Our Ultimate CISSP Study Guide self-paced online course is scheduled to take off on March 1st. In preparation for that, the instructor of this course, Joe Dively, has prepared a little placement test for you to let you check your knowledge. We’re publishing this test here, on the blog, to let everyone have a go.
You have to be logged in to take the quiz.
If you decide to join us during the course in March, you won’t have to take the quiz again, as your score will be saved, although you can take as many retakes as you want. You can even retake the test once you will have finshed the course, and see how you improved.
Check out the course as well: LINK!
This quiz has been prepared to compliment our online course and is not a part of ISC2 testing.
0 of 32 questions completed
THE ULTIMATE CISSP STUDY GUIDE PLACEMENT TEST
This exam is to let you know which domains you may have problems in. Please think over each question carefully and choose the best answer. This test does NOT count towards any grade it is just so you can see what areas you may need to study over a bit more than others.
Questions are multiple choice, with multiple correct answers possible.
You have already completed the quiz before. Hence you can not start it again.
Quiz is loading...
You must sign in or sign up to start the quiz.
You have to finish following quiz, to start this quiz:
0 of 32 questions answered correctly
Time has elapsed
You have reached 0 of 0 points, (0)
- Not categorized 0%
- Domain 1: Security and Risk Management 0%
- Domain 2: Asset Security 0%
- Domain 3: Security Engineering 0%
- Domain 4: Communication and Network Security 0%
- Domain 5: Identity and Access Management 0%
- Domain 6: Security Assessment and Testing 0%
- Domain 7: Security Operations 0%
- Domain 8: Software Development Security 0%
Thanks for taking the quiz!
1. Question1 pointsCategory: Domain 1: Security and Risk Management
Which of the following defined “protected computers” and criminalized attacks against them?Correct
The Computer Fraud and Abuse Act, penned in 1984, is still an important piece of legislation for the prosecution of computer crime. The Computer Fraud and Abuse Act defined protected computers, which were intended to be systems in which the federal government had a particular interest. The law set a bar of $ 5000 in damages during 1 year in order for the act to constitute a crime.Incorrect
2. Question1 pointsCategory: Domain 1: Security and Risk Management
What attempts to show that evidence has been properly secured and controlled after having been acquired?Correct
Chain of custody is concerned with showing that evidence has been controlled after acquisition. Details will include all the people that handled the evidence as well as the person that controlled and secured the evidence.Incorrect
3. Question1 pointsCategory: Domain 1: Security and Risk Management
Which Code of Ethics specifically refers to advancing the profession?Correct
The (ISC) 2 Code of Ethics makes specific mention of advancement of the profession.Incorrect
4. Question1 pointsCategory: Domain 1: Security and Risk Management
What metric describes the moment in time in which data must be recovered and made available to users in order to resume business operations?Correct
The recovery point objective (RPO) is the moment in time in which data must be recovered and made available to users in order to resume business operations.Incorrect
5. Question1 pointsCategory: Domain 2: Asset Security
How do dry pipe systems work?Correct
Dry pipes contain compressed air and require a trigger to deploy— the sprinkler head opens. The valve opens once air pressure drops in the pipes, releasing water.Incorrect
6. Question1 pointsCategory: Domain 2: Asset Security
EMI issues such as crosstalk primarily impact which aspect of security?Correct
EMI issues such as crosstalk could impact all aspects listed, but it most commonly impacts integrity.Incorrect
7. Question1 pointsCategory: Domain 2: Asset Security
Which of the following is an administrative control?Correct
Asset tracking is an administrative control. Administrative controls include policies, procedures, and practices.Incorrect
8. Question1 pointsCategory: Domain 2: Asset Security
Before applying a software update to production systems, it is MOST important that:Correct
Prior to deploying updates to production servers, make certain that a full system backup is conducted. In the regrettable event of a system crash, due to the update, the server and data can be recovered without a significant loss of data. Additionally, if the update involved propriety code, it will be necessary to provide a copy of the server or application image to the media librarian. The presence or absence of full disclosure information is good to have but not a requirement as the patching process will have to be a risk-based decision as it applies to the organization. Documentation of the patching process is the last step in patch management processes. Independent third-party assessments are not usually related to attesting patch validity.Incorrect
9. Question1 pointsCategory: Domain 3: Security Engineering
A holistic lifecycle for developing security architecture that begins with assessing business requirements and subsequently creating a ‘chain of traceability’ through phases of strategy, concept, design, implementation and metrics is characteristic of which of the following frameworks?Correct
SABSA (Sherwood Applied Business Security Architecture) is a holistic lifecycle for developing security architecture that begins with assessing business requirements. It generates a “chain of traceability” of security requirements to business functionality, through the phases of strategy, concept, design, implementation, and metrics. It represents any architecture using six layers, each representing a different perspective for the design and construction and use of the target system.Incorrect
10. Question1 pointsCategory: Domain 3: Security Engineering
Which of the following security standards is internationally recognized as the standards for sound security practices and is focused on the standardization and certification of an organization’s Information Security Management System (ISMS)?Correct
ISO 27000 series will assist organizations of all types to understand the fundamentals, principles, and concepts to improve the protection of their information assets. ISO 15408 is the common criteria which includes the evaluation criteria for IT security. ISO 9001 provides the requirements for quality management system. ISO 9126 is an international standard for the evaluation of software quality.Incorrect
11. Question1 pointsCategory: Domain 3: Security Engineering
A two-dimensional grouping of individual subjects into groups or roles and granting access to groups to objects is an example of which of the following types of models?Correct
While lattice-based models tend to treat similar subjects and objects with similar restrictions, matrix-based models focus on one-to-one relationships between subjects and objects. The best known example is the organization of subjects and objects into an access control matrix. An access control matrix is a two-dimensional table that allows for individual subjects and objects to be related to each other. A state machine model, describes the behavior of a system as it moves between one state and another, from one moment to another. A noninterference model maintains activities at different security levels to separate these levels from each other. In this way, it minimizes leakages that may happen through covert channels, because there is complete separation between security levels.Incorrect
12. Question1 pointsCategory: Domain 3: Security Engineering
In the Common Criteria, the common set of functional and assurance requirements for a category of vendor products deployed in a particular type of environment are known as:Correct
Protection profiles are the common set of functional and assurance requirements while security target is the specific functional and assurance requirements that the author of the security target wants a given product to fulfill. Trusted computing base and ring protection are not concepts of the common criteria.Incorrect
13. Question1 pointsCategory: Domain 4: Communication and Network Security
In the OSI reference model, on which layer can Ethernet (IEEE 802.3) be described?Correct
Layer 2, the data-link layer, describes data transfer between machines, for instance, by an Ethernet.Incorrect
14. Question1 pointsCategory: Domain 4: Communication and Network Security
Ann installs a new Wireless Access Point (WAP) and users are able to connect to it. However, once connected, users cannot access the Internet. Which of the following is the MOST likely cause of the problem?Correct
The subnet mask is broken into two parts, the Network ID and the Host ID. The Network ID represents the network that the device is connected to. If, for example, the subnet mask in question was supposed to be 255.255.240.0, but instead was entered as 255.240.0.0, then the device would only be able to see other computers in the 255.240.0.0 subnet, and the default gateway of the subnet. When the wrong subnet mask is entered for a network configuration, the device will not be able to communicate with any other devices outside of the subnet until the right subnet mask is entered, allowing them to be able to interact with the devices on the network that the subnet mask represents.Incorrect
15. Question1 pointsCategory: Domain 4: Communication and Network Security
A botnet can be characterized as:Correct
“Bots” and “botnets” are most insidious implementations of unauthorized, remote control of compromised systems. Such machines are essentially zombies controlled by ethereal entities from the dark places on the Internet.Incorrect
16. Question1 pointsCategory: Domain 4: Communication and Network Security
Which wireless security protocol is also known as the Robust Security Network (RSN) and implements the full 802.11i standard?Correct
WPA2 (Wi-Fi Protected Access 2) implements AES and CCMP (Counter Mode CBC MAC Protocol), as defined by 802.Incorrect
17. Question1 pointsCategory: Domain 5: Identity and Access Management
Identification is the assertion of a unique identity for a person or system and is the starting point of all access control. Without proper identification it is impossible to determine to whom or what to apply the appropriate controls. Identification is a critical first step in applying access controls because all activities and controls are tied to the identity of a particular user or entity.
Authentication is the process of verifying the identity of the user. Upon requesting access and presenting unique user identification, the user will provide some set of private data that only the user should have access to or knowledge of. The combination of the identity and information only known by, or only in the possession of, the user acts to verify that the user identity is being used by the expected and assigned entity (e.g., a person). This, then, establishes trust between the user and the system for the allocation of privileges.
Authorization is the final step in the process. Once a user has been identified and properly authenticated, the resources that user is allowed to access must be defined and monitored. Authorization is the process of defining the specific resources a user needs and determining the type of access to those resources the user may have.Incorrect
18. Question1 pointsCategory: Domain 5: Identity and Access Management
A potential vulnerability of the Kerberos authentication server is:Correct
There are some issues related to the use of Kerberos. For starters, the security of the whole system depends on careful implementation: enforcing limited lifetimes for authentication credentials minimizes the threats of replayed credentials, the KDC must be physically secured, and it should be hardened, not permitting any non-Kerberos activity. More importantly, the KDC can be a single point of failure, and therefore should be supported by backup and continuity plans.Incorrect
19. Question1 points
The Identity and Access Provisioning Lifecycle is made up of which phases?Correct
The lifecycle is the workflow of how a user obtains access, uses it and finally loses it. The
lifecycle is made up of the following phases:
20. Question1 pointsCategory: Domain 5: Identity and Access Management
Which best describes access controls?Correct
Access controls are the collection of mechanisms that work together to protect the assets of the enterprise. They help protect against threats and vulnerabilities by reducing exposure to unauthorized activities and providing access to information and systems to only those who have been approved.Incorrect
21. Question1 pointsCategory: Domain 6: Security Assessment and Testing
Real User Monitoring (RUM) is an approach to Web monitoring that?Correct
22. Question1 pointsCategory: Domain 6: Security Assessment and Testing
Most security vulnerabilities are caused by one?Correct
Most security vulnerabilities are caused by one of the following four reasons:
■ Bad programming patterns such as missing checks of user-influenced data that can cause, e.g., SQL injections vulnerabilities,
■ Misconfiguration of security infrastructures, e.g., too permissible access control or weak cryptographic configurations,
■ Functional bugs in security infrastructures, e.g., access control enforcement infrastructures that inherently do not restrict system access,
■ Logical flaws in the implemented processes, e.g., resulting in an application allowing customers to order goods without paying.Incorrect
23. Question1 pointsCategory: Domain 6: Security Assessment and Testing
The process for developing an ISCM strategy and implementing an ISCM program is?Correct
The process for developing an ISCM strategy and implementing an ISCM program is as follows:
■ Define an ISCM strategy based on risk tolerance that maintains clear visibility into assets, awareness of vulnerabilities, up-to-date threat information, and mission/business impacts.
■ Establish an ISCM program determining metrics, status monitoring frequencies, control assessment frequencies, and an ISCM technical architecture.
■ Implement an ISCM program and collect the security-related information required for metrics, assessments, and reporting. Automate collection, analysis, and reporting of data where possible.
■ Analyze the data collected and Report findings, determining the appropriate response. It may be necessary to collect additional information to clarify or supplement existing monitoring data.
■ Respond to findings with technical, management, and operational mitigating activities or acceptance, transference/sharing, or avoidance/rejection.
■ Review and Update the monitoring program, adjusting the ISCM strategy and maturing measurement capabilities to increase visibility into assets and awareness of vulnerabilities, further enable data-driven control of the security of an organization’s information infrastructure, and increase organizational resilience.Incorrect
24. Question1 pointsCategory: Domain 6: Security Assessment and Testing
What type of firmware is erased via ultraviolet light?Correct
Erasable programmable read-only memory (EPROM) is erased by exposure to ultraviolet light.Incorrect
25. Question1 pointsCategory: Domain 7: Security Operations
If speed is preferred over resilience, which of the following RAID configuration is the most suited?Correct
In a RAID 0 configuration, files are written in stripes across multiple disks without the use of parity information. This technique allows for fast reading and writing to disk since all of the disks can typically be accessed in parallel. However, without the parity information, it is not possible to recover from a hard drive failure. This technique does not provide redundancy and should not be used for systems with high availability requirements.Incorrect
26. Question1 pointsCategory: Domain 7: Security Operations
Computer forensics is the marriage of computer science, information technology, and engineering with:Correct
As a forensic discipline, this area deals with evidence and the legal system and is really the marriage of computer science, information technology, and engineering with law.Incorrect
27. Question1 pointsCategory: Domain 7: Security Operations
Which of the following is part of the five rules of evidence?Correct
At a more generic level, evidence should have some probative value, be relevant to the case at hand, and meet the following criteria (often called the five rules of evidence): be authentic, be accurate, be complete, be convincing, and be admissible.Incorrect
28. Question1 pointsCategory: Domain 7: Security Operations
Separation of duties requires that two parties act in concert in order to carry out a critical transaction. What is the term associated with two individuals working together to perpetrate a fraud?Correct
Collusion is the term associated with two parties having to both act inappropriately in order to perpetrate a fraud.Incorrect
29. Question1 pointsCategory: Domain 8: Software Development Security
Two cooperating processes that simultaneously compete for a shared resource, in such a way that they violate the system’s security policy, is commonly known as:Correct
A covert channel or confinement problem is an information flow issue. It is a communication channel allowing two cooperating processes to transfer information in such a way that it violates the system’s security policy. There are two types of covert channels: storage and timing. A covert storage channel involves the direct or indirect reading of a storage location by one process and a direct or indirect reading of the same storage location by another process. Typically, a covert storage channel involves a finite resource, such as a memory location or sector on a disk that is shared by two subjects at different security levels. This scenario is a description of a covert storage channel. A covert timing channel depends upon being able to influence the rate that some other process is able to acquire resources, such as the CPU, memory, or I/O devices. Covert channels as opposed to what should be the case (overt channels) could lead to denial of service and object reuse has to do with disclosure protection when objects in memory are reused by different processes.Incorrect
30. Question1 pointsCategory: Domain 8: Software Development Security
It is extremely important that as one follows a software development project, security activities are performed:Correct
Security activities should be done in parallel with project initiation activities and, indeed, with every task throughout the project.Incorrect
31. Question1 pointsCategory: Domain 8: Software Development Security
Software Acquisition (SwA) can be organized around the major phases of a generic acquisition process. The major phases are:Correct
SwA can be organized around the major phases of a generic acquisition process.
The major phases are:
The major phases are:
- Planning Phase – This phase begins with (1) Needs determination for acquiring software services or products, identifying potential alternative software approaches, and identifying risks associated with those alternatives. This set of activities is followed by (2) Developing software requirements to be included in work statements; (3) Creating an acquisition strategy and/or plan that includes identifying risks associated with various software acquisition strategies; and (4) Developing evaluation criteria and an evaluation plan.
- Contracting Phase – This phase includes three major activities: (1) creating/ issuing the solicitation or RFP with a work statement, instructions to offerors, terms and conditions (including conditions for acceptance), prequalification considerations, and certifications; (2) evaluating supplier proposals submitted in response to the solicitation or RFP; (3) and finalizing contract negotiation to include changes in terms and conditions and awarding the contract. Software risks are addressed and mitigated through terms and conditions, certifications, evaluation factors for award, and risk mitigation requirements in the work statement.
- Monitoring and Acceptance Phase – This phase involves monitoring the supplier’s work and accepting the final service or product delivered under a contract. This phase includes three major activities: (1) establishing and consenting to the contract work schedule; (2) implementing change (or configuration) control procedures; and (3) reviewing and accepting software deliverables. During the monitoring and acceptance phase, software risk management and assurance case deliverables must be evaluated to determine compliance in accepted risk mitigation strategies as stated in the requirements of the contract.
- Follow-on – This phase involves maintaining the software (the process is often called sustainment). This phase includes two major activities: (1) sustainment (includes risk management, assurance case management, and change management) and (2) disposal or decommissioning. During the follow-on phase, software risks must be managed through continued analysis of the assurance case and should be adjusted to mitigate changing risks.
32. Question1 pointsCategory: Domain 8: Software Development Security
At what phase of the SDLC (Systems Development Life Cycle) should security become part of the process?Correct
Security is a critical component of the entire SDLC process, typically beginning with a security plan before initiation.Incorrect