CISSP Security Engineering Certification Practical Exam Set 1

The "vulnerability of a facility" to damage or attack may be assessed by all of the following EXCEPT:


Options are :

  • History of losses
  • Security controls
  • security budget (Correct)
  • Inspection

Answer : security budget

CISSP - Software Development Security Mock Questions

Which of the following is currently the most recommended water system for a computer room?


Options are :

  • wet pipe
  • dry pipe
  • deluge
  • preaction (Correct)

Answer : preaction

Which of the following is not a physical control for physical security?


Options are :

  • fences
  • lighting
  • training (Correct)
  • facility construction materials

Answer : training

Which of the following is NOT a precaution you can take to reduce static electricity?


Options are :

  • power line conditioning (Correct)
  • anti-static sprays
  • anti-static flooring
  • maintain proper humidity levels

Answer : power line conditioning

CISSP - Mock Questions with all domains

Which of the following is electromagnetic interference (EMI) that is noise from the radiation generated by the difference between the hot and ground wires?


Options are :

  • traverse-mode noise
  • transversal-mode noise
  • crossover-mode noise
  • common-mode noise (Correct)

Answer : common-mode noise

Which security model ensures that actions that take place at a higher security level do not affect actions that take place at a lower level?


Options are :

  • The information flow model
  • The Clark-Wilson model
  • The noninterference model (Correct)
  • The Bell-LaPadula model

Answer : The noninterference model

Which Orange book security rating introduces the object reuse protection?


Options are :

  • C2 (Correct)
  • C1
  • B1
  • B2

Answer : C2

CISSP - Security and Risk Management Pratice Questions

Which of the following is not classified as "Security and Audit Frameworks and Methodologies"?


Options are :

  • Control Objectives for Information and related Technology (COBIT)
  • Bell LaPadula (Correct)
  • IT Infrastructure Library (ITIL)
  • Committee of Sponsoring Organizations of the Treadway Commission (COSO)

Answer : Bell LaPadula

What does the Clark-Wilson security model focus on?


Options are :

  • Availability
  • Integrity (Correct)
  • Confidentiality
  • Accountability

Answer : Integrity

In which of the following phases of system development life cycle (SDLC) is contingency planning most important?


Options are :

  • Implementation
  • Operation/maintenance
  • Development/acquisition
  • Initiation (Correct)

Answer : Initiation

CISSP - Software Development Security Mock Questions

Who developed one of the first mathematical models of a multilevel-security computer system?


Options are :

  • Gasser and Lipner.
  • Bell and LaPadula. (Correct)
  • Clark and Wilson.
  • Diffie and Hellman.

Answer : Bell and LaPadula.

What does the simple integrity axiom mean in the Biba model?


Options are :

  • No read up
  • No write up
  • No write down
  • No read down (Correct)

Answer : No read down

At which of the basic phases of the System Development Life Cycle are security requirements formalized?


Options are :

  • Disposal
  • Development and Implementation
  • System Design Specifications
  • Functional Requirements Definition (Correct)

Answer : Functional Requirements Definition

CISSP - Software Development Security Mock Questions

What are the four basic elements of Fire?


Options are :

  • Heat, Fuel, CO2, and Chain Reaction
  • Heat, Fuel, Oxygen, and Chain Reaction (Correct)
  • Heat, Wood, Oxygen, and Chain Reaction
  • Flame, Fuel, Oxygen, and Chain Reaction

Answer : Heat, Fuel, Oxygen, and Chain Reaction

Which of the following is true about a "dry pipe" sprinkler system?


Options are :

  • It is a substitute for carbon dioxide systems.
  • It uses less water than "wet pipe" systems.
  • It maximizes chances of accidental discharge of water.
  • It reduces the likelihood of the sprinkler system pipes freezing. (Correct)

Answer : It reduces the likelihood of the sprinkler system pipes freezing.

What is the main focus of the Bell-LaPadula security model?


Options are :

  • Confidentiality (Correct)
  • Integrity
  • Availability
  • Accountability

Answer : Confidentiality

CISSP Communication and Network Security Practice Exam Set 7

Which of the following fire extinguishing systems incorporating a detection system is currently the most recommended water system for a computer room?


Options are :

  • Deluge
  • Wet pipe
  • Dry pipe
  • Preaction (Correct)

Answer : Preaction

According to the Orange Book, which security level is the first to require a system to protect against covert timing channels?


Options are :

  • A1
  • B3 (Correct)
  • B1
  • B2

Answer : B3

What is the minimum static charge able to cause disk drive data loss?


Options are :

  • 550 volts
  • 1500 volts (Correct)
  • 2000 volts
  • 1000 volts

Answer : 1500 volts

CISSP Security Assessment Testing Security Operations Exam Set 3

Which of the following is NOT a basic component of security architecture?


Options are :

  • Motherboard (Correct)
  • Storage Devices
  • Peripherals (input/output devices)
  • Central Processing Unit (CPU)

Answer : Motherboard

Which of the following is not an EPA-approved replacement for Halon?


Options are :

  • Bromine (Correct)
  • Inergen
  • FM-200
  • FE-13

Answer : Bromine

Which of the following would MOST likely ensure that a system development project meets business objectives?


Options are :

  • Development of a project plan identifying all development activities
  • Development and tests are run by different individuals
  • Development of a project plan identifying all development activities
  • User involvement in system specification and acceptance (Correct)

Answer : User involvement in system specification and acceptance

CISSP Communication and Network Security Practice Exam Set 3

The Information Technology Security Evaluation Criteria (ITSEC) was written to address which of the following that the Orange Book did not address?


Options are :

  • confidentiality and availability
  • integrity and confidentiality
  • integrity and availability (Correct)
  • none of the above

Answer : integrity and availability

Which of the following statements relating to the Bell-LaPadula security model is FALSE (assuming the Strong Star property is not being used)?


Options are :

  • The *- property restriction can be escaped by temporarily downgrading a high level subject.
  • A subject is not allowed to read up.
  • It is restricted to confidentiality
  • A subject is not allowed to read down. (Correct)

Answer : A subject is not allowed to read down.

Which of the following phases of a system development life-cycle is most concerned with establishing a good security policy as the foundation for design?


Options are :

  • Implementation
  • Initiation (Correct)
  • Development/acquisition
  • Maintenance

Answer : Initiation

CISSP Asset Security Practice Exam Final File Trabslate Exam Set 2

Which of the following phases of a system development life-cycle is most concerned with maintaining proper authentication of users and processes to ensure appropriate access control decisions?


Options are :

  • Initiation
  • Development/acquisition
  • Implementation
  • Operation/Maintenance (Correct)

Answer : Operation/Maintenance

What can be defined as: It confirms that usersí needs have been met by the supplied solution?


Options are :

  • Acceptance (Correct)
  • Certification
  • Accreditation
  • Assurance

Answer : Acceptance

What security model implies a central authority that defines rules and sometimes global rules, dictating what subjects can have access to what objects?


Options are :

  • Discretionary access control
  • Non-discretionary access control (Correct)
  • Flow Model
  • Mandatory access control

Answer : Non-discretionary access control

CISSP - Security Operations Mock Questions

A potential problem related to the physical installation of the Iris Scanner in regards to the usage of the iris pattern within a biometric system is:


Options are :

  • There is a relatively high rate of false accepts.
  • The iris pattern changes as a person grows older
  • The optical unit must be positioned so that the sun does not shine into the aperture. (Correct)
  • Concern that the laser beam may cause eye damage.

Answer : The optical unit must be positioned so that the sun does not shine into the aperture.

In which of the following models are Subjects and Objects identified and the permissions applied to each subject/object combination are specified? Such a model can be used to quickly summarize what permissions a subject has for various system objects.


Options are :

  • Biba model
  • Bell-LaPadula mode
  • Access Control Matrix model (Correct)
  • Take-Grant model

Answer : Access Control Matrix model

Comment / Suggestion Section
Point our Mistakes and Post Your Suggestions

Subscribe to See Videos

Subscribe to my Youtube channel for new videos : Subscribe Now