Cisco
CompTIA
ISC
EC-Council
EXIN
Fortinet
ITIL
Juniper
Microsoft
VMware
Avaya
SAP
Google
NVIDIA
Salesforce
Amazon
Palo Alto Networks
ISC2
Splunk
ServiceNow
All Vendors
  2. Home
  3. Exams
  4. ISC2
  5. CISSP

ISC2 CISSP Exam Questions
Certified Information Systems Security Professional (CISSP) (Page 13 )

Updated On: 19-Apr-2026
Page 13 of 98
PDF with 484 Questions

Which of the following departments initiates the request, approval, and provisioning business process?

  1. Operations
  2. Security
  3. Human resources (HR)
  4. Information technology (IT)

Answer(s): A



An organization is setting a security assessment scope with the goal of developing a Security Management Program (SMP). The next step is to select an approach for conducting the risk assessment. Which of the following approaches is MOST effective for the SMP?

  1. Security controls driven assessment that focuses on controls management
  2. Business processes based risk assessment with a focus on business goals
  3. Asset driven risk assessment with a focus on the assets
  4. Data driven risk assessment with a focus on data

Answer(s): B



Which technique helps system designers consider potential security concerns of their systems and applications?

  1. Threat modeling
  2. Manual inspections and reviews
  3. Source code review
  4. Penetration testing

Answer(s): A



A security professional can BEST mitigate the risk of using a Commercial Off-The-Shelf (COTS) solution by deploying the application with which of the following controls in place?

  1. Network segmentation
  2. Blacklisting application
  3. Whitelisting application
  4. Hardened configuration

Answer(s): D



Which of the following BEST describes centralized identity management?

  1. Service providers perform as both the credential and identity provider (IdP).
  2. Service providers identify an entity by behavior analysis versus an identification factor.
  3. Service providers agree to integrate identity system recognition across organizational boundaries.
  4. Service providers rely on a trusted third party (TTP) to provide requestors with both credentials and identifiers.

Answer(s): D



Viewing page 13 of 98
Viewing questions 61 - 65 out of 484 questions



Post your Comments and Discuss ISC2 CISSP exam dumps with other Community members:

CISSP Exam Discussions & Posts

AI Tutor AI Tutor 👋 I’m here to help!