CISSP Certified Information Systems Security Professional Practice Questions Bank With 5 practice exams, each of which is timed at 200 minutes with a 250 questions with detailed explanation, just like the official certification examTopics: CISSP domains studied under this certification 1. Security and Risk Management2. Asset Security3. Security Architecture and Engineering4. Communications and Network Security5. Identity and Access Management6. Security Assessment and Testing7. Security Operations8. Software Development SecurityTotal Questions Count: 1250Exams Count: 5Explanation: Yes, Detailed ExplanationLength of exam: 200 minutesNumber of questions:250 Exam language availability: EnglishPassing grade: 70%Questions: Which type of fire extinguisher is MOST appropriate for a digital information processing facility?A) Type A B) Type B C) Type C D) Type DExplanation: The most likely type of fire in a digital information processing facility is an electrical fire. Class C fire extinguishers are used for fires involving electrical equipment. Class C fires are electrical fires which that may occur in electrical equipment or wiring. Class C fire extinguishers use gas, CO2 or dry powders as these extinguishing agents are non-conductive. Incorrect Answers:A: Type A fire extinguishers use water or foam. These should not be used on an electrical fire. Therefore, this answer is incorrect.B: Type B fires are liquid fires such as gasoline. Some Type B fire extinguishers use CO2 which could be used on an electrical fire. However, Type B fire extinguishers can also use foam which should not be used on electrical fires. Therefore, this answer is incorrect.D: Type D fires are combustible metals such as magnesium, sodium or potassium. Type D fire extinguishers use dry powders designed for combustible metals and should not be used on electrical fires. Therefore, this answer is incorrect. References:, 6th Edition, McGraw-Hill, 2013, p. 472Which of the following controls related to physical security is NOT an administrative control?A) Personnel controls B) Alarms C) Training D) Emergency response and proceduresExplanation: Alarms are an example of a physical control type, not an administrative control. Controls are put into place to reduce the risk an organization faces, and they come in three main flavors: administrative, technical, and physical. Administrative controls are commonly referred to as “soft controls” because they are more management-oriented. Examples of administrative controls are security documentation, risk management, personnel security, and training. Technical controls (also called logical controls) are software or hardware components, as in firewalls, IDS, encryption, identification and authentication mechanisms. And physical controls are items put into place to protect facility, personnel, and resources. Examples of physical controls are security guards, locks, fencing, and lighting. Incorrect Answers:A: Personnel controls are an example of an administrative control. Therefore, this answer is incorrect.C: Training is an example of an administrative control. Therefore, this answer is incorrect.D: Emergency response and procedures are an example of an administrative control. Therefore, this answer is incorrect. References:, 6th Edition, McGraw-Hill, 2013, p. 28
