CISSP Lesson 2 PreTest Flashcards
Which is not a criterion for classifying data?
A) Age of data
B) The code page used to store the data
C) Personal association
The code page used to store the data
A host-based Intrusion Detection System (IDS) samples all packets that pass through a particular point on a network.
A) TRUE
B) FALSE
FALSE
Which is an example of an administrative detective control?
A) Antivirus software
B) Encryption
C) Performance review
Performance review
Which are types of Biometric authentication? Choose all that apply. A) Signature B) Keystroke pattern C) Retina scan D) Voice pattern
Signature
Keystroke pattern
Retina scan
Voice pattern
Which is a physical access control?
A) Protect all data all the time
B) Protect the easiest data to control
C) Protect only what must be protected
Protect all data all the time
Who is ultimately responsible for data security?
A) Owner
B) Custodian
C) User
Owner
Kerberos can use the same key for encryption and decryption.
A) TRUE
B) FALSE
TRUE
RADIUS is an example of which kind of authentication?
A) Decentralized
B) Centralized
Centralized
Which are administrative access controls? Choose all that apply. A) Hiring practices B) Policies and procedures C) Security awareness training D) Monitoring
Hiring practices
Policies and procedures
Security awareness training
Monitoring
Which is an example of a technical preventative control?
A) Access card
B) Badge
C) Database view
Database view
Network architecture is an example of a logical access control.
A) TRUE
B) FALSE
TRUE
Which is an example of type 1 authentication?
A) User ID
B) One-time password
C) PIN
PIN
Asynchronous devices are generally less secure than synchronous devices.
A) TRUE
B) FALSE
FALSE
In a hybrid model, where should high-security objects be placed?
A) Centralized authentication mechanism
B) Decentralized authentication mechanism
Centralized authentication mechanism
__________ is an entity that requests access to data.
A) Data owner
B) Subject
C) Custodian
Subject
