Overall Questions (15 random)

You got 11 of 15 possible points.
Your score was: 73 %

Remember, these quizzes test your overall CISSP knowledge but should not be used as CISSP exam prep examples.

Question Results

Score 1 of 1

Question:

Which of the following would be the least useful in attempting to crack a password?

Response:

LophtCrack

Packet sniffing

MAC the Knife

John the Ripper

brute force/dictionary attack

Score 1 of 1

Question:

Which of the following is the lowest in the OSI model:

Response:

Network

Data Link

Application

Transport

Session

Score 0 of 1

Question:

Which OSI layer includes the LLC and MAC sub-layers?

Response:

Data Link

Network

Session

Physical

Transport

Score 1 of 1

Question:

What OSI Layer includes data encryption?

Response:

Application

Network

Datalink

Presentation

Transport

Score 1 of 1

Question:

Which access control requires sensitivity labels on all subjects and objects?

Response:

Role-based access control

Access List Control

Manager set control

Discretionary access control

Mandatory access control

Score 1 of 1

Question:

"The strength of the cryptosystem is a function of the keys, not the algorithm" is also known as

Response:

Kerckhoff's Principle

Feedback:

Auguste Kerckhoff, trying to get the French to clean up their military cryptography back in 1883... seriously kickin' it old school.

Diffe-Hillman's Axiom

Rijndael's Challenge

Moore's Law

Score 1 of 1

Question:

Match the following control types to their purposes

Response:

MatchUser answerFeedback

Reducing Risk

Preventative

correct

Correcting violations and incidents

Detective

Corrective controls also help improve existing preventative and detective controls

correct

Discouraging violations

Preventative

incorrect

Providing alternate ways of accomplishing a task

Compensating

correct

Restoring systems and information

Recovery

correct
Score 0 of 1

Question:

Match the following examples to their definitions

Response:

MatchUser answerFeedback

Unpatched servers

Vulnerability

correct

A virus that relies on unpatched code or OS levels

Threat

correct

The likelihood a threat will be realized, the frequency of natural disasters

Exposure

incorrect

$1M dollars per day downtime

Risk

incorrect

A proxy server

Countermeasure

correct
Score 0 of 1

Question:

Bell-La Padula focuses primarily on:

Response:

Authentication

Accessibility

Data Integrity

Confidentialty

Availability

Score 0 of 1

Question:

Which of the following is NOT a RAW authentication protocol?

Response:

LDAP

CHAP

EAP

PAP

Score 1 of 1

Question:

Which of the following is primarily focused on reducing risk?

Response:

Preventative

Deterrent

Corrective

Recovery

Detective

Score 1 of 1

Question:

Which classification of fuel type is a computer given?

Response:

C

A

B

D

Score 1 of 1

Question:

John's computer access changed with his reassignment to a new department. This is an example of:

Response:

Mandatory access control

Access List Control

Owner set access control

Role-based access control

Need-to-Know control

Score 1 of 1

Question:

Which of the following is primarily focused on identifying alternate solutions to achieve a task?

Response:

Compensating

Corrective

Preventative

Recovery

Detective

Score 1 of 1

Question:

Falsely rejecting an authorized user is:

Response:

FRA or Type IV error

FRR or Type I error

FAR or Type II error

CER or Type III error