CISSP Study Quiz 2 assesses knowledge on key cybersecurity concepts including biometric systems, access control models, and authentication mechanisms. It prepares learners for CISSP certification, focusing on practical security solutions and attack prevention.
The item's classification
The item's classification and category set
The item's category
The item's need to know
Rate this question:
It utilizes public key cryptography
It encrypts data after a ticket is granted, but passwords are exchanged in plain text.
It depends upon symmetric ciphers
It is a second party authentication system
Rate this question:
Mechanisms based on IP addresses
Mechanism with reusable passwords
One-time password mechanism
Challenge response mechanism
Rate this question:
Plan for implementing workstation locking mechanisms
Plan for protecting the modem pool
Plan for providing the user with his account usage information
Plan for considering proper authentication options
Rate this question:
Tunneling attack
Playback (replay attack)
Destructive attack
Process attack
Rate this question:
System Administrator
Data Custodian
Security Manager
Data Owner
Rate this question:
Diffie and Hellman
Clark and Wilson
Bell and LaPadula
Gasser and Lipner
Rate this question:
Variable callback system
Synchronous token
Fixed callback system
Combination of callback and caller ID
Rate this question:
Public keys
Private keys
Public-key certificates
Private-key certificates
Rate this question:
Data controller
Data handler
Data owner
Data processor
Rate this question:
Custodian
Data owner
Mission owner
System owner
Rate this question:
Bit-level overwrite
Degaussing
Destruction
Shredding
Rate this question:
DRAM
EPROM
SRAM
SSD
Rate this question:
DRAM
EPROM
SRAM
SSD
Rate this question:
$20,000
40%
7
$10,000
Rate this question:
$20,000
$8000
$84,000
$56,000
Rate this question:
Yes, it will pay for itself
Yes, $10,000 is less than the $56,000 ALE
No, the annual TCO is higher than the ALE
No, the annual TCO is lower than the ALE
Rate this question:
Protect society, the commonwealth, and the infrastructure
Advance and protect the profession
Act honorably, honestly, justly, responsibly, and legally
Provide diligent and competent service to principals
Rate this question:
Readme.txt file
Database table
Running login process
Authenticated user
1099 Tax Form
Rate this question:
The sender encrypts the hash with a public key
The sender encrypts the hash with a private key
The sender encrypts the plaintext with a public key
The sender encrypts the plaintext with a private key
Rate this question:
IaaS
IDaaS
PaaS
SaaS
Rate this question:
Aggregation
Emanations
Inference
Maintenance Hook
Rate this question:
Confidentiality
Integrity
Availability
Authentication
Rate this question:
MAC address
Symmetric key
Private key
Public key
Rate this question:
EAP-TLS
EAP-TTLS
LEAP
PEAP
Rate this question:
Packet filter
Stateful firewall
Circuit-level proxy firewall
Application-layer proxy firewall
Rate this question:
CIDR
NAT
Translation
Tunneling
Rate this question:
Content-dependent access control
Context-dependent access control
Role-based access control
Task-based access control
Rate this question:
IaaS
IDaas
PaaS
SaaS
Rate this question:
Kerberos
OpenID
SAML
SESAME
Rate this question:
CHAP
LDAP
PAP
RADIUS
Rate this question:
Decrease the amount of minutiae that is verified
Increase the amount of minutiae that is verified
Lengthen the enrollment time
Lower the throughput time
Rate this question:
Integration testing
Installation testing
Acceptance testing
Unit testing
Rate this question:
Combinatorial software testing
Dynamic testing
Misuse case testing
Static testing
Rate this question:
Instruct the penetration testing team to conduct a thorough vulnerability assessment of the server containing financial data.
Instruct the penetration testing team to download financial data, redact it, and report accordingly.
Instruct the penetration testing team that they may only download financial data via an encrypted and authenticated channel.
Place a harmless “flag” file in the same location as the financial data, and inform the penetration testing team to download the flag.
Rate this question:
Secure compiler warnings
Fuzzing
Static testing
White-box testing
Rate this question:
Attempt to contain and eradicate the malicious activity
Continue the test
Quietly end the test, immediately call the operational IT contact, and escalate the issue
Shut the server down
Rate this question:
Business Continuity Plan (BCP)
Business Resumption Plan (BRP)
Continuity of Operations Plan (COOP)
Occupant Emergency Plan (OEP)
Rate this question:
Minimum Operating Requirements (MOR)
Mean Time Between Failures (MTBF)
Mean Time to Repair (MTTR)
Recovery Point Objective (RPO)
Rate this question:
Mean Time Between Failures (MTBF)
The Mean Time to Repair (MTTR)
Recovery Point Objective (RPO)
Recovery Time Objective (RTO)
Rate this question:
Recovery Point Objective (RPO) and Work Recovery Time (WRT)
Recovery Point Objective (RPO) and Mean Time to Repair (MTTR)
Recovery Time Objective (RTO) and Work Recovery Time (WRT)
Recovery Time Objective (RTO) and Mean Time to Repair (MTTR)
Rate this question:
RAID 1
RAID 5
RAID 0
RAID 3
Rate this question:
DevOps
Sashimi
Spiral
Waterfall
Rate this question:
Delegation
Inheritance
Polyinstantiation
Polymorphism
Rate this question:
Acceptance testing
Integration testing
Regression testing
Unit testing
Rate this question:
Entity integrity
Normalization
Referential Integrity
Semantic Integrity
Rate this question:
Cross-site request forgery (CSRF)
Cross-site scripting (XSS)
PHP remote file inclusion (RFI)
SQL injection
Rate this question:
Deterrent
Preventative
Corrective
Recovery
Rate this question:
Quiz Review Timeline (Updated): Mar 21, 2023 +
Our quizzes are rigorously reviewed, monitored and continuously updated by our expert board to maintain accuracy, relevance, and timeliness.
Wait!
Here's an interesting quiz for you.