Cisco
CompTIA
ISC
EC-Council
EXIN
Fortinet
ITIL
Juniper
Microsoft
VMware
Avaya
SAP
Google
NVIDIA
Salesforce
Amazon
Palo Alto Networks
ISC2
Splunk
ServiceNow
All Vendors
  2. Home
  3. Exams
  4. ISC2
  5. CISSP

ISC2 CISSP Exam Questions
Certified Information Systems Security Professional (CISSP) (Page 17 )

Updated On: 19-Apr-2026
Page 17 of 98
PDF with 484 Questions

An international organization has decided to use a Software as a Service (SaaS) solution to support its business operations. Which of the following compliance standards should the organization use to assess the international code security and data privacy of the solution?

  1. Service Organization Control (SOC) 2
  2. Information Assurance Technical Framework (IATF)
  3. Health Insurance Portability and Accountability Act (HIPAA)
  4. Payment Card Industry (PCI)

Answer(s): A



An authentication system that uses challenge and response was recently implemented on an organization's network, because the organization conducted an annual penetration test showing that testers were able to move laterally using authenticated credentials. Which attack method was MOST likely used to achieve this?

  1. Hash collision
  2. Pass the ticket
  3. Brute force
  4. Cross-Site Scripting (XSS)

Answer(s): B



Which of the following would qualify as an exception to the "right to be forgotten" of the General Data Protection Regulation (GDPR)?

  1. For the establishment, exercise, or defense of legal claims
  2. The personal data has been lawfully processed and collected
  3. For the reasons of private interest
  4. The personal data remains necessary to the purpose for which it was collected

Answer(s): A



Dumpster diving is a technique used in which stage of penetration testing methodology?

  1. Attack
  2. Reporting
  3. Planning
  4. Discovery

Answer(s): D



Which of the following is performed to determine a measure of success of a security awareness training program designed to prevent social engineering attacks?

  1. Employee evaluation of the training program
  2. Internal assessment of the training program's effectiveness
  3. Multiple choice tests to participants
  4. Management control of reviews

Answer(s): B



Viewing page 17 of 98
Viewing questions 81 - 85 out of 484 questions



Post your Comments and Discuss ISC2 CISSP exam dumps with other Community members:

CISSP Exam Discussions & Posts

AI Tutor AI Tutor 👋 I’m here to help!