Overall Questions (15 random)

You got 8 of 15 possible points.
Your score was: 53 %

Remember, these quizzes test your overall CISSP knowledge but should not be used as CISSP exam prep examples.

Question Results

Score 1 of 1

Question:

Which of the following is the lowest in the OSI model:

Response:

Transport

Application

Data Link

Session

Network

Score 0 of 1

Question:

What OSI Layer includes data compression?

Response:

Transport

Datalink

Presentation

Network

Application

Score 1 of 1

Question:

Which access control includes job rotation?

Response:

Administrative

Technical

Organizational

Physical

Score 1 of 1

Question:

Determining whether a subject can log into a system is an example of

Response:

Authentication

Accountability

Authorization

Score 1 of 1

Question:

Owner-set permissions are an example of:

Response:

Clark-Wilson

mandatory access control

role-based access control

Discretionary access control

Score 1 of 1

Question:

"The strength of the cryptosystem is a function of the keys, not the algorithm" is also known as

Response:

Rijndael's Challenge

Diffe-Hillman's Axiom

Moore's Law

Kerckhoff's Principle

Feedback:

Auguste Kerckhoff, trying to get the French to clean up their military cryptography back in 1883... seriously kickin' it old school.

Score 0 of 1

Question:

Which of the following packet switched networks uses HDLC?

Response:

SMDS

Frame Relay

MPLS

ATM

SONET

Score 1 of 1

Question:

Work factor is defined as:

Response:

the amount of effort/time required by an attacker to overcome a protective measure

the amount of effort/time required to maintain an established security plan once it has been implemented

the amount of effort/time required by an algorithm to fully encrypt or decrypt a message

the amount of effort/time required by an administrator to establish a reasonable system security plan

Score 0 of 1

Question:

More key terms from Chapter 2

Response:

MatchUser answerFeedback

Weakness or lack of a countermeasure

Vulnerability

correct

Entity that can exploit a vulnerability

Threat agent

correct

The danger of having a vulnerability exploited

Risk

incorrect

The probability of a threat being realized

Risk

correct

Presence of a vulnerability which exposes the organization

Vulnerability

incorrect
Score 0 of 1

Question:

Which of the following would be the least useful in attempting to crack a password?

Response:

John the Ripper

Packet sniffing

LophtCrack

MAC the Knife

brute force/dictionary attack

Score 0 of 1

Question:

Which classification of fuel type is paper given?

Response:

A

B

D

C

Score 0 of 1

Question:

Match the following examples to their definitions

Response:

MatchUser answerFeedback

Unpatched servers

Vulnerability

correct

A virus that relies on unpatched code or OS levels

Exposure

incorrect

The likelihood a threat will be realized, the frequency of natural disasters

Risk

correct

$1M dollars per day downtime

Risk

incorrect

A proxy server

Countermeasure

correct
Score 1 of 1

Question:

Match the following terms and definitions

Response:

MatchUser answerFeedback

Intended to discourage a potential attacker

Deterrent

correct

Intended to avoid an incident from happening

Preventive

correct

Fixes component or systems after an incident has occurred

Corrective

correct

Intended to bring the environment back to production levels

Recovery

correct

Identify an incidents activities

Detective

correct

Alternate measures of control

Compensating

correct
Score 1 of 1

Question:

Which of the following is immediately above the Transport Layer in the OSI model:

Response:

Network

Datalink

Presentation

Session

Score 0 of 1

Question:

Which classification of fuel type is gasoline given?

Response:

D

B

C

A