CISSP · topic practice

Troubleshooting practice questions

Practise Certified Information Systems Security Professional CISSP Troubleshooting practice questions — original exam-style scenarios with answer choices, explanations, and analysis of common mistakes.

Courseiva uses original exam-style practice questions designed for learning and revision. The goal is to understand the concepts, recognise exam patterns, and improve through explanations — not memorise copied exam dumps.

Reviewed byJohnson Ajibi· MSc IT Security
9 questionsDomain: Troubleshooting

What the exam tests

What to know about Troubleshooting

Troubleshooting questions test whether you can apply the concept in context, not just recognise a definition.

How the topic appears in realistic exam-style scenarios.

Which detail in the question changes the correct answer.

How to eliminate plausible but wrong options.

How to connect the question back to the wider exam objective.

Watch out for

Common Troubleshooting exam traps

  • Answering from memory before reading the full scenario.
  • Missing a constraint such as cost, availability, security, scope or command context.
  • Choosing a broad answer when the question asks for the most specific fix.
  • Ignoring why the wrong options are tempting.

Practice set

Troubleshooting questions

9 questions · select your answer, then reveal the explanation

Question 1hardmultiple choice
Read the full VPN explanation →

A security engineer is troubleshooting a site-to-site IPsec VPN between two firewalls. The tunnel status shows Phase 1 is up but Phase 2 is not. Which of the following is the most likely cause?

In a software-defined network (SDN) architecture, the control plane is separated from the data plane. A network administrator is troubleshooting packet forwarding delays. Which plane is directly responsible for forwarding packets?

Question 3mediummultiple choice
Read the full VPN explanation →

A security engineer is troubleshooting a network where internal users can access internet websites but cannot reach the company's external VPN server (IP 203.0.113.50, UDP port 500). The firewall rule for VPN traffic is correctly configured. What is the most likely cause?

Question 4mediummultiple choice
Read the full Troubleshooting explanation →

A security engineer is troubleshooting an issue where users are unable to access a web application after being authenticated via OAuth 2.0. The users receive a 403 Forbidden error. The application logs show that the access token is valid but does not contain the required scope. What is the most likely cause?

A security engineer is troubleshooting an authentication failure for a Windows domain user. The user receives 'Access denied' when trying to access a file server. The Kerberos ticket-granting ticket was successfully obtained. What is the most likely issue?

Question 6mediummultiple choice
Read the full VPN explanation →

A network engineer is troubleshooting a slow VPN connection between two sites. The link is symmetric 100 Mbps, but throughput tests show only 20 Mbps. The VPN uses AES-256 encryption. What is the most likely cause?

Question 7mediummultiple choice
Read the full VPN explanation →

A network engineer is troubleshooting an IPsec VPN tunnel between two sites. The tunnel is established but no traffic is passing. Which command should the engineer use to verify the phase 2 security associations?

A security analyst is troubleshooting a web application that is incorrectly blocking valid login requests. The WAF rule in the exhibit is the only rule configured. What is the probable issue?

Exhibit

SecRuleEngine On
SecRequestBodyAccess On
SecRule REQUEST_URI "/login" "phase:2,deny,msg:'Login attempt detected'"

Refer to the exhibit. A security analyst observes the audit log entry while troubleshooting a file access issue. The application is running under the myapp_t domain. Which action should the analyst take to resolve the issue while adhering to the principle of least privilege?

Exhibit

// Security-constrained model in SELinux policy
policy_module(myapp, 1.0.0)

type myapp_t;
type myapp_exec_t;
init_daemon_domain(myapp_t, myapp_exec_t)

allow myapp_t self:capability { dac_override };
allow myapp_t self:process { fork };
allow myapp_t myapp_data_t:file { read write create open };

// Audit log snippet
AUDIT: type=AVC msg=audit(1633028000.123:456): avc:  denied  { read } for  pid=1234 comm="myapp" name="shadow" dev="dm-0" ino=789 scontext=system_u:system_r:myapp_t:s0 tcontext=system_u:object_r:shadow_t:s0 tclass=file

Free account

Track your progress over time

Create a free account to save your results and see which topics improve across sessions.

Focused Troubleshooting sessions

Start a Troubleshooting only practice session

Every question in these sessions is drawn from the Troubleshooting domain — nothing else.

Related practice questions

Related CISSP topic practice pages

Move into related areas when this topic feels solid.

Frequently asked questions

What does the CISSP exam test about Troubleshooting?
Troubleshooting questions test whether you can apply the concept in context, not just recognise a definition.
How should I use these practice questions?
Select your answer before revealing the explanation. Then read why each option is right or wrong — this active recall approach builds retention far faster than re-reading notes.
Can I practise just Troubleshooting questions in a focused session?
Yes — the session launcher on this page draws every question from the Troubleshooting domain. Use a 10-question session first to gauge your baseline, then move to 20 or 30 once the weak spots are clear.
Where can I practise other CISSP topics?
Use the topic links above to move to related areas, or go back to the CISSP question bank to see all topics.
Are these real exam questions or dumps?
These are original practice questions written to test the same concepts the CISSP exam covers. They are not copied from any real exam or dump site.