CISSP Certified Information Systems Security Professional Practice Questions Bank
With 5 practice exams, each of which is timed at 200 minutes with a 250 questions with detailed explanation, just like the official certification exam
Topics: CISSP domains studied under this certification
1. Security and Risk Management
2. Asset Security
3. Security Architecture and Engineering
4. Communications and Network Security
5. Identity and Access Management
6. Security Assessment and Testing
7. Security Operations
8. Software Development Security
Total Questions Count: 1250
Exams Count: 5
Explanation: Yes, Detailed Explanation
Length of exam: 200 minutes
Number of questions:250
Exam language availability: English
Passing grade: 70%
Questions:
Which type of fire extinguisher is MOST appropriate for a digital information processing facility?
A) Type A
B) Type B
C) Type C
D) Type D
Explanation: The most likely type of fire in a digital information processing facility is an electrical fire. Class C fire extinguishers are used for fires involving electrical equipment.Class C fires are electrical fires which that may occur in electrical equipment or wiring. Class C fire extinguishers use gas, CO2 or dry powders as these extinguishing agents are non-conductive.Incorrect Answers:A: Type A fire extinguishers use water or foam. These should not be used on an electrical fire. Therefore, this answer is incorrect.B: Type B fires are liquid fires such as gasoline. Some Type B fire extinguishers use CO2 which could be used on an electrical fire. However, Type B fire extinguishers can also use foam which should not be used on electrical fires. Therefore, this answer is incorrect.D: Type D fires are combustible metals such as magnesium, sodium or potassium. Type D fire extinguishers use dry powders designed for combustible metals and should not be used on electrical fires. Therefore, this answer is incorrect.References:, 6th Edition, McGraw-Hill, 2013, p. 472
Which of the following controls related to physical security is NOT an administrative control?
A) Personnel controls
B) Alarms
C) Training
D) Emergency response and procedures
Explanation: Alarms are an example of a physical control type, not an administrative control.Controls are put into place to reduce the risk an organization faces, and they come in three main flavors: administrative, technical, and physical. Administrative controls are commonly referred to as "soft controls" because they are more management-oriented. Examples of administrative controls are security documentation, risk management, personnel security, and training. Technical controls (also called logical controls) are software or hardware components, as in firewalls, IDS, encryption, identification and authentication mechanisms. And physical controls are items put into place to protect facility, personnel, and resources.Examples of physical controls are security guards, locks, fencing, and lighting.Incorrect Answers:A: Personnel controls are an example of an administrative control. Therefore, this answer is incorrect.C: Training is an example of an administrative control. Therefore, this answer is incorrect.D: Emergency response and procedures are an example of an administrative control. Therefore, this answer is incorrect.References:, 6th Edition, McGraw-Hill, 2013, p. 28
