CISSP - Einde dag 3

CISSP - Einde dag 3

Professional Development

6 Qs

quiz-placeholder

Similar activities

Design Basics of Substation  engineering

Design Basics of Substation engineering

Professional Development

10 Qs

Line Clearance

Line Clearance

Professional Development

10 Qs

What is RTI?

What is RTI?

Professional Development

10 Qs

MTSS Refresher

MTSS Refresher

Professional Development

10 Qs

MTSS Case Studies

MTSS Case Studies

Professional Development

9 Qs

Sarasehan Big Bike #5

Sarasehan Big Bike #5

Professional Development

10 Qs

HPE Storage Product Enablement

HPE Storage Product Enablement

Professional Development

10 Qs

Behavior Interventions

Behavior Interventions

Professional Development

10 Qs

CISSP - Einde dag 3

CISSP - Einde dag 3

Assessment

Quiz

Professional Development

Professional Development

Hard

Created by

Samuel Bergmann

Used 21+ times

FREE Resource

6 questions

Show all answers

1.

MULTIPLE CHOICE QUESTION

2 mins • 1 pt

From a safety configuration viewpoint, the separation of duty concept is not enforced in which of the following?

Mandatory access control policy

Bell-LaPadula access control model

Access control matrix model

Domain type enforcement access control model

2.

MULTIPLE CHOICE QUESTION

2 mins • 1 pt

In the Common Criteria, a Protection Profile:

Specifies the mandatory protection in the product to be evaluated.

Is also known as the Target of Evaluation (TOE).

Is also known as the Orange Book.

Specifies the security requirements and protections of the products to be evaluated.

3.

MULTIPLE CHOICE QUESTION

2 mins • 1 pt

In a ring protection system, where is the security kernel usually located?

Highest ring number

Arbitrarily placed

Lowest ring number

Middle ring number

4.

MULTIPLE CHOICE QUESTION

2 mins • 1 pt

You are a security consultant tasked with reviewing a company’s security model. The current model has the following characteristics:

– It establishes confidentiality such that people cannot read access classified at a higher level than their clearance.

– It forbids users with a specific clearance from writing data to a document with a lower clearance level.

You note that the current model does not account for somebody with a low clearance level from writing data to a document classified at a higher level than their clearance. You need to implement a model to mitigate this. Which of the following security tenets should the new model focus on?

Availability

Governance

Integrity

Confidentiality

5.

MULTIPLE CHOICE QUESTION

2 mins • 1 pt

You are documenting the attempted attacks on your organization’s IT systems. The top type of attack was injection attacks. Which definition should you use to describe an injection attack?

Intercepting and altering network communications

Capturing packets on a network

Providing invalid input

Overloading a system or network

6.

MULTIPLE CHOICE QUESTION

2 mins • 1 pt

You are designing a public key infrastructure for your organization. The organization has issued the following requirements for the PKI:

– Maximize security of the PKI architecture

– Maximize the flexibility of the PKI architecture

You need to choose a PKI design to meet the requirements. Which design should you choose?

A two-tier hierarchy with an offline root CA being in the first tier and issuing CAs in the second tier

A two-tier hierarchy with an online root CA being in the first tier and issuing CAs in the second tier

A three-tier hierarchy with an offline root CA being in the first tier, offline policy CAs being in the second tier, and issuing CAs being in the third tier

A three-tier hierarchy with an offline root CA being in the first tier, online policy CAs being in the second tier, and issuing CAs being in the third tier