CISSP Lesson 2 PreTest Flashcards

2
Q

Which is not a criterion for classifying data?
A) Age of data
B) The code page used to store the data
C) Personal association

A

The code page used to store the data

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

A host-based Intrusion Detection System (IDS) samples all packets that pass through a particular point on a network.
A) TRUE
B) FALSE

A

FALSE

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Which is an example of an administrative detective control?
A) Antivirus software
B) Encryption
C) Performance review

A

Performance review

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q
Which are types of Biometric authentication? Choose all that apply.
A) Signature
B) Keystroke pattern
C) Retina scan
D) Voice pattern
A

Signature
Keystroke pattern
Retina scan
Voice pattern

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Which is a physical access control?
A) Protect all data all the time
B) Protect the easiest data to control
C) Protect only what must be protected

A

Protect all data all the time

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Who is ultimately responsible for data security?
A) Owner
B) Custodian
C) User

A

Owner

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Kerberos can use the same key for encryption and decryption.
A) TRUE
B) FALSE

A

TRUE

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

RADIUS is an example of which kind of authentication?
A) Decentralized
B) Centralized

A

Centralized

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q
Which are administrative access controls? Choose all that apply.
A) Hiring practices
B) Policies and procedures
C) Security awareness training
D) Monitoring
A

Hiring practices
Policies and procedures
Security awareness training
Monitoring

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Which is an example of a technical preventative control?
A) Access card
B) Badge
C) Database view

A

Database view

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Network architecture is an example of a logical access control.
A) TRUE
B) FALSE

A

TRUE

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Which is an example of type 1 authentication?
A) User ID
B) One-time password
C) PIN

A

PIN

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Asynchronous devices are generally less secure than synchronous devices.
A) TRUE
B) FALSE

A

FALSE

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

In a hybrid model, where should high-security objects be placed?
A) Centralized authentication mechanism
B) Decentralized authentication mechanism

A

Centralized authentication mechanism

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

__________ is an entity that requests access to data.
A) Data owner
B) Subject
C) Custodian

A

Subject

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

Which statement describes dictionary attacks?
A) Saturates the network to render access impossible
B) Attempts to gain access using exhaustive input
C) Uses a list of commonly used passwords to attempt to gain access

A

Uses a list of commonly used passwords to attempt to gain access

18
Q

On what is nondiscretionary access control based?
A) Roles
B) Rules
C) Identity

A

Roles