Overall Questions (15 random)

You got 9 of 15 possible points.
Your score was: 60 %

Remember, these quizzes test your overall CISSP knowledge but should not be used as CISSP exam prep examples.

Question Results

Score 1 of 1

Question:

Account administration, policies and standards, asset classification and reviews of audit trails are all examples of

Response:

Technical controls

Physical controls

Administrative controls

Both technical and administrative controls
Score 0 of 1

Question:

Which of the following are the three components of the fire triangle?

Response:

Heat/Combustion/Oxygen

Fire/Fuel/Oxygen

Fire/Combustion/Oxygen

Heat/Fuel/Oxygen
Score 0 of 1

Question:

Which classification of fuel type is paper given?

Response:

D

A

B

C
Score 1 of 1

Question:

Match the following terms and definitions

Response:

MatchUser answerFeedback

Intended to discourage a potential attacker

Deterrent

correct

Intended to avoid an incident from happening

Preventive

correct

Fixes component or systems after an incident has occurred

Corrective

correct

Intended to bring the environment back to production levels

Recovery

correct

Identify an incidents activities

Detective

correct

Alternate measures of control

Compensating

correct
Score 1 of 1

Question:

A LAN is

Response:

a Least Access Notification

a Local Area Network

a Local Account Name

a Local Authentication Node

a Linear Applebaum Network diagram
Score 0 of 1

Question:

Determining whether a subject can log into a system is an example of

Response:

Authorization

Authentication

Accountability
Score 1 of 1

Question:

How many levels are there in the latest (June 2013) OSI model?

Response:

10

7

5

8

6
Score 1 of 1

Question:

Owner-set permissions are an example of:

Response:

Clark-Wilson

Discretionary access control

mandatory access control

role-based access control
Score 0 of 1

Question:

In MAC the access policy is set by:

Response:

the owner

the GPO

network ACL

the system

the role
Score 1 of 1

Question:

Match the following key terms

Response:

MatchUser answerFeedback

Availability

Reliable and timely access to data and resources

correct

Confidentiality

Necessary level of secrecy, unauthorized disclosure is prevented

correct

Shoulder surfing

Unauthorized viewing of information (screen peeking)

correct

Social Engineering

Tricking someone into giving sensitive information (to gain unauthorized access)

correct
Score 0 of 1

Question:

Which of the following have the best CER?

Response:

Finger scanning

Iris Scanning

Badge Scanning

Hand scanning
Score 1 of 1

Question:

Which of the following is primarily focused on restoring systems and information?

Response:

Detective

Corrective

Preventative

Recovery

Compensating
Score 1 of 1

Question:

Falsely rejecting an authorized user is:

Response:

FAR or Type II error

FRR or Type I error

FRA or Type IV error

CER or Type III error
Score 1 of 1

Question:

Which of the following is primarily focused on reducing risk?

Response:

Preventative

Recovery

Detective

Corrective

Deterrent
Score 0 of 1

Question:

More key terms from Chapter 2

Response:

MatchUser answerFeedback

Weakness or lack of a countermeasure

Vulnerability

correct

Entity that can exploit a vulnerability

Threat agent

correct

The danger of having a vulnerability exploited

Risk

incorrect

The probability of a threat being realized

Exposure

incorrect

Presence of a vulnerability which exposes the organization

Threat

incorrect