CISSP Prep Quiz: Short 1

Approved & Edited by ProProfs Editorial Team

The editorial team at ProProfs Quizzes consists of a select group of subject experts, trivia writers, and quiz masters who have authored over 10,000 quizzes taken by more than 100 million users. This team includes our in-house seasoned quiz moderators and subject matter experts. Our editorial experts, spread across the world, are rigorously trained using our comprehensive guidelines to ensure that you receive the highest quality quizzes.

Learn about Our Editorial Process

| By Dbatson

Dbatson

Community Contributor

Quizzes Created: 2 | Total Attempts: 5,162

Questions: 8 | Attempts: 942 | Updated: Mar 21, 2023

Questions

Settings

Feedback

During the Quiz End of Quiz

Difficulty

Sequential Easy First Hard First

Play as

Quiz Flashcard

Create your own Quiz

Share on Facebook Share on Twitter Share on Whatsapp Share on Pinterest Share on Email Copy to Clipboard Embed on your website

This short, 10 question, quiz contains one question from each module of the CISSP practice exam.

Questions and Answers

1.

In dedicated security mode, the system must have all of the following EXCEPT:
- A.
  
  One classification of data running for a set time
- B.
  
  Access approval clearance for all users or nondisclosure agreements
- C.
  
  Need-to-know for all information within the system
- D.
  
  Direct access only to the system
Correct Answer
D. Direct access only to the system

Explanation
Answer d:
Indirect access is also permitted Dedicated Security Mode.

Rate this question:
2.

Requiring approval before granting system access would be:
- A.
  
  A physical control
- B.
  
  A logical control
- C.
  
  A compensating control
- D.
  
  An administrative control
Correct Answer
D. An administrative control

Explanation
Answer d:
Administrative controls consist of management activities such as organizational policies and procedures.

Rate this question:
3.

Shadow recovery of a database is accomplished through:
- A.
  
  Applying journalized transactions to an earlier copy of a database
- B.
  
  Having a mirror copy of the database in case of interruption
- C.
  
  Doing hourly backups of the database to prevent failure
- D.
  
  Having all transactions recorded in a transaction file and updated in batch mode at a later time
Correct Answer
A. Applying journalized transactions to an earlier copy of a database

Explanation
Answer a:
Shadow recovery occurs when transactions are reapplied to a
previous version of the database. Shadow recovery requires the use of transaction logging to identify the last good transaction.

Rate this question:
4.

Which of the following is NOT one of the four primary objectives of cryptography?
- A.
  
  Non-repudiation
- B.
  
  Authentication
- C.
  
  Data integrity
- D.
  
  Authorization
Correct Answer
D. Authorization

Explanation
Answer d:
A fundamental goal of cryptography is to adequately address
four areas in both theory and practice. Confidentiality is normally achieved by encrypting the message content, data integrity is achieved through cryptographic hashing functions, authentication is achieved through the use of asymmetric cryptography, and non-repudiation is normally achieved through the use of cryptographic digital signatures.

Rate this question:
5.

Physical security often follows which of the following models?
- A.
  
  High-security defense model
- B.
  
  Deterrent-based security model
- C.
  
  Layered defense model
- D.
  
  Trusted systems security model
Correct Answer
C. Layered defense model

Explanation
Answer c:
An easy method of viewing the physical security environment is to think of it as a layered defense model.

Rate this question:
6.

The Media Access Control (MAC) layer operates as a subset of the:
- A.
  
  Physical layer
- B.
  
  Data-link layer
- C.
  
  Internet layer
- D.
  
  Transport layer
Correct Answer
B. Data-link layer

Explanation
Answer b:
The Media Access Control (MAC) sub-layer of the data-link layer manages protocol access to the physical network medium.

Rate this question:
7.

Preparing a full-scale BCP can:
- A.
  
  Be quickly achieved
- B.
  
  Take a long time
- C.
  
  Ensure a separation of responsibilities
- D.
  
  Not involve vendors
Correct Answer
B. Take a long time

Explanation
Answer b:
Preparing a full-scale BCP can take a long time.

Rate this question:
8.

An organization suspects that it has suffered loss due to an employee’s malfeasance. What should be the first step in pursuing this scenario?
- A.
  
  Call law enforcement.
- B.
  
  Terminate the employee.
- C.
  
  Set up awareness training.
- D.
  
  Review organizational policy.
Correct Answer
D. Review organizational policy.

Explanation
Answer d:
If there were no policy in place explicitly stating the company’s right to electronically monitor network traffic on company systems, then internal investigators would be well advised not to set up a sniffer on the network to monitor such traffic.

Rate this question:

Quiz Review Timeline +

Our quizzes are rigorously reviewed, monitored and continuously updated by our expert board to maintain accuracy, relevance, and timeliness.

Current Version
Mar 21, 2023

Quiz Edited by
ProProfs Editorial Team
Sep 26, 2008

Quiz Created by
Dbatson

CISSP Prep Quiz: Short 1

In dedicated security mode, the system must have all of the following EXCEPT:

Requiring approval before granting system access would be:

Shadow recovery of a database is accomplished through:

Which of the following is NOT one of the four primary objectives of cryptography?

Physical security often follows which of the following models?

The Media Access Control (MAC) layer operates as a subset of the:

Preparing a full-scale BCP can:

An organization suspects that it has suffered loss due to an employee’s malfeasance. What should be the first step in pursuing this scenario?