CISSP QUIZ 1 QUESTIONS AND
ANSWERS WITH COMPLETE
SOLUTIONS 100% CORRECT RATED A+
Question 1: Which management framework is specifically designed to minimize
the risk of embedded vulnerabilities or malicious alterations in acquired third-party
hardware and software products?
Answer: ✔✔ Supply Chain Risk Management
Question 2: Which of the following terms refers to executive leadership behaviors
and organizational culture that actively encourage and promote ethical conduct
among employees?
Answer: ✔✔ Tone at the Top
Question 3: Which family of international standards offers comprehensive
framework guidance for establishing, implementing, and managing information
security controls?
Answer: ✔✔ ISO/IEC 27000
Question 4: What is the specific legal obligation applied to corporate executives
that allows shareholders to sue leadership if they fail to exercise reasonable care in
protecting organizational assets from harm or financial loss?
Answer: ✔✔ Due diligence
Question 5: In a risk management context, what is the fundamental purpose of
implementing a security control?
Answer: ✔✔ Used to reduce or mitigate risks
, Availability, Integrity, and Confidentiality -ANSWER ✔✔Which of the following
best describes the AIC principles?
Due care -ANSWER ✔✔________ is a legal principle that requires that individuals
perform necessary actions to prevent negligence from occurring. It is judged using
the reasonable person standard.
Bar Codes and Scanners -ANSWER ✔✔Which of the following are NOT examples
of physical controls?
Countermeasure -ANSWER ✔✔Which of the following is NOT a category of
control types?
Encrypting data at rest and in transit -ANSWER ✔✔Confidentiality can be
protected by implementing which of the following controls?
protects or assures the accuracy and reliability of information and systems -
ANSWER ✔✔Integrity is the principle that _________________.
Standard -ANSWER ✔✔A ______ is a document which defines mandatory
activities, actions, or rules.
terms that are incorrectly treated as having the same meaning -ANSWER
✔✔Vulnerability, threat, risk, and exposure are ____________.
reliability and timely access to data and other resources by authorized individuals -
ANSWER ✔✔Availability is the principle which ensures ____________.
ANSWERS WITH COMPLETE
SOLUTIONS 100% CORRECT RATED A+
Question 1: Which management framework is specifically designed to minimize
the risk of embedded vulnerabilities or malicious alterations in acquired third-party
hardware and software products?
Answer: ✔✔ Supply Chain Risk Management
Question 2: Which of the following terms refers to executive leadership behaviors
and organizational culture that actively encourage and promote ethical conduct
among employees?
Answer: ✔✔ Tone at the Top
Question 3: Which family of international standards offers comprehensive
framework guidance for establishing, implementing, and managing information
security controls?
Answer: ✔✔ ISO/IEC 27000
Question 4: What is the specific legal obligation applied to corporate executives
that allows shareholders to sue leadership if they fail to exercise reasonable care in
protecting organizational assets from harm or financial loss?
Answer: ✔✔ Due diligence
Question 5: In a risk management context, what is the fundamental purpose of
implementing a security control?
Answer: ✔✔ Used to reduce or mitigate risks
, Availability, Integrity, and Confidentiality -ANSWER ✔✔Which of the following
best describes the AIC principles?
Due care -ANSWER ✔✔________ is a legal principle that requires that individuals
perform necessary actions to prevent negligence from occurring. It is judged using
the reasonable person standard.
Bar Codes and Scanners -ANSWER ✔✔Which of the following are NOT examples
of physical controls?
Countermeasure -ANSWER ✔✔Which of the following is NOT a category of
control types?
Encrypting data at rest and in transit -ANSWER ✔✔Confidentiality can be
protected by implementing which of the following controls?
protects or assures the accuracy and reliability of information and systems -
ANSWER ✔✔Integrity is the principle that _________________.
Standard -ANSWER ✔✔A ______ is a document which defines mandatory
activities, actions, or rules.
terms that are incorrectly treated as having the same meaning -ANSWER
✔✔Vulnerability, threat, risk, and exposure are ____________.
reliability and timely access to data and other resources by authorized individuals -
ANSWER ✔✔Availability is the principle which ensures ____________.
