CISSP Domains

Question 1

Which CISSP domain?
-suggest control testing
-Conducts audits

Answer 1

Domain 6: security assessment and testing

Question 2

Which CISSP domain- separation of duties

Answer 2

Domain 3: architecture and engineering

Question 3

Which CISSP domain- adding security input at each step of software development

Answer 3

Domain 8: software development

Question 4

Which CISSP domain- intrusion detection and prevention

Answer 4

Domain 7: security operations

Question 5

Which CISSP domain- designs network security controls

Answer 5

Domain 4: communication and network security

Question 6

Which CISSP domain- zero trust

Answer 6

Domain 3: architecture and engineering

Question 7

Which CISSP domain-threat modeling

Answer 7

Domain 3: security architecture, and engineering

Question 8

Which CISSP domain?
-Threat modeling
-Least privilege
-defense in depth
-Fail securely
-Separation of duties
-Keep it simple
-zero trust
-Trust but verify

Answer 8

Domain 3: security architecture, and engineering

Question 9

What are the two responsibilities of the identity and access management domain?

Answer 9

-Overseeing access based on position
-deciding when and who has access

Question 10

Which CISSP domain- play Books

Answer 10

Domain 7: security operations

Question 11

What are the four responsibilities of the asset security domain?

Answer 11

-tracking assets
-Destruction and disposal of assets
-Establishing recovery plans
-Managing data exposure

Question 12

What are the two responsibilities of the software development domain?

Answer 12

-adding security input at each step of software develop
-Conducting penetration testing by hiring pros

Question 13

Which CISSP domain?
-incident response
-Vulnerability management
-Application security
-Cloud security
-Infrastructure security

Answer 13

InfoSec in domain 1: security risk, and management

Question 14

Which CISSP domain- tracking assets

Answer 14

Domain 2: asset security

Question 15

Which CISSP domain- conducting penetration testing (by hiring professionals)

Answer 15

Domain 8: software development

Question 16

Which CISSP domain- suggests control testing

Answer 16

Domain 6: security assessment and testing

Question 17

Which CISSP domain- training and awareness

Answer 17

Domain 7: security operations

Question 18

Which CISSP domain- vulnerability management

Answer 18

InfoSec (under domain 1: security risk, and management)

Question 19

What domain is focused on defining security, goals and objectives risk medication, compliance, business, continuity, and legal regulations?

Answer 19

Security and risk management

Question 20

What are the 8 CISSP domains?

Answer 20

1. Security risk and management.
2. Asset security.
3. Security architecture and engineering.
4. Communication and network security.
5. Identity and access management.
6. Security assessment and testing.
7. Security operations.
8. Software development.

Question 21

Which CISSP domain- reflecting on lessons learned

Answer 21

Domain 7: security operations

Question 22

Which CISSP domain- defense in depth

Answer 22

Domain 3: security architecture, and engineering

Question 23

Which CISSP domain- incident response

Answer 23

InfoSec (under domain 1: security risk, and management)

Question 24

Which CISSP domain?
-Adding security input at each step of software development
-Conducting penetration testing (by hiring pros)

Answer 24

Domain 8: software development

Question 25

Which CISSP domain-
-training and awareness
-Reporting and documentation
-Intrusion detection and prevention
-SIEM tools
-Log management
-play Books
-Post breach forensics
-Reflecting on lessons learned

Answer 25

Domain 7: security operations

Question 26

Which CISSP domain- trust but verify

Answer 26

Domain 3: security architecture, and engineering

Question 27

Which CISSP domain- compliance

Answer 27

Domain 1: security and risk management

Question 28

Which CISSP domain?
-Designing network security controls
-Overseeing communication guidelines and controls

Answer 28

Domain 4: communication and network security

Question 29

Which CISSP domain- security goals and objectives

Answer 29

Domain 1: security and risk management

Question 30

Which CISSP domain- SIEM TOOLS

Answer 30

Domain 7: security operations

Question 31

Which CISSP domain- incident management

Answer 31

Domain 7: security operations

Question 32

Which CISSP domain?
-Security goals, and objectives
-risk mitigation
-Compliance
-business continuity plans
-Local regulations
-Professional and organizational ethics

Answer 32

Domain 1: security and risk management

Question 33

Which CISSP domain is InfoSec a part of?

Answer 33

domain 1: security risk, and management

Question 34

Which CISSP domain- managing data exposure

Answer 34

Domain 2: asset security

Question 35

Which CISSP domain- least privilege

Answer 35

Domain 3: security architecture, and engineering

Question 36

Which CISSP domain- establishing recovery plans

Answer 36

Domain 2: asset security

Question 37

Which CISSP domain- legal regulations

Answer 37

Domain 1: security and risk management

Question 38

Which CISSP domain- professional and organizational ethics

Answer 38

Domain 1: security and risk management

Question 39

Which CISSP domain- post breach forensics

Answer 39

Domain 7: security operations

Question 40

Which CISSP domain?
-Overseas access based on position
-decides when and who has access

Answer 40

Domain 5: identity and access management

Question 41

Which CISSP domain- business continuity plans

Answer 41

Domain 1: security and risk management

Question 42

Which CISSP domain- reporting and documentation

Answer 42

Domain 7: security operations

Question 43

Which CISSP domain?
-tracking assets
-Asset destruction, and disposal
-Establishing recovery plans
-Managing data exposure

Answer 43

Domain 2: asset security

Question 44

Which CISSP domain- overseas access based on position

Answer 44

Domain 5: access management

Question 45

Which CISSP domain- risk mitigation processes

Answer 45

Domain 1: security and risk management

Question 46

Which CISSP domain- application security

Answer 46

InfoSec (under domain 1: security risk, and management)

Question 47

Which CISSP domain- decides when and who has access

Answer 47

Domain 5: access management

Question 48

What are the eight responsibilities of the security architecture and engineering domain?

Answer 48

-threat modeling
-Least privilege
-Defense in depth
-Fail securely
-Separation of duties
-Keep it simple
-zero trust
-Trust but verify

Question 49

What are the nine responsibilities of the security operations domain?

Answer 49

-training and awareness
-Reporting and document
-And children, detection and prevention
-SIEM tools
-Log management
-Incident management
-play Books
-Post breach forensics
-Reflecting on lessons learned

Question 50

Which CISSP domain- cloud security

Answer 50

InfoSec (under domain 1: security risk, and management)

Question 51

Which CISSP domain- log management

Answer 51

Domain 7: security operations

Question 52

Which CISSP domain- overseas communication guidelines and controls

Answer 52

Domain 4: communication and network security

Question 53

Which CISSP domain- infrastructure security

Answer 53

InfoSec (under domain 1: security risk, and management)

Question 54

Which CISSP domain- Fail Securely

Answer 54

Domain 3: security architecture, and engineering

Question 55

Which CISSP domain- audits

Answer 55

Domain 6: security assessment and testing

Question 56

What are the two responsibilities of the security assessment and testing domain?

Answer 56

-suggesting control testing
-Conducting audits

Question 57

What are the two responsibilities of the communication and network security domain?

Answer 57

-Designing network security controls
-Oversee communication guidelines and controls

Question 58

What are the responsibilities of InfoSec part of the first domain?

Answer 58

-incident response
-Vulnerability management
-Application security
-Cloud security
-Infrastructure security

Question 59

What are the six responsibilities of the security and risk management domain?

Answer 59

-Security goals, and objectives
-risk mitigation
-Compliance
-business continuity plans
-Legal regulations
-Professional and organizational ethics