October 24, 2021

TECH HYME

A Blog For Tech Enthusiasts

[6] CISSP – MCQ – Operations Security

7 min read
CISSP Multiple Choice Questions MCQ With Answers Techhyme

This article offers you a solid foundation for the Certified Information Systems Security Professional (CISSP) exam. This article is designed for readers and students who want to study for the CISSP certification exam.

The CISSP exam is governed by the International Information Systems Security Certification Consortium, Inc. (ISC)2 organization.

  1. CISSP – MCQ – Security Management Practices
  2. CISSP – MCQ – Access Control Systems
  3. CISSP – MCQ – Telecommunications and Network Security
  4. CISSP – MCQ – Cryptography
  5. CISSP – MCQ – Security Architecture and models
  6. CISSP – MCQ – Operations Security
  7. CISSP – MCQ – Applications and Systems Development
  8. CISSP – MCQ – Business Continuity Planning and Disaster Recovery Planning
  9. CISSP – MCQ – Law, Investigation and Ethics
  10. CISSP – MCQ – Physical Security
  11. CISSP – MCQ – Systems Security Engineering
  12. CISSP – MCQ – Certification and Accreditation
  13. CISSP – MCQ – Technical Management
  14. CISSP – MCQ – U.S. Government Information Assurance (IA) Regulations

(ISC)2 is a global not-for-profit organization. It has four primary mission goals:

  • Maintain the Common Body of Knowledge for the field of information systems security
  • Provide certification for information systems security professionals and practitioners
  • Conduct certification training and administer the certification exams
  • Oversee the ongoing accreditation of qualified certification candidates through continued education

In this article, all the questions are related to “Cryptography” and are as follows:

1) Place the four systems security modes of operation in order, from the most secure to the least:

  • System high Mode, Dedicated Mode, Compartmented Mode, and Multilevel Mode
  • Dedicated Mode, System High Mode, Compartmented Mode, and Multilevel Mode
  • Dedicated Mode, System High Mode, Multilevel Mode, and Compartmented Mode
  • System High Mode, Compartmented Mode, Dedicated Mode, and Multilevel Mode

2) Why is security an issue when a system is booted into single-user mode?

  • The operating system is started without the security front-end loaded.
  • The users cannot log in to the system, and they will complain.
  • Proper forensics cannot be executed while in single-user mode.
  • Backup tapes cannot be restored while in single-user mode.

3) An audit trail is an example of what type of control?

  • Deterrent control
  • Preventative control
  • Detective control
  • Application control

4) Which media control below is the BEST choice to prevent data remanence on magnetic tapes or floppy disks?

  • Overwriting the media with new application data
  • Degaussing the media
  • Applying a concentration of hydriodic acid (55% to 58% solution) to the gamma ferric oxide disk surface
  • Making sure the disk is re-circulated as quickly as possible to prevent object reuse

5) Which choice below is NOT a security goal of an audit mechanism?

  • Deter perpetrators’ attempts to bypass the system protection mechanisms
  • Review employee production output records
  • Review patterns of access to individual objects
  • Discover when a user assumes a functionality with privileges greater than his own

6) Which task below would normally be a function of the security administrator, not the system administrator?

  • Installing system software
  • Adding and removing system users
  • Reviewing audit data
  • Managing print queues

7) Which of the following is a reason to institute output controls?

  • To preserve the integrity of the data in the system while changes are being made to the configuration
  • To protect the output’s confidentiality
  • To detect irregularities in the software’s operation
  • To recover damage after an identified system failure

8) Which statement below is NOT correct about reviewing user accounts?

  • User account reviews cannot be conducted by outside auditors.
  • User account reviews can examine conformity with the concept of least privilege.
  • User account reviews may be conducted on a system wide basis.
  • User account reviews may be conducted on an application-by-application basis.

9) Which term below MOST accurately describes the trusted computing base (TCB)?

  • A computer that controls all access to objects by subjects
  • A piece of information that represents the security level of an object
  • Formal proofs used to demonstrate the consistency between a system’s specification and a security model
  • The totality of protection mechanisms within a computer system

10) Which statement below is accurate about the concept of Object Reuse?

  • Object reuse protects against physical attacks on the storage medium.
  • Object reuse ensure that users do not obtain residual information from system resources.
  • Object reuse applies to removable media only.
  • Object reuse controls the granting of access rights to objects.

11) Using prenumbered forms to initiate a transaction is an example of what type of control?

  • Deterrent control
  • Preventative control
  • Detective control
  • Application control

12)  Which choice below is the BEST description of operational assurance?

  • Operational assurance is the process of examining audit logs to reveal usage that identifies misuse.
  • Operational assurance has the benefit of containing and repairing damage from incidents.
  • Operational assurance is the process of reviewing and operational system to see that security controls are functioning correctly.
  • Operational assurance is the process of performing pre-employment background screening.

13) Which of the following is NOT a proper media control?

  • The data media should be logged to provide a physical inventory control.
  • All data storage media should be accurately marked.
  • A proper storage environment should be provided for the media.
  • The media that is reused in a sensitive environment does not need sanitization.

14) Which choice below is considered the HIGHEST level of operator privilege?

  • Read/Write
  • Read Only
  • Access Change
  • Write Only

15) Which below MOST accurately describes a covert storage channel?

  • A process that manipulates observable system resources in a way that affects response time
  • An information transfer path within a system
  • A communication channel that allows a process to transfer information in a manner that violates the system’s security policy
  • An information transfer that involves the direct or indirect writing of a storage location by one process and the direct or indirect reading of the storage location by another process

16) Which choice below would NOT be a common element of a transaction trail?

  • The date and time of the transaction
  • Who processed the transaction
  • Why the transaction was processed
  • At which terminal the transaction was processed

17) Which choice below would NOT be considered a benefit of employing incident-handling capability?

  • An individual acting alone would not be able to subvert a security process or control.
  • It enhances internal communications and the readiness of the organization to respond to incidents.
  • It assists an organization in preventing damage from future incidents.
  • Security training personnel would have a better understanding of users’ knowledge of security issues.

18) Which choice below is the BEST description of an audit trail?

  • Audit trails are used to detect penetration of a computer system and to reveal usage that identifies misuse.
  • An audit trail is a device that permits simultaneous data processing of two or more security levels without risk of compromise.
  • An audit trail mediates all access to objects within the network by subjects within the network.
  • Audit trails are used to prevent access to sensitive systems by unauthorized personnel.

19) Which choice below best describes the function of change control?

  • To ensure that system changes are implemented in an orderly manner.
  • To guarantee that an operator is given only the privileges needed for the task..
  • To guarantee that transaction records are retained IAW compliance requirements.
  • To assign parts of security-sensitive tasks to more than one individual.

20) Which Choice below is NOT an example of Intentionally inappropriate operator activity?

  • Making errors when manually inputting transactions
  • Using the company’s system to store pornography
  • Conducting private business on the company system
  • Using unauthorized access levels to violate information confidentiality

21) Which book of the Rainbow Series addresses the Trusted Computer System Evaluation criteria (TCSEC)?

  • Red Book
  • Orange Book
  • Green Book
  • Purple Book

22) Which term below BEST describes the concept of least privilege?

  • Each user is granted the lowest clearance required for his or her tasks.
  • A formal separation of command, program, and interface functions.
  • A combination of classification and categories that represents the sensitivity of information.
  • Active monitoring of facility entry access points.

23) Which choice below BEST describes a threat as defined in the operations Security domain?

  • A potential incident that could cause harm
  • A weakness in a system that could be exploited
  • A company resource that could be lost due to an incident

24) Which choice below is NOT a common element of user account administration?

  • Periodically verifying the legitimacy of current accounts and access authorizations
  • Authorizing the request for a user’s system account
  • Tracking user and their respective access authorizations
  • Establishing, issuing, and closing user accounts

25) Which choice below is NOT an example of using a social engineering technique to gain physical access to a secure facility?

  • Asserting authority or pulling rank
  • Intimidating or threatening
  • Praising or flattering
  • Employing the salami fraud

26) Which statement about Covert Channel Analysis is NOT true?

  • It is an operational assurance requirement that is specified in the Orange Book.
  • It is required for B2 class systems in order to protect against covert storage channels.
  • It is required for B2 class systems to protect against covert timing channels.
  • It is required for B3 class systems to protect against both covert storage and covert timing channels.

27) “Separation of duties” embodies what principle?

  • An operator does not know more about the system than the minimum required to do the job.
  • Two operators are required to work in tandem to perform a task.
  • The operators’ duties are frequently rotated.
  • The operators have different duties to prevent one person from compromising the system.

28) Convert Channel Analysis, Trusted Facility Management, and Trusted Recovery are parts of which book in the TCSEC Rainbow Series?

  • Red Book
  • Orange Book
  • Green Book
  • Dark Green Book

29) How do covert timing channels convey information?

  • By changing a system’s stored data characteristics
  • By generating noise and traffic with the data
  • By performing a covert channel analysis
  • By modifying the timing of a system resource in some measurable way

30) Which of the following would be the BEST description of clipping levels?

  • A baseline of user errors above which violations will be recorded
  • A listing of every error made by users to initiate violation processing
  • Variance detection of too many people with unrestricted access
  • Changes a system’s stored data characteristics

Leave a Reply