Overall Questions (15 random)

You got 9 of 19 possible points.
Your score was: 47 %

Remember, these quizzes test your overall CISSP knowledge but should not be used as CISSP exam prep examples.

Question Results

Score 0 of 1

Question:

More key terms from Chapter 2

Response:

MatchUser answerFeedback

Weakness or lack of a countermeasure

Exposure

incorrect

Entity that can exploit a vulnerability

Threat agent

correct

The danger of having a vulnerability exploited

Threat

correct

The probability of a threat being realized

Risk

correct

Presence of a vulnerability which exposes the organization

Vulnerability

incorrect
Score 1 of 1

Question:

Match the following terms and definitions

Response:

MatchUser answerFeedback

Intended to discourage a potential attacker

Deterrent

correct

Intended to avoid an incident from happening

Preventive

correct

Fixes component or systems after an incident has occurred

Corrective

correct

Intended to bring the environment back to production levels

Recovery

correct

Identify an incidents activities

Detective

correct

Alternate measures of control

Compensating

correct
Score 1 of 1

Question:

Work factor is defined as:

Response:

the amount of effort/time required by an administrator to establish a reasonable system security plan

the amount of effort/time required to maintain an established security plan once it has been implemented

the amount of effort/time required by an algorithm to fully encrypt or decrypt a message

the amount of effort/time required by an attacker to overcome a protective measure
Score 1 of 1

Question:

Which of the following packet switched networks is best suited to support fully meshed VPNs?

Response:

SMDS

ATM

MPLS

Frame Relay

SONET
Score 1 of 1

Question:

Encryption, access control mechanisms, access control lists and remote access authentication protocols are all examples of

Response:

Technical controls

Physical Controls

Administrative Controls

Both Technical and Administrative
Score 1 of 1

Question:

Which of the following is primarily focused on restoring systems and information?

Response:

Recovery

Detective

Preventative

Corrective

Compensating
Score 0 of 1

Question:

What OSI Layer includes data compression?

Response:

Application

Presentation

Datalink

Transport

Network
Score 1 of 1

Question:

Which of the following is NOT an example of biometric identification?

Response:

Retinal imagery

Ear shape/pattern

Voice

Hand shape/pattern
Score 0 of 1

Question:

Which of the following is NOT an example of SSO?

Response:

KryptoKnight

LDAP

KErberos

SESAME
Score 0 of 1

Question:

Match the following examples to their definitions

Response:

MatchUser answerFeedback

Unpatched servers

Vulnerability

correct

A virus that relies on unpatched code or OS levels

Threat

correct

The likelihood a threat will be realized, the frequency of natural disasters

Exposure

incorrect

$1M dollars per day downtime

Risk

incorrect

A proxy server

Countermeasure

correct
Score 1 of 1

Question:

Which of the following is the lowest in the OSI model:

Response:

Data Link

Application

Transport

Network

Session
Score 1 of 1

Question:

Match the following key terms

Response:

MatchUser answerFeedback

Availability

Reliable and timely access to data and resources

correct

Confidentiality

Necessary level of secrecy, unauthorized disclosure is prevented

correct

Shoulder surfing

Unauthorized viewing of information (screen peeking)

correct

Social Engineering

Tricking someone into giving sensitive information (to gain unauthorized access)

correct
Score 1 of 1

Question:

What OSI Layer includes data encryption?

Response:

Presentation

Network

Transport

Application

Datalink
Score 0 of 5

Question:

Match the following cryptology tools and technologies

Response:

MatchUser answerFeedback

One-time pads

Manual

Still in use in some instances. Recall, one-time pads are the most secure approach

correct

Enigma machine

Mechanical

Electrical lights, mechanical crank/spinwheel

incorrect

AES, RSA Algorithms

Quantum cryptography

I know, you wanted to think "digital" but technically, electronic works as well

incorrect

Cipherdisks

Manual

Think ceasar's spin wheel here

incorrect

Single photon emissions

Electro-mechanical

used to provide secure key negotiation. After the test, go google "einstein spooky action" to see what will keep future CISSP's from sleeping at night

incorrect
Score 0 of 1

Question:

Which of the following would be the least useful in attempting to crack a password?

Response:

Packet sniffing

MAC the Knife

LophtCrack

John the Ripper

brute force/dictionary attack