Question Results

Score 1 of 1

Question:

Which of the following is the lowest in the OSI model:

Response:

	Transport
	Physical
	Session
	Data Link
	Network

Score 0 of 1

Question:

Account administration, policies and standards, asset classification and reviews of audit trails are all examples of

Response:

	Technical controls
	Both technical and administrative controls
	Administrative controls
	Physical controls

Score 0 of 1

Question:

Which access control includes audit trails?

Response:

	Technical
	Owner
	Physical
	Administrative
	Organizational

Score 1 of 1

Question:

Which of the following is NOT a RAW authentication protocol?

Response:

	PAP
	EAP
	CHAP
	LDAP

Score 1 of 1

Question:

Match the following terms and definitions

Response:

Match	User answer	Feedback
Intended to discourage a potential attacker	Deterrent
Intended to avoid an incident from happening	Preventive
Fixes component or systems after an incident has occurred	Corrective
Intended to bring the environment back to production levels	Recovery
Identify an incidents activities	Detective
Alternate measures of control	Compensating

Score 1 of 1

Question:

"The strength of the cryptosystem is a function of the keys, not the algorithm" is also known as

Response:

	Diffe-Hillman's Axiom
	Moore's Law
	Rijndael's Challenge
	Kerckhoff's Principle
	Feedback: Auguste Kerckhoff, trying to get the French to clean up their military cryptography back in 1883... seriously kickin' it old school.

Score 0 of 1

Question:

What OSI Layer includes data encryption?

Response:

	Datalink
	Transport
	Application
	Presentation
	Network

Score 0 of 5

Question:

Match the following cryptology tools and technologies

Response:

Match	User answer	Feedback
One-time pads	Electro-mechanical	Still in use in some instances. Recall, one-time pads are the most secure approach
Enigma machine	Mechanical	Electrical lights, mechanical crank/spinwheel
AES, RSA Algorithms	Manual	I know, you wanted to think "digital" but technically, electronic works as well
Cipherdisks	Electronic	Think ceasar's spin wheel here
Single photon emissions	Quantum cryptography	used to provide secure key negotiation. After the test, go google "einstein spooky action" to see what will keep future CISSP's from sleeping at night

Score 1 of 1

Question:

Which access control requires sensitivity labels on all subjects and objects?

Response:

	Discretionary access control
	Manager set control
	Access List Control
	Mandatory access control
	Role-based access control

Score 0 of 1

Question:

Which classification of fuel type are electrical fires given?

Response:

	C
	D
	B
	A

Score 0 of 1

Question:

Which classification of fuel type is a computer given?

Response:

	D
	A
	C
	B

Score 1 of 1

Question:

Which of the following is primarily focused on reducing risk?

Response:

	Preventative
	Corrective
	Recovery
	Detective
	Deterrent

Score 1 of 1

Question:

Clark-Wilson focuses primarily on:

Response:

	Availability
	Accessibility
	Address Integrity
	Authentication
	Confidentialty

Score 1 of 1

Question:

How many levels are there in the latest (June 2013) OSI model?

Response:

	7
	8
	5
	6
	10

Score 1 of 1

Question:

Match the following control types to their purposes

Response:

Match	User answer	Feedback
Reducing Risk	Preventative
Correcting violations and incidents	Preventative	Corrective controls also help improve existing preventative and detective controls
Discouraging violations	Deterrent
Providing alternate ways of accomplishing a task	Compensating
Restoring systems and information	Recovery