CISSP Security Engineering Certification Practice Exam Set 7

Which of the following is a Class C fire?


Options are :

  • electric (Correct)
  • a common piece of
  • soda acid
  • None
  • liquid

Answer : electric

During which stage of the life cycle of IT security requirements is being developed?


Options are :

  • execution
  • commencement of
  • None
  • Operation
  • Functional design analysis and design (Correct)

Answer : Functional design analysis and design

Which of the following statements Bell-LaPadula model is true, if you do not use a strong hotel?


Options are :

  • It deals with covert channels. C.It addresses the management of access
  • It makes it possible to "write up." (Correct)
  • It deals with the management of access control.
  • It makes it possible to "read."
  • None

Answer : It makes it possible to "write up."

CISSP - Security Operations Mock Questions

Every security model presents access to objects only programs?


Options are :

  • Biba model
  • None
  • Information flow model
  • Bell-LaPadula model
  • Clark-Wilson model (Correct)

Answer : Clark-Wilson model

Which of the following is not a physical control physical security?


Options are :

  • None
  • Department of Construction materials
  • hurdles
  • training (Correct)
  • lighting

Answer : training

Which of the following is an example of a discretionary access control?


Options are :

  • None
  • Identity-based access control (Correct)
  • Rule-based access control
  • Role-based access control
  • Task-based access control

Answer : Identity-based access control

"The vulnerability now" to damage or attack can be assessed all of the following EXCEPT:


Options are :

  • History losses
  • inspection
  • security budget (Correct)
  • None
  • Security checks

Answer : security budget

Which of the following would be most likely to ensure that the system development project meets the business goals?


Options are :

  • And tests run on different people
  • Development of the project plan identifying all development activities
  • Development of the project plan identifying all development activities
  • User participation in the identification and approval (Correct)
  • None

Answer : User participation in the identification and approval

Which of the following is NOT a type of motion sensor?


Options are :

  • Photocell (Correct)
  • Microwave sensor.
  • None
  • Ultrasonic sensor.
  • Passive infrared sensors

Answer : Photocell

CISSP - Security and Risk Management Pratice Questions

A potential problem related to the physical installation iris scanner with regard to the use of the iris pattern inside the biometric system to:


Options are :

  • Iris pattern changes as a person gets older
  • None
  • Concern that the laser beam can damage your eyes.
  • There is a relatively high false accepts.
  • The optical unit is positioned so that the sun does not shine into the slot. (Correct)

Answer : The optical unit is positioned so that the sun does not shine into the slot.

Which of the following issues will be less likely to help assess the physical and environmental protection?


Options are :

  • There is an entry codes to be replaced on a regular basis?
  • It is physical access to data transmission lines are monitored?
  • Are appropriate fire suppression and prevention devices installed and working?
  • Are processes in place to ensure that unauthorized users can not read, copy, alter, or steal printed or electronic information? (Correct)
  • None

Answer : Are processes in place to ensure that unauthorized users can not read, copy, alter, or steal printed or electronic information?

Computer Security Model Orange Book is based on which of the following?


Options are :

  • Data Encryption Standard
  • Kerberos
  • storm
  • Bell-LaPadula (Correct)
  • None

Answer : Bell-LaPadula

Which of the following phases of the system development life cycle is most concerned about maintaining proper user authentication and accounting processes to ensure appropriate access control decisions?


Options are :

  • execution
  • commencement of
  • Operation / Maintenance (Correct)
  • Development / acquisition
  • None

Answer : Operation / Maintenance

Which of the following is the best way to suppress the electric fire in the data center?


Options are :

  • Rated ABC dry chemical
  • CO2, soda, acid, or Halon
  • water or soda acid
  • CO2 (Correct)
  • None

Answer : CO2

At which point the system development life cycle (SDLC) Security Accreditation is obtained?


Options are :

  • approval stage
  • None
  • Operational Requirements Phase
  • post-Phase
  • Testing and evaluation of controls (Correct)

Answer : Testing and evaluation of controls

CISSP-ISSAP Information Systems Security Architecture Exam Set 3

Which of the following is the lowest TCSEC class when the systems will need to support separate operator and system administrator roles?


Options are :

  • A2
  • A1
  • None
  • B1
  • B2 (Correct)

Answer : B2

Which of the following is NOT a basic security architecture?


Options are :

  • storage devices
  • Peripherals (input / output devices)
  • None
  • motherboard (Correct)
  • Central Processing Unit (CPU)

Answer : motherboard

Every Orange Book security rating is the first to be concerned about covert channels?


Options are :

  • B3
  • B1
  • A1
  • B2 (Correct)
  • None

Answer : B2

Which of the following models are the subjects and objects to identify and access rights to each topic / target combination is defined? Such a model can be used to quickly summarize what access rights a subject different objects in the system.


Options are :

  • Take-Grant model
  • Biba model
  • Access Control Matrix model (Correct)
  • Bell-LaPadula mode
  • None

Answer : Access Control Matrix model

According to the Orange Book, which is the first level of protection required to protect the devices from covert timing channels?


Options are :

  • B2
  • None
  • A1
  • B1
  • B3 (Correct)

Answer : B3

What security model means the central authority, which defines the rules and sometimes global rules, dictating what things can get what objects?


Options are :

  • discretionary access control (Correct)
  • Mandatory access control
  • None
  • Flow Model
  • discretionary Access Control

Answer : discretionary access control

CISSP - Software Development Security Mock Questions

In which the basic steps of the System Development Life Cycle are officially safety?


Options are :

  • disposal
  • Operational Requirements Definition (Correct)
  • None
  • System Design Technical
  • Development and implementation

Answer : Operational Requirements Definition

Which of the following phases of the system development life cycle is most concerned about creating a good basis for security planning?


Options are :

  • execution
  • commencement of (Correct)
  • maintenance
  • None
  • Development / acquisition

Answer : commencement of

Which of the following is the electromagnetic interference (EMI), which is the difference between the noise radiation of the hot and ground wires?


Options are :

  • common-mode noise (Correct)
  • None
  • cross-over noise
  • a transverse-noise
  • transverse-noise

Answer : common-mode noise

Which of the following statements Biba security model is wrong?


Options are :

  • It is a state machine model.
  • The patient must not be write-up.
  • Integrity levels are assigned to subjects and objects.
  • The programs operate in an intermediate layer between patients and objects. (Correct)
  • None

Answer : The programs operate in an intermediate layer between patients and objects.

What mechanism will automatically cause an alarm from the data center to be sent from the local fire or police alarm circuits as well as the transmission of local police / fire station and the headquarters of a suitable?


Options are :

  • A remote station alarm
  • None
  • proprietary alarm
  • Central Station Alarm
  • The assisting alarm status (Correct)

Answer : The assisting alarm status

Orange Book which is based on the security model?


Options are :

  • Biba model
  • Bell LaPadula Model (Correct)
  • TEMPEST
  • None
  • Clark-Wilson Model

Answer : Bell LaPadula Model

CISSP - Security Engineering Mock Questions

Which of the following statements Bell-LaPadula security model is false (assuming Strong property is not used)?


Options are :

  • The patient should not be read down. (Correct)
  • It is bordered by the confidentiality
  • None
  • The patient can not read.
  • * - property restriction may be temporarily escaped the reduction of high-level topic.

Answer : The patient should not be read down.

Orange Book, which presents a security rating of the object re-use protection?


Options are :

  • C2 (Correct)
  • C1
  • None
  • B2
  • B1

Answer : C2

Which of the following to prevent burning by interfering with the chemical reaction, by doing so it will kill the fire?


Options are :

  • CO2
  • soda acid
  • water
  • halon (Correct)
  • None

Answer : halon

Comment / Suggestion Section
Point our Mistakes and Post Your Suggestions