Question Results

Score 1 of 1

Question:

Which access control protects the entire system?

Response:

	Operating System Controls/Policies
	Firewalls/IPS
	System Access Controls
	Access Control Lists
	Data Access Controls

Score 1 of 1

Question:

Match the following key terms

Response:

Match	User answer	Feedback
Availability	Reliable and timely access to data and resources
Confidentiality	Necessary level of secrecy, unauthorized disclosure is prevented
Shoulder surfing	Unauthorized viewing of information (screen peeking)
Social Engineering	Tricking someone into giving sensitive information (to gain unauthorized access)

Score 1 of 1

Question:

Clark-Wilson focuses primarily on:

Response:

	Address Integrity
	Accessibility
	Authentication
	Availability
	Confidentialty

Score 0 of 1

Question:

In MAC the access policy is set by:

Response:

	the GPO
	the owner
	the role
	the system
	network ACL

Score 0 of 1

Question:

Match the following examples to their definitions

Response:

Match	User answer	Feedback
Unpatched servers	Threat
A virus that relies on unpatched code or OS levels	Vulnerability
The likelihood a threat will be realized, the frequency of natural disasters	Risk
$1M dollars per day downtime	Exposure
A proxy server	Countermeasure

Score 1 of 1

Question:

Which OSI layer includes the LLC and MAC sub-layers?

Response:

	Physical
	Transport
	Data Link
	Network
	Session

Score 1 of 1

Question:

Which access control includes job rotation?

Response:

	Physical
	Technical
	Administrative
	Organizational

Score 0 of 1

Question:

More key terms from Chapter 2

Response:

Match	User answer	Feedback
Weakness or lack of a countermeasure	Vulnerability
Entity that can exploit a vulnerability	Threat agent
The danger of having a vulnerability exploited	Risk
The probability of a threat being realized	Exposure
Presence of a vulnerability which exposes the organization	Threat

Score 3 of 5

Question:

Match the following cryptology tools and technologies

Response:

Match	User answer	Feedback
One-time pads	Manual	Still in use in some instances. Recall, one-time pads are the most secure approach
Enigma machine	Electro-mechanical	Electrical lights, mechanical crank/spinwheel
AES, RSA Algorithms	Electronic	I know, you wanted to think "digital" but technically, electronic works as well
Cipherdisks	Mechanical	Think ceasar's spin wheel here
Single photon emissions	Electronic	used to provide secure key negotiation. After the test, go google "einstein spooky action" to see what will keep future CISSP's from sleeping at night

Score 0 of 1

Question:

Biometric authentication is most often hampered by:

Response:

	Cost to implement
	User acceptance
	Initial Registration
	Rings/Weight change

Score 1 of 1

Question:

Which access control includes asset classification?

Response:

	Administrative
	Organizational
	Technical
	Physical
	Owner

Score 1 of 1

Question:

Which access control includes training?

Response:

	Organizational
	Administrative
	Physical
	Technical

Score 1 of 1

Question:

Which access control includes cameras?

Response:

	Physical
	Visual
	Technical
	Administrative
	Organizational

Score 0 of 1

Question:

Which of the following is NOT an example of biometric identification?

Response:

	Ear shape/pattern
	Voice
	Retinal imagery
	Hand shape/pattern

Score 0 of 1

Question:

Which of the following packet switched networks is best suited to support fully meshed VPNs?

Response:

	ATM
	Frame Relay
	SMDS
	MPLS
	SONET