • Question 97:

    Which of the following steps is performed during the forensic data analysis phase?

    A. Collect known system files
    B. search for relevant strings.
    C. Create file lists
    D. Recover deleted data.

  • Question 98:

    An organization has developed a way for customers to share information from their wearable devices with each other. Unfortunately, the users were not informed as to what information collected would be shared. What technical controls should be put in place to remedy the privacy issue while still trying to accomplish the organization's business goals?

    A. Default the user to not share any information.
    B. Inform the user of the sharing feature changes after implemented.
    C. Share only what the organization decides is best.
    D. Stop sharing data with the other users.

  • Question 99:

    Digital certificates used transport Layer security (TLS) supprot which of the following?

    A. Server identify and data confidentially
    B. Information input validation
    C. Multi-Factor Authentication (MFA)
    D. Non-reputation controls and data encryption

  • Question 100:

    An organization has discovered that users are visiting unauthorized websites using anonymous proxies. Which of the following is the BEST way to prevent future occurrences?

    A. Remove the anonymity from the proxy
    B. Analyze Internet Protocol (IP) traffic for proxy requests
    C. Disable the proxy server on the firewall
    D. Block the Internet Protocol (IP) address of known anonymous proxies

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only ISC exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your CISSP exam preparations and ISC certification application, do not hesitate to visit our Vcedump.com to find your solutions here.