Trivia Quiz On CISSP Exam!

Approved & Edited by ProProfs Editorial Team
The editorial team at ProProfs Quizzes consists of a select group of subject experts, trivia writers, and quiz masters who have authored over 10,000 quizzes taken by more than 100 million users. This team includes our in-house seasoned quiz moderators and subject matter experts. Our editorial experts, spread across the world, are rigorously trained using our comprehensive guidelines to ensure that you receive the highest quality quizzes.
Learn about Our Editorial Process
| By Daniel
D
Daniel
Community Contributor
Quizzes Created: 1 | Total Attempts: 189
Questions: 29 | Attempts: 189

SettingsSettingsSettings
CISSP Quizzes & Trivia

Questions and Answers
  • 1. 

    What type of federal government computing system requires that all individuals accessing the system have a need to know all of the information processed by that system?

    • A.

      Dedicated

    • B.

      System High

    • C.

      Compartmented

    • D.

      Multilevel

    Correct Answer
    A. Dedicated
    Explanation
    A dedicated federal government computing system requires that all individuals accessing the system have a need to know all of the information processed by that system. This means that only authorized personnel who require access to specific information are allowed to use the system. This ensures that sensitive information is protected and only accessible to those who have a legitimate need for it.

    Rate this question:

  • 2. 

    In which of the following security modes can you be assured that all users have access permissions for all information processed by the system but will not necessarily need to know of all that information?

    • A.

      Dedicated

    • B.

      System high

    • C.

      Compartmented

    • D.

      Multilevel

    Correct Answer
    B. System high
    Explanation
    System high security mode ensures that all users have access permissions for all information processed by the system. However, it does not require users to know about all the information. This means that while users can access and process all the information, they may not necessarily be aware of the details or have a need-to-know basis for certain information. System high security mode provides a balance between access and confidentiality, allowing users to perform their tasks without unnecessary exposure to sensitive information.

    Rate this question:

  • 3. 

    In what security mode must each user have the access approval and valid need to know for all information processed by a system?

    • A.

      Dedicated

    • B.

      System high

    • C.

      Compartmented

    • D.

      Multilevel

    Correct Answer
    C. Compartmented
    Explanation
    In a compartmented security mode, each user must have access approval and a valid need to know for all information processed by a system. This means that users are only granted access to specific compartments or categories of information that are relevant to their job duties and responsibilities. This ensures that sensitive information is only accessible to those who have a legitimate need for it, minimizing the risk of unauthorized disclosure or misuse of information.

    Rate this question:

  • 4. 

    Which one of the following security modes does NOT require that all users have a security clearance for the highest level of information processed by the system?

    • A.

      Dedicated

    • B.

      System high

    • C.

      Compartmented

    • D.

      Multilevel

    Correct Answer
    D. Multilevel
    Explanation
    Multilevel security mode does not require that all users have a security clearance for the highest level of information processed by the system. In multilevel security, users are granted access to different levels of information based on their security clearances. This means that users with lower security clearances can access information at their clearance level or below, but not at higher levels. In contrast, dedicated, system high, and compartmented security modes all require that all users have a security clearance for the highest level of information processed by the system.

    Rate this question:

  • 5. 

    Which security mode provides the most granular control over resources and users?

    • A.

      Dedicated

    • B.

      System high

    • C.

      Compartmented

    • D.

      Multilevel

    Correct Answer
    B. System high
    Explanation
    System high security mode provides the most granular control over resources and users. This mode ensures that the system is protected at a high level by implementing strict access controls and restrictions. It allows for the classification and compartmentalization of data, ensuring that only authorized users have access to specific resources. System high security mode is designed to prevent unauthorized access and protect sensitive information, making it the most comprehensive and granular security mode available.

    Rate this question:

  • 6. 

    What security mode allows systems to process information at more than one level of security even when all users do not have appropriate clearances?

    • A.

      Dedicated

    • B.

      System high

    • C.

      Compartmented

    • D.

      Multilevel

    Correct Answer
    D. Multilevel
    Explanation
    Multilevel security mode allows systems to process information at more than one level of security even when all users do not have appropriate clearances. In this mode, different levels of security are assigned to different users, and the system ensures that each user can only access information that is within their clearance level. This allows for the simultaneous processing of information at different security levels, increasing efficiency and flexibility in handling sensitive data.

    Rate this question:

  • 7. 

    On a much smaller scale, _____________ is deployed to repair or restore capability, functionality, or resources following a violation of security policy.

    • A.

      Recovery access control

    • B.

      Corrective access control

    • C.

      Detective access control

    • D.

      Compensation access control

    Correct Answer
    A. Recovery access control
    Explanation
    Recovery access control is deployed to repair or restore capability, functionality, or resources following a violation of security policy. This type of access control is used to regain control over the affected system or network, recover any lost or compromised data, and restore the system's normal operations. It involves implementing measures such as backup and restore procedures, system patches and updates, and incident response plans to mitigate the impact of security incidents and ensure a quick recovery.

    Rate this question:

  • 8. 

    Once a system is compromised, _____________ is deployed to restore it to its previous known good state.

    • A.

      Compensation access control

    • B.

      Recovery access control

    • C.

      Restoration access control

    • D.

      Corrective access control

    Correct Answer
    D. Corrective access control
    Explanation
    Corrective access control is deployed to restore a compromised system to its previous known good state. This type of access control involves identifying and rectifying any vulnerabilities or weaknesses that allowed the system to be compromised in the first place. It may involve actions such as removing malware, patching software, and implementing stronger security measures to prevent future attacks. By implementing corrective access control, the system can be restored to its previous secure state and protect against further compromises.

    Rate this question:

  • 9. 

    What procedure returns business facilities and environments to a working state?

    • A.

      Reparation

    • B.

      Restoration

    • C.

      Respiration

    • D.

      Recovery

    Correct Answer
    B. Restoration
    Explanation
    Restoration is the correct answer because it refers to the process of returning business facilities and environments to a working state. This involves repairing and recovering any damages or disruptions that may have occurred. Respiration is unrelated to the context of the question, and reparation and recovery may be similar concepts but do not specifically address the restoration of business facilities and environments.

    Rate this question:

  • 10. 

    What procedure returns business operations and processes to a working state?

    • A.

      Recovery

    • B.

      Restoration

    • C.

      Reparation

    • D.

      Respiration

    Correct Answer
    A. Recovery
    Explanation
    Recovery is the procedure that returns business operations and processes to a working state after a disruption or failure. It involves restoring systems, data, and infrastructure to their normal functioning, ensuring that the business can resume its operations and minimize any potential losses or damages.

    Rate this question:

  • 11. 

    What is the practice of establishing emergency-response actions following a business related disaster?

    • A.

      Mutual assistance agreements

    • B.

      Business continuity planning

    • C.

      Software escrow

    • D.

      Disaster recovery planning

    Correct Answer
    D. Disaster recovery planning
    Explanation
    Disaster recovery planning refers to the practice of establishing emergency-response actions following a business-related disaster. This involves creating a detailed plan that outlines the steps and procedures to be followed in order to recover and restore business operations after a disaster. It includes measures such as data backup, system recovery, and alternative work arrangements to minimize the impact of the disaster on the business.

    Rate this question:

  • 12. 

    What is the preventative practice of establishing and planning for business related threats and risks?

    • A.

      Disaster recovery planning

    • B.

      Business continuity planning

    • C.

      Mutual assistance agreements

    • D.

      Software Escrow

    Correct Answer
    B. Business continuity planning
    Explanation
    Business continuity planning is the preventative practice of establishing and planning for business-related threats and risks. It involves creating strategies and procedures to ensure that essential business functions can continue during and after a disruption. This includes identifying potential risks, developing response plans, and implementing measures to minimize the impact of a disaster. Business continuity planning aims to protect the organization's reputation, minimize financial losses, and ensure the safety of employees and customers. It is an essential practice for organizations to maintain their operations and recover quickly from any potential disruptions.

    Rate this question:

  • 13. 

    What action usually closes the identification phase of incident response?

    • A.

      Publishing an incident report

    • B.

      Gathering evidence of the incident

    • C.

      Notifying the incident response team

    • D.

      Isolating compromised systems

    Correct Answer
    C. Notifying the incident response team
    Explanation
    The action that usually closes the identification phase of incident response is notifying the incident response team. This means that once the incident has been identified and confirmed, the next step is to inform the incident response team so that they can begin their investigation and take appropriate actions to mitigate the incident. This notification allows the incident response team to start their work and move forward with the incident response process.

    Rate this question:

  • 14. 

    What type of information is not normally included in the risk acceptance/mitigation portion of the BCP.

    • A.

      Reasons for accepting risks

    • B.

      Potential future events that might warrant reconsideration of the decision

    • C.

      Identification of insurance policies that apply to a given risks

    Correct Answer
    C. Identification of insurance policies that apply to a given risks
    Explanation
    The risk acceptance/mitigation portion of the BCP typically focuses on identifying and evaluating risks, developing strategies to mitigate them, and determining whether to accept or transfer the risks. It does not typically include the identification of insurance policies that apply to specific risks. This information is usually part of the risk transfer process, which involves purchasing insurance coverage to transfer the financial impact of certain risks to an insurance company.

    Rate this question:

  • 15. 

    Which of the following elements is not necessary in the BCP documentation?

    • A.

      Risk Acceptance details

    • B.

      Emergency Response guidelines

    • C.

      Risk assessment

    • D.

      Mobile Site plan

    Correct Answer
    D. Mobile Site plan
    Explanation
    The Mobile Site plan is not necessary in the BCP documentation because it is not directly related to the business continuity planning process. The BCP documentation primarily focuses on identifying and assessing risks, developing strategies for risk mitigation, and establishing guidelines for emergency response. The Mobile Site plan, on the other hand, is specific to the organization's mobile infrastructure and is not directly related to the overall business continuity planning process.

    Rate this question:

  • 16. 

    In what type of addressing scheme is the data actually supplied to the CPU as an argument?

    • A.

      Direct addressing

    • B.

      Immediate addressing

    • C.

      Base+offset addressing

    • D.

      Indirect addressing

    Correct Answer
    B. Immediate addressing
    Explanation
    Immediate addressing is a type of addressing scheme where the data is directly supplied to the CPU as an argument. In this scheme, the operand is specified as a part of the instruction itself, rather than referring to a memory location or register. This allows for quick access to the data, as it is readily available within the instruction. Immediate addressing is commonly used for operations that involve constants or literal values.

    Rate this question:

  • 17. 

    What type of addressing scheme supplies the CPU with a location that contains the memory address of the actual operand?

    • A.

      Direct addressing

    • B.

      Immediate addressing

    • C.

      Base+offset addressing

    • D.

      Indirect addressing

    Correct Answer
    D. Indirect addressing
    Explanation
    Indirect addressing is a type of addressing scheme where the CPU is supplied with a location that contains the memory address of the actual operand. In this scheme, the memory address of the operand is stored in a register or memory location, and the CPU retrieves the actual operand from that memory address. This allows for flexibility and dynamic memory access, as the memory address can be changed during program execution.

    Rate this question:

  • 18. 

    In what type of addressing scheme is the actual address of the memory location provided to the CPU?

    • A.

      Direct addressing

    • B.

      Immediate addressing

    • C.

      Base+offset addressing

    • D.

      Indirect addressing

    Correct Answer
    A. Direct addressing
    Explanation
    Direct addressing is a type of addressing scheme where the actual address of the memory location is provided directly to the CPU. In direct addressing, the instruction contains the memory address where the data is stored or retrieved. The CPU can directly access the memory location specified in the instruction without any additional calculations or transformations. This addressing scheme is simple and efficient as it eliminates the need for any intermediate steps or calculations, allowing for faster data access and processing.

    Rate this question:

  • 19. 

    In what type of addressing scheme uses a value stored in one of the CPU’s registers as the base location to start counting?

    • A.

      Direct addressing

    • B.

      Immediate addressing

    • C.

      Base+offset addressing

    • D.

      Indirect addressing

    Correct Answer
    C. Base+offset addressing
    Explanation
    Base+offset addressing is a type of addressing scheme that uses a value stored in one of the CPU's registers as the base location to start counting. In this scheme, the offset is added to the base address to calculate the memory address of the operand. It allows for efficient and flexible memory access, as it enables the programmer to access memory locations relative to a base address. This is particularly useful when working with arrays or data structures where elements are stored in consecutive memory locations.

    Rate this question:

  • 20. 

    Which one of the following is not a component of the DevOps model?

    • A.

      Information security

    • B.

      Software development

    • C.

      Quality assurance

    • D.

      IT operations

    Correct Answer
    A. Information security
    Explanation
    The DevOps model focuses on integrating software development, quality assurance, and IT operations to improve collaboration and efficiency. Information security, although an important aspect of any software development process, is not specifically mentioned as a component of the DevOps model. However, it is important to note that information security should still be considered and integrated into the DevOps practices to ensure the overall security and protection of the software and systems.

    Rate this question:

  • 21. 

    Used to manipulate line voltages to steal long-distance services.

    • A.

      Black Box

    • B.

      White Box

    • C.

      Blue Box

    • D.

      Red Box

    Correct Answer
    A. Black Box
    Explanation
    A black box is a device that is used to manipulate line voltages in order to steal long-distance services. This means that it can be used to bypass the normal billing systems and make unauthorized long-distance calls without paying for them. The term "black box" is often used to refer to any device or technique used for illegal or unauthorized activities, and in this context, it specifically refers to the device used for stealing long-distance services.

    Rate this question:

  • 22. 

    Used to simulate tones of coins being deposited into a pay phone.

    • A.

      Black Box

    • B.

      White Box

    • C.

      Blue Box

    • D.

      Red Box

    Correct Answer
    D. Red Box
    Explanation
    The term "Red Box" refers to a device that is used to simulate the sound of coins being deposited into a pay phone. This device was commonly used by phone phreakers to make free phone calls by tricking the pay phone into thinking that coins were being inserted. The red color of the box is likely just a descriptive name, as these devices could come in various colors.

    Rate this question:

  • 23. 

    Used to simulate 2600 Hz tones to interact directly with telephone networktrunk systems.

    • A.

      Black Box

    • B.

      White Box

    • C.

      Blue Box

    • D.

      Red Box

    Correct Answer
    C. Blue Box
    Explanation
    A blue box is a device used to simulate 2600 Hz tones, which allows users to interact directly with telephone network trunk systems. This device was commonly used by hackers and phreakers in the past to exploit vulnerabilities in the phone system. The blue box could generate the specific tones needed to manipulate the phone network and gain unauthorized access to various services.

    Rate this question:

  • 24. 

    Used to control the phone system.  A dual-tone multifrequency (DTMF) generator (that is, a keypad)

    • A.

      Black Box

    • B.

      White Box

    • C.

      Blue Box

    • D.

      Red Box

    Correct Answer
    B. White Box
    Explanation
    A white box is a term used to describe a device or system that is fully accessible and controllable by the user. In the context of the given question, a white box would refer to a device that is used to control the phone system. This device, also known as a dual-tone multifrequency (DTMF) generator or keypad, allows the user to input specific tones or frequencies to interact with the phone system. The white box represents a transparent and open system that can be easily manipulated and controlled by the user.

    Rate this question:

  • 25. 

    First generation languages.

    • A.

      All Machine Languages

    • B.

      All Assembly Languages

    • C.

      All Complied Languages (C++, Java)

    • D.

      Attempt to approximate natural languages, including SQL, used by databases

    • E.

      Allows programmers to create code using visual interfaces

    Correct Answer
    A. All Machine Languages
    Explanation
    All machine languages refer to the first generation of programming languages. These languages are directly understood by the computer's hardware and are represented by binary code consisting of 0s and 1s. They are low-level languages and provide the most direct control over the computer's hardware. Programmers had to write instructions in machine language to perform any task. As technology advanced, higher-level languages were developed to make programming easier and more efficient. Therefore, the answer "All Machine Languages" is correct as it includes all the programming languages of the first generation.

    Rate this question:

  • 26. 

    Second generation language.

    • A.

      All Machine Languages

    • B.

      All Assembly Languages

    • C.

      All Complied Languages (C++, Java)

    • D.

      Attempt to approximate natural languages, including SQL, used by databases

    • E.

      Allows programmers to create code using visual interfaces

    Correct Answer
    B. All Assembly Languages
    Explanation
    All Assembly Languages refers to the second generation language. Assembly language is a low-level programming language that is specific to a particular computer architecture. It uses mnemonic codes and symbols to represent the machine language instructions. Assembly languages are considered second generation languages as they are closer to the machine language and provide more control over the hardware. Assembly languages are specific to each computer architecture and are not portable across different systems.

    Rate this question:

  • 27. 

    Third generation language.

    • A.

      All Machine Languages

    • B.

      All Assembly Languages

    • C.

      All Complied Languages (C++, Java)

    • D.

      Attempt to approximate natural languages, including SQL, used by databases

    • E.

      Allows programmers to create code using visual interfaces

    Correct Answer
    C. All Complied Languages (C++, Java)
    Explanation
    The given answer is "All Complied Languages (C++, Java)". This is because compiled languages like C++ and Java are considered third-generation languages. These languages require the source code to be compiled into machine code before execution. They provide a higher level of abstraction compared to assembly languages and machine languages, making them easier to read and write. Additionally, these languages offer features like object-oriented programming and memory management, which further simplify the development process.

    Rate this question:

  • 28. 

    Fourth generation language.

    • A.

      All Machine Languages

    • B.

      All Assembly Languages

    • C.

      All Complied Languages (C++, Java)

    • D.

      Attempt to approximate natural languages, including SQL, used by databases

    • E.

      Allows programmers to create code using visual interfaces

    Correct Answer
    D. Attempt to approximate natural languages, including SQL, used by databases
    Explanation
    Fourth generation languages (4GLs) are programming languages that are designed to be closer to natural languages, such as English, in order to make programming easier for non-technical users. These languages attempt to approximate natural languages, including SQL, which is commonly used for querying and manipulating databases. By using 4GLs, programmers can write code that is more intuitive and resembles human language, making it easier to understand and use. This can be particularly useful in database management systems, where SQL is commonly used to interact with the database.

    Rate this question:

  • 29. 

    Fifth generation language.

    • A.

      All Machine Languages

    • B.

      All Assembly Languages

    • C.

      All Complied Languages (C++, Java)

    • D.

      Attempt to approximate natural languages, including SQL, used by databases

    • E.

      Allows programmers to create code using visual interfaces

    Correct Answer
    E. Allows programmers to create code using visual interfaces
    Explanation
    The fifth generation language allows programmers to create code using visual interfaces. This means that instead of writing lines of code manually, programmers can use visual tools and drag-and-drop elements to create their programs. This makes programming more accessible to non-technical users and simplifies the development process.

    Rate this question:

Quiz Review Timeline +

Our quizzes are rigorously reviewed, monitored and continuously updated by our expert board to maintain accuracy, relevance, and timeliness.

  • Current Version
  • Mar 20, 2023
    Quiz Edited by
    ProProfs Editorial Team
  • May 29, 2017
    Quiz Created by
    Daniel
Back to Top Back to top
Advertisement
×

Wait!
Here's an interesting quiz for you.

We have other quizzes matching your interest.