cissp practice questions Practice Exam 2025: Latest Questions

A security manager is updating corporate security policy and wants to ensure it will be enforceable in court if employees violate it. Which action BEST supports enforceability?

An organization is classifying data and wants to assign an owner for each dataset. What is the PRIMARY responsibility of the data owner?

A company wants to reduce risk from lost laptops containing customer information. Which control MOST directly reduces the impact if a laptop is lost?

A security analyst sees repeated login attempts against many different accounts from a single external IP, with a low number of attempts per account to avoid lockouts. What attack is MOST likely occurring?

A company is deploying a public-facing web application in a DMZ. The security architect wants to ensure the database is not directly reachable from the internet, even if the web server is compromised. Which design BEST supports this goal?

During an internal audit, the team wants to validate that a critical business process can be restored within the required RTO. Which activity BEST provides this evidence?

A SOC is overwhelmed by alerts and wants to improve detection quality without reducing true positives. Which approach is MOST appropriate?

A development team is adopting microservices and wants to minimize the blast radius of a compromised service. Which control MOST directly supports this objective?

A multinational organization must ensure only approved cryptographic modules are used to protect sensitive government data. Which strategy BEST meets this requirement while maintaining an auditable posture?

An organization is implementing a zero trust initiative. Network engineers propose a design that authenticates users at VPN login, then grants broad internal network access for the session. The CISO objects. What is the MOST valid reason for the objection?

A data owner is classifying a new dataset that will be shared with a third-party analytics provider. Which action BEST supports the confidentiality requirement before any transfer occurs?

A security administrator is asked to ensure only authenticated users can connect to the corporate Wi-Fi and that their sessions are uniquely attributable. Which solution BEST meets this requirement?

A development team uses an internal library repository to distribute shared code. Which control MOST directly reduces the risk of malicious or tampered dependencies being introduced into production builds?

A global organization needs to ensure that a newly updated policy becomes enforceable and defensible across all subsidiaries. Which step BEST ensures the policy can be consistently applied?

An organization wants to prevent administrators of a virtualization platform from accessing the contents of sensitive virtual machines (VMs), while still allowing them to manage host resources. Which design BEST supports this goal?

A SOC receives alerts that DNS queries from multiple workstations are going to random-looking subdomains of an untrusted domain at regular intervals. Web browsing appears normal. What is the MOST likely explanation?

A company wants to validate that its access controls in a new HR application properly enforce least privilege. Which assessment method provides the BEST evidence that users can perform required tasks but cannot exceed their authorized access?

An enterprise is integrating multiple SaaS applications and wants centralized authentication with the ability to rapidly disable a user across all services. Which approach BEST meets this requirement?

A provider must design a multi-tenant service so one customer cannot infer or access another customer’s data. Which control is MOST critical to address this requirement at the application layer?

A security architect is selecting a control to reduce the risk of credential replay when users authenticate to internal web applications over the corporate network. Which option BEST mitigates replay risk?

A security analyst is asked to validate that a vendor’s delivered application binary matches what was built and tested internally, without relying on the vendor’s word. Which approach BEST provides this assurance?

A company classifies certain engineering documents as highly sensitive. They must be shared externally with a partner, but the company wants to prevent the partner from forwarding the documents to unauthorized third parties. Which control MOST directly enforces this requirement after the file leaves the company’s network?

An organization wants to implement single sign-on across several internal web applications while ensuring applications never directly handle user passwords. Which solution BEST meets this requirement?

A SOC detects intermittent outbound connections from a workstation to multiple external IPs over TCP/443. Packet inspection is limited because the traffic is encrypted, and the destinations change frequently. Which action is MOST likely to improve detection fidelity while minimizing impact to user privacy and performance?

A company is designing a secure management plane for network devices. Administrators must manage devices remotely, and the organization wants to reduce the chance that a compromise of the corporate user network could lead to compromise of the management interfaces. Which architecture is BEST?