CISSP Asset Security Practice Exam Final File Trabslate Exam Set 1

Most access violations are:


Options are :

  • Caused by external hackers
  • None
  • random (Correct)
  • related Internet
  • Caused by internal hackers

Answer : random

Who is responsible for the clearances users to take advantage of computer-based information is TCSEC B3 level rating?


Options are :

  • responsible for security (Correct)
  • data custodians
  • operators
  • None
  • owners of information

Answer : responsible for security

Attack started a community that is authorized to access the system resources, but uses them in a way not approved by those who issued the document known as (n):


Options are :

  • outside attack.
  • within the attack. (Correct)
  • active attack.
  • None
  • passive attack.

Answer : within the attack.

This is a common security problem, which is very difficult to control large environments. It occurs when the user is more computer rights, permissions and access than what is required for the user's tasks must be completed. Which best describes this scenario?


Options are :

  • excessive Access
  • unfair advantages (Correct)
  • excessive rights
  • excessive rights
  • None

Answer : unfair advantages

CISSP - Mock Questions with all domains

Which of the following tools are less likely to use a hacker?


Options are :

  • tripwire (Correct)
  • John the Ripper
  • L0phtcrack
  • Ophcrack
  • None

Answer : tripwire

Which of the following network attacks can capture users' passwords?


Options are :

  • data diddling
  • IP spoofing
  • smell (Correct)
  • Smurfing
  • None

Answer : smell

Which of the following should NOT be used for operator?


Options are :

  • The implementation of the initial program load
  • overseeing the system
  • The supervising Job Flow
  • data entry (Correct)
  • None

Answer : data entry

Copyright Act ( "original works") protects the owner's right to all of the following except?


Options are :

  • The idea itself
  • None
  • Reproduction idea
  • The display idea (Correct)
  • Public distribution idea

Answer : The display idea

What is meant by legitimate users accessing online services that would normally be restricted to it?


Options are :

  • piggybacking
  • Abuse logo (Correct)
  • spoofing
  • Tap
  • None

Answer : Abuse logo

Which of the following categories hackers biggest threat?


Options are :

  • hackers
  • Student hackers
  • disgruntled employees (Correct)
  • None
  • corporate spies

Answer : disgruntled employees

CISSP - Security and Risk Management Pratice Questions

Which best corresponds to the image data access where, unless the user has specifically given access to certain information they can not get any access by default?


Options are :

  • implied license
  • explicit Deny
  • implicit Deny (Correct)
  • None
  • explicit authorization

Answer : implicit Deny

Which of the following is not appropriate when dealing with re-use of the object?


Options are :

  • Clearing buffered pages, documents, or displays the local memory of the terminal or printer.
  • Degaussing magnetic tapes when they are no longer needed.
  • Erasing the memory blocks before they are allocated to the program or data.
  • None
  • Removes files to disk before the re-use of space. (Correct)

Answer : Removes files to disk before the re-use of space.

What security problem is likely to exist, if the operating system allows the use of objects in a row by multiple users without forcing the refresh objects?


Options are :

  • Data leakage through covert channels.
  • The disclosure of the remaining information.
  • through denial of service attacks deadly embrace (Correct)
  • None
  • Obtaining unauthorized privileged execution mode.

Answer : through denial of service attacks deadly embrace

Which of the following is the biggest factor that makes the Computer Crimes possible?


Options are :

  • System design errors.
  • The secret handling of other information.
  • Cheater getting further training and special skills.
  • None
  • The victim's negligence. (Correct)

Answer : The victim's negligence.

Which of the following should be performed by the operator?


Options are :

  • Changing the profile
  • Installing the operating system (Correct)
  • approving changes
  • None
  • Adding and removing users

Answer : Installing the operating system

Which of the following expresses all the detailed measures that personnel must follow?


Options are :

  • procedures (Correct)
  • guidelines
  • None
  • the basic lines
  • standards

Answer : procedures

Many approaches to Knowledge Discovery Databases (KDD) is used to identify valid and useful data models. This is a developing field of research, which contains a variety of automated analytical solutions, such as the Data Mining. Which of the following has not been done KDD?


Options are :

  • probabilistic
  • Classification
  • None
  • Deviation
  • Oriented (Correct)

Answer : Oriented

Information with respect to the classification of which has the primary responsibility for the information (data) the owner?


Options are :

  • running regular data backups
  • check the data users
  • is determined by data sensitivity or classification level (Correct)
  • None
  • periodically check the validity and accuracy of information

Answer : is determined by data sensitivity or classification level

Discretionary access environments, which of the following entities are authorized to provide access to information to other people?


Options are :

  • None
  • the data owner (Correct)
  • Group leader
  • manager
  • Safety Officer

Answer : the data owner

CISSP - Security Engineering Mock Questions

What has been given responsibility for the maintenance and privacy of the following?


Options are :

  • data guardian (Correct)
  • the data owner
  • None
  • .User
  • security administrator

Answer : data guardian

Which of the following would be the best criterion to consider in determining the classification of information assets?


Options are :

  • useful life
  • Value (Correct)
  • Age
  • None
  • Personal association

Answer : Value

As per the Orange Book, which are the two types of system reliability?


Options are :

  • Operational Assurance and Assurance Architect.
  • The architectural Assurance and Implementation Assurance.
  • Operational Assurance and Life-Cycle Assurance. (Correct)
  • This design assurance system and the implementation Assurance
  • None

Answer : Operational Assurance and Life-Cycle Assurance.

The owner of the system should have confidence that the system behaves according to its requirements. This is referred to as:


Options are :

  • certainty (Correct)
  • integrity
  • None
  • Availability
  • accountability

Answer : certainty

Which is responsible for the safety of the ultimate computer-based information systems in the organization?


Options are :

  • The technical support team
  • None
  • Executive team. (Correct)
  • Training team.
  • The Mission Team.

Answer : Executive team.

What mechanism is used by the system to compare the safety approvals subject and object?


Options are :

  • None
  • Validation module.
  • security module
  • Clearance Check.
  • Reference Monitor. (Correct)

Answer : Reference Monitor.

CISSP - Security Assessment and Testing Mock

According to private sector data classification levels, salary levels and how medical information is classified?


Options are :

  • None
  • Confidential. (Correct)
  • Public
  • Limited.
  • Only for internal use.

Answer : Confidential.

In Mandatory Access Control, sensitivity labels attached to objects include what information?


Options are :

  • transmission class
  • Lots of information need
  • Embryo classification and category set (Correct)
  • Embryo classification and category set
  • None

Answer : Embryo classification and category set

What is the surreptitious data higher to a lower classification Title Rating compartment without going through the official channels of communication?


Options are :

  • None
  • the safety zone
  • object reuse
  • Communication
  • encrypted channel (Correct)

Answer : encrypted channel

What does it mean to say that the sensitivity of the entries are "without"?


Options are :

  • None
  • The number of categories for two different labels are
  • Neither the label contains all the ratings of other
  • Neither the label contains all the other classes. (Correct)
  • Number of ratings of two identifiers are different.

Answer : Neither the label contains all the other classes.

Whose task it is to determine the security classification of information?


Options are :

  • Accountant
  • None
  • Owner (Correct)
  • Security Administrator
  • user

Answer : Owner

Comment / Suggestion Section
Point our Mistakes and Post Your Suggestions

Subscribe to See Videos

Subscribe to my Youtube channel for new videos : Subscribe Now