Skip survey header

CISSP Practice Quiz 2

CISSP Practice Quiz 2

1. Which of the following is the most realistic type of security control testing?  
2. _______ data should be used in the testing environment.  
3. Periodic ________ reviews ensure that security process data is being used as intended and that required controls are functioning as intended.  
4. Which of the following locations is not common for intrusion detection/prevention system (IDS/IPS) solutions?  
5. What is the process of assigning a unique value to every person, device, and service that will access the environment called? 
6. During __________, the identity of the entity (typically a user) is validated.  
7. Which is often used for managing account information across an enterprise?  
8. Alice needs access to her company’s IT environment. She is issued a username based on her email address and is allowed to choose a password.  
  
The _____ department most likely issued her the login credentials.  
9. Which of the following is sometimes referred to as “white box testing” or “secure code review”?  
10. In __________, the application is actually executed, and testers (often from the user community) perform functions with the application in a runtime state, trying to determine if the software can successfully perform required functionality, but also attempting to find situations where the software fails.