[6] CISSP – MCQ – Operations Security

CISSP Multiple Choice Questions MCQ With Answers Techhyme

This article offers you a solid foundation for the Certified Information Systems Security Professional (CISSP) exam. This article is designed for readers and students who want to study for the CISSP certification exam.

The CISSP exam is governed by the International Information Systems Security Certification Consortium, Inc. (ISC)2 organization.

(ISC)2 is a global not-for-profit organization. It has four primary mission goals:

Maintain the Common Body of Knowledge for the field of information systems security
Provide certification for information systems security professionals and practitioners
Conduct certification training and administer the certification exams
Oversee the ongoing accreditation of qualified certification candidates through continued education

In this article, all the questions are related to “Cryptography” and are as follows:

1) Place the four systems security modes of operation in order, from the most secure to the least:

System high Mode, Dedicated Mode, Compartmented Mode, and Multilevel Mode
Dedicated Mode, System High Mode, Compartmented Mode, and Multilevel Mode
Dedicated Mode, System High Mode, Multilevel Mode, and Compartmented Mode
System High Mode, Compartmented Mode, Dedicated Mode, and Multilevel Mode

2) Why is security an issue when a system is booted into single-user mode?

The operating system is started without the security front-end loaded.
The users cannot log in to the system, and they will complain.
Proper forensics cannot be executed while in single-user mode.
Backup tapes cannot be restored while in single-user mode.

3) An audit trail is an example of what type of control?

Deterrent control
Preventative control
Detective control
Application control

4) Which media control below is the BEST choice to prevent data remanence on magnetic tapes or floppy disks?

Overwriting the media with new application data
Degaussing the media
Applying a concentration of hydriodic acid (55% to 58% solution) to the gamma ferric oxide disk surface
Making sure the disk is re-circulated as quickly as possible to prevent object reuse

5) Which choice below is NOT a security goal of an audit mechanism?

Deter perpetrators’ attempts to bypass the system protection mechanisms
Review employee production output records
Review patterns of access to individual objects
Discover when a user assumes a functionality with privileges greater than his own

6) Which task below would normally be a function of the security administrator, not the system administrator?

Installing system software
Adding and removing system users
Reviewing audit data
Managing print queues

7) Which of the following is a reason to institute output controls?

To preserve the integrity of the data in the system while changes are being made to the configuration
To protect the output’s confidentiality
To detect irregularities in the software’s operation
To recover damage after an identified system failure

8) Which statement below is NOT correct about reviewing user accounts?

User account reviews cannot be conducted by outside auditors.
User account reviews can examine conformity with the concept of least privilege.
User account reviews may be conducted on a system wide basis.
User account reviews may be conducted on an application-by-application basis.

9) Which term below MOST accurately describes the trusted computing base (TCB)?

A computer that controls all access to objects by subjects
A piece of information that represents the security level of an object
Formal proofs used to demonstrate the consistency between a system’s specification and a security model
The totality of protection mechanisms within a computer system

10) Which statement below is accurate about the concept of Object Reuse?

Object reuse protects against physical attacks on the storage medium.
Object reuse ensure that users do not obtain residual information from system resources.
Object reuse applies to removable media only.
Object reuse controls the granting of access rights to objects.

11) Using prenumbered forms to initiate a transaction is an example of what type of control?

Deterrent control
Preventative control
Detective control
Application control

12) Which choice below is the BEST description of operational assurance?

Operational assurance is the process of examining audit logs to reveal usage that identifies misuse.
Operational assurance has the benefit of containing and repairing damage from incidents.
Operational assurance is the process of reviewing and operational system to see that security controls are functioning correctly.
Operational assurance is the process of performing pre-employment background screening.

13) Which of the following is NOT a proper media control?

The data media should be logged to provide a physical inventory control.
All data storage media should be accurately marked.
A proper storage environment should be provided for the media.
The media that is reused in a sensitive environment does not need sanitization.

14) Which choice below is considered the HIGHEST level of operator privilege?

Read/Write
Read Only
Access Change
Write Only

15) Which below MOST accurately describes a covert storage channel?

A process that manipulates observable system resources in a way that affects response time
An information transfer path within a system
A communication channel that allows a process to transfer information in a manner that violates the system’s security policy
An information transfer that involves the direct or indirect writing of a storage location by one process and the direct or indirect reading of the storage location by another process

16) Which choice below would NOT be a common element of a transaction trail?

The date and time of the transaction
Who processed the transaction
Why the transaction was processed
At which terminal the transaction was processed

17) Which choice below would NOT be considered a benefit of employing incident-handling capability?

An individual acting alone would not be able to subvert a security process or control.
It enhances internal communications and the readiness of the organization to respond to incidents.
It assists an organization in preventing damage from future incidents.
Security training personnel would have a better understanding of users’ knowledge of security issues.

18) Which choice below is the BEST description of an audit trail?

Audit trails are used to detect penetration of a computer system and to reveal usage that identifies misuse.
An audit trail is a device that permits simultaneous data processing of two or more security levels without risk of compromise.
An audit trail mediates all access to objects within the network by subjects within the network.
Audit trails are used to prevent access to sensitive systems by unauthorized personnel.

19) Which choice below best describes the function of change control?

To ensure that system changes are implemented in an orderly manner.
To guarantee that an operator is given only the privileges needed for the task..
To guarantee that transaction records are retained IAW compliance requirements.
To assign parts of security-sensitive tasks to more than one individual.

20) Which Choice below is NOT an example of Intentionally inappropriate operator activity?

Making errors when manually inputting transactions
Using the company’s system to store pornography
Conducting private business on the company system
Using unauthorized access levels to violate information confidentiality

21) Which book of the Rainbow Series addresses the Trusted Computer System Evaluation criteria (TCSEC)?

Red Book
Orange Book
Green Book
Purple Book

22) Which term below BEST describes the concept of least privilege?

Each user is granted the lowest clearance required for his or her tasks.
A formal separation of command, program, and interface functions.
A combination of classification and categories that represents the sensitivity of information.
Active monitoring of facility entry access points.

23) Which choice below BEST describes a threat as defined in the operations Security domain?

A potential incident that could cause harm
A weakness in a system that could be exploited
A company resource that could be lost due to an incident

24) Which choice below is NOT a common element of user account administration?

Periodically verifying the legitimacy of current accounts and access authorizations
Authorizing the request for a user’s system account
Tracking user and their respective access authorizations
Establishing, issuing, and closing user accounts

25) Which choice below is NOT an example of using a social engineering technique to gain physical access to a secure facility?

Asserting authority or pulling rank
Intimidating or threatening
Praising or flattering
Employing the salami fraud

26) Which statement about Covert Channel Analysis is NOT true?

It is an operational assurance requirement that is specified in the Orange Book.
It is required for B2 class systems in order to protect against covert storage channels.
It is required for B2 class systems to protect against covert timing channels.
It is required for B3 class systems to protect against both covert storage and covert timing channels.

27) “Separation of duties” embodies what principle?

An operator does not know more about the system than the minimum required to do the job.
Two operators are required to work in tandem to perform a task.
The operators’ duties are frequently rotated.
The operators have different duties to prevent one person from compromising the system.

28) Convert Channel Analysis, Trusted Facility Management, and Trusted Recovery are parts of which book in the TCSEC Rainbow Series?