CISSP - Questions with Answers
Advertisement Area

1. Place the four systems security modes of operation in order, from the most secure to the least.

  1. System High Mode, Compartmented Mode, and Multilevel Mode
  2. Dedicated Mode, System High Mode, Compartmented Mode, and Multilevel Mode
  3. Dedicated Mode, System High Mode, Multilevel Mode, and Compartmented Mode
  4. System High Mode, Compartmented Mode, Dedicated Mode, and Multilevel Mode

Answer: B

Hint: Dedicated Mode, System High Mode, Compartmented Mode, and Multilevel Mode

2. Why is security an issue when a system is booted into single-user mode ?

  1. The operating system is started without the security front-end loaded.
  2. The users cannot log into the system, and they will complain.
  3. Proper forensics cannot be executed while in single-user mode.
  4. Backup tapes cannot be restored while in single-user mode.

Answer: A

Hint: When the operator boots the system in single-user mode, the user front-end security controls are not loaded. This mode should be used only for recovery and maintenance procedures, and all operations should be logged and audited.

3. An audit trail is an example of what type of control ?

  1. Deterrent control
  2. Preventative control
  3. Detective control
  4. Application control

Answer: A

Hint: An audit trail is a record of events to piece together what has happended and allow enforcement of Individual accountability by creating a reconstruction of events. They can be used to assist in the proper implementation of the other controls, however.

4. Which media control below is the BEST choice to prevent data remanence on magnetic tapes or floppy disks ?

  1. Overwriting the media with new application data
  2. Degaussing the media
  3. Applying a concentration of Hydriodic acid (55% to 58% solution) to the gamma ferric oxide disk surface
  4. Making sure the disk is recirculated as quickly as possible to prevent object reuse

Answer: B

Hint: Degaussing is recommended as the best method for purging most magnetic media. Answer A is not recommended because the application may not completely overwrite the old data properly. Answer C is a rarely used method of media destruction, and acid solutions should be used in a well-ventilated area only by qualified personnel. Answer D is wrong.

5. Which choice below is NOT a security goal of an audit mechanism ?

  1. Deter perpetrators' attempts to bypass the system protection mechanisms
  2. Review employee production output records
  3. Review patterns of access to individual objects
  4. Discover when a user assumes a functionality with privileges greater than his own

Answer: B

Hint: Answer B is a distracter; the other answers reflect proper security goals of an audit mechanism

6. Which task below would normally be a function of the security administrator, not the system administrator ?

  1. Installing system software
  2. Adding and removing system users
  3. Reviewing audit data
  4. Managing print queues

Answer: C

Hint: Reviewing audit data should be a function separate from the day-to-day administration of the system.

7. Which of the following is a reason to institute output controls ?

  1. To preserve the integrity of the data in the system while changes are being made to the configuration
  2. To protect the output's confidentiality
  3. To detect irregularities in the software's operation
  4. To recover damage after an identified system failure

Answer: B

Hint: In addition to being used as a transaction control verification mechanism, output controls are used to ensure that output, such as printed reports, is distributed securely. Answer A is an example of change control, C is an example of application controls, and D is an example of recovery controls.

8. Which statement below is NOT correct about reviewing user accounts ?

  1. User account reviews cannot be conducted by outside auditors.
  2. User account reviews can examine conformity with the concept of least privilege.
  3. User account reviews may be conducted on a systemwide basis.
  4. User account reviews may be conducted on an application-by-application basis.

Answer: A

Hint: Reviews can be conducted by, among others, in-house systems personnel (a self-audit), the organization's internal audit staff, or external auditors.

9. Which term below MOST accurately describes the trusted computing base (TCB)?

  1. A computer that controls all access to objects by subjects
  2. A place of information that represents the security level of an object
  3. Formal proofs used to demonstrate the consistency between a system's specification and a security model
  4. The totality of protection mechanisms within a computer system

Answer: D

Hint: The trusted computing base (TCB) represents totality of protection mechanisms within a computer system, including hardware, firmware, and software, the combination of which is responsible for enforcing a security policy. Answer A describes the reference monitor concept, answer B refers to a sensitivity label, and answer C describes formal verification.

10. Which statement below is accurate about the concept of Object Reuse ?

  1. Object reuse protects against physical attacks on the storage medium.
  2. Object reuse ensure that uses do not obtain residual information from system resources.
  3. Object reuse applies to removable media only.
  4. Object reuse controls the granting of access rights to objects.

Answer: B

Hint: Object reuse mechanisms ensure system resources are allocated and assigned among authorized users in a way that prevents the leak of sensitive information, and they ensure that the authorized user of the system does not obtain residual information from system resources. Answer A is incorrect, answer C is incorrect, and answer D refers to authorization, the granting of access rights to a user, program, or process.

11. Using prenumbered forms to initiate a transaction of what type of control ?

  1. Deterent control
  2. Preventative control
  3. Detective control
  4. Application control

Answer: B

Hint: Prenumbered forms are an example of preventative controls. They can also be considered a transaction concept and input control.

12. Which choice below is the BEST description of operational assurance ?

  1. Operational assurance is the process of examining audit logs to reveal usage that identifies misuse.
  2. Operational assurance has the benefit of containing and repairing damage from incidents.
  3. Operational assurance is the process of reviewing an operational system to see that security controls are functioning correctly.
  4. Operational assurance is the process of performing pre-employment background screening.

Answer: C

Hint: Operational assurance is the process of reviewing an operational system to see that security controls, both automated and manual, are functioning correctly and effecively. Operational assurance addresses wheather the system's technical features are being bypassed or have vulnerabilities and wheather required procedures are being followed. Answer A is a description of an audit trail review, answer B is a description of a benefit of incident handling, and answer D describes a personnel control.

13. Which of the following is NOT a proper media control ?

  1. The data media should be logged to provide a physical inventory control.
  2. All data storage media should be accurately marked.
  3. A proper storage environment should be provided for the media.
  4. The media that is reused in a sensitive environment does not need santization.

Answer: C

Hint: Sanitization is the process of removing information from used data media to prevent data remanence. Different media require different types of sanitation. All the others are examples of proper media controls.

14. Which choice below is considered the HIGHEST level of operator privilege ?

  1. Read/ Write
  2. Read only
  3. Access Change
  4. Write only

Answer: C

Hint: The three common levels of operator privileges, based on the concept of "least privilege," are :
- Read Only -- Lowest level, view data only
- Read/Write -- View and modify data
- Access Change -- Highest level, right to change data/operator permissions

Answer D is a distracter.

15. Which choice below MOST accurately describes a covert storage channel ?

  1. A process that manipulates observable system resources in a way that affects response time
  2. An information transfer path within a system
  3. A communication channel that allows a process to transfer information in a manner that violates the system's security policy
  4. An information transfer that involves the direct or indirect writing of a storage location by one process and the direct or indirect reading of the storage location by another process

Answer: D

Hint: A covert storage channel typically involves a finite resource (e.g., sectors on a disk) that is shared by two subjects at different security levels. Answer a is a partial description of a covert timing channel, and answer B is a generic definition of a channel. A channel may also refer to the mechanism by which the path is effected. Answer C is a higher-level definition of a covert channel. While a covert storage channel fits this definition generically, answer D is the proper specific defintion.

16. Which choice below would NOT be a common element of transaction trail ?

  1. The date and time of the transaction
  2. Who processed the transaction
  3. Why the transaction was processed
  4. At which terminal the transaction was processed

Answer: C

Hint: Why the transaction was processed is not initialty a concern of the audit log, But we will investigate it later. The other three elements are all important information that the audit log of the transaction should record.

17. Which choice below would NOT be considered a benefit of employing incident-handling capability ?

  1. An individual acting alone would not be able to subvert a security process or control.
  2. It enhances Internet communications and the readiness of the organization to respond to incidents.
  3. It assists an organization in preventing damage from future incidents.
  4. Security training personnel would have a better understanding of user's knowledge of security issues.

Answer: A

Hint: The primary benefits of employing an incident-handling capability are containing and repairing damage from incidents and preventing future damage. Answer A is a benefit of employing "separation of duties" controls.

18. Which choice below is the BEST description of an audit trail ?

  1. Audit trails are used to detect penetration of a computer system and to reveal usage that identifies misuse.
  2. An audit trail is a device that permits simultaneous data processing of two or more security levels without risk of compromise.
  3. An audit trail medicates all access to sensitive systems by unauthorized personnel.

Answer: A

Hint: An audit trail is a set of records that collectively provide documentary evidence of processing used to aid in tracing from original transactions forward to related records and reports and/or backword from records and reports to their component source transactions. Answer B is a description of a multilevel device, and answer C refers to a network reference monitor. Answer D is incorrect because audit trails are detective, and answwer D describes a preventative process - access control.

19. Which choice below best describes the function of change control ?

  1. To ensure that system changes are implemented in an orderly manner
  2. To guarantee that an operator is given only the privileges needed for the task
  3. To guarantee that transaction records are retained IAW compliance
  4. To assign parts of security-sensitive tasks to more than one individual

Answer: A

Hint: Answer B describes least privilege, answer C describes record retention, and answer D describes separation on duties.

20. Which choice below is NOT an example of intentionally inappropriate operator activity ?

  1. Making errors when manually inputting transactions
  2. Using the company's system to store pornography
  3. Conducting private business on the company system
  4. Using unauthorized access levels to violate information confidentiality

Answer: A

Hint: Which choice a is most certainly an example of a threat to a system's integrity, it is considered unintentional loss, not an intentional activity.

21. Which book of the Rainbow, Series addresses the Trusted Computer System Evaluation Criteria (TCSEC) ?

  1. Red Book
  2. Orange Book
  3. Green Book
  4. Purple Book

Answer: B

22. Which term below BEST describes the concept of least privilege ?

  1. Each user is granted the lowest clearance required for his or her tasks.
  2. A formal separation of command, program, and interface functions.
  3. A combination of classidication and categories that represents the sensitivity of information.
  4. Active monitoring of facility entry access points.

Answer: A

Hint: The least privilege principle requires that each subject in a system be granted the most restricitive set of privileges (or lowest clearance) needed for the performance of authorized tasks. Answer B describes separation of privilege, answer C describes a security level, and answer D is a distracter.

23. Which choice below BEST describes a threat as defined in the Operations security domain ?

  1. A potential incident that could cause harm
  2. A weakness in a system that could be exploited
  3. A company in resource that could be lost due to an incident
  4. The minimization of loss associated with an incident

Answer: A

Hint: Answer B describes a vulnerability, answer c describes an asset, and answer D describes risk management.

24. Which choice below is NOT a common element of user account administration ?

  1. Periodically verifying the legitimacy of current accounts and access authorizations
  2. Authorizing the request for a user's system account
  3. Tracking users and their respective access authorizations
  4. Establishing issuing, and closing user accounts

Answer: B

Hint: For proper separation of duties, the function of user account establishment and maintenance should be separated from the function of initiating and authorizing the creation of the account. User account management focuses on identification, authentication, and access authorizations.

25. Which choice below is NOT an example of using a social engineering technique to gain physical access to a secure facility ?

  1. Asserting authority or pulling rank
  2. Intimidating or threatening
  3. Praising or flattering
  4. Employing the salami fraud

Answer: D

Hint: The salami fraud is an automated fraud technique. I the salami fraud, a programmer will create or alter a program to move small amounts of money into his personal bank account. The amounts are intended to be so small as to be unnoticed,such as rounding in foreign currency exchange transactions. Hence the reference to slicing a salami. The other three choices are common techniques used by an intruder to gain either physical access or system access.

26. Which statement about Covert Channel Analysis is NOT true ?

  1. It is operational assurance requirement that is specified in the Orange Book
  2. It is required for B2 class systems in order to protect against covert storage channels.
  3. It is required for B2 class systems to protect against both covert timing channels.
  4. It is required for B3 class systems to protect against both covert storage and covert timing channels.

Answer: C

Hint: Orange Book B2 class systems do not need to be protected from covert timing channels, Covert channel analysis must be performed for B2-level class systems to protect against only covert storage channels. B3 class systems need to be protected from both covert storage channels and covert timing channels.

27. "Separation of duties" embodies what principle?

  1. An operator does not know more about the system than the minimum required to do the job.
  2. Two operators are required to work in tandem to perform a task.
  3. The operators duties are frequently rotated.
  4. The operators have different duties to prevent one person from compromising the system.

Answer: D

Hint: Separation of duties means that the operators are prevented from generating and verifying transactions alone, For example. A task might be divided into different smaller tasks to accomplish this, or in the case of an operator with multiple duties, the operator makes a logical, functional job change when performing such conflicting duies. Answer A is need-to-know, answer B is dual-control, and C is job rotation.

28. Convert Channel Analysis, Trusted Facility Management, and Trusted Recovery are parts of which book in the TCSEC Rainbow Series ?

  1. Red Book
  2. Orange Book
  3. Green Book
  4. Dark Green Book

Answer: B

Hint: Answer A, the Red book, is the Trusted Network interpretation (TN) summary of network requirements (described in the Telecommunications and Network Security domain; C, the Green Book, is Department of Defence (DoD) Password Management Guideline; and D, the Dark Green Book, is The Guide to Understanding Data Remanence in Automated Information Systems.

29. How do covert timing channels convey information ?

  1. By changing a system's stored data characteristics
  2. By generating noise and traffic with the data
  3. By performing a covert channel analysis
  4. By modifying the timing of a system resource in some measurable way

Answer: D

Hint: A covert timing channel alters the timing of parts of the system to enable it to be used to communicate information covertly (outside the normal security function). Answer A is the description of the use of a covert storage channel, B is a technique to combat the use of covert channels, and C is the Orange Book requirement for B3,B2, and A1 evaluated systems

30. Which of the following would be the BEST description of clipping levels ?

  1. A baseline of user errors above which violations will be recorded
  2. A listing of every error made by users to initiate violation processing
  3. Variance detection of too many people with unrestricted access
  4. Changes a system's stored data characteristics

Answer: A

Hint: This description of a clipping level is the best. It is not B because one reason to create clipping levels is to prevent auditors from having to examine every error. The answer C is a common use for clipping levels but is not a definition.

Suggested Read Articles:
Contents/Index
  1. Chapter 1 (30 Questions)
  2. Chapter 2 (30 Questions)
  3. Chapter 3 (46 Questions)
  4. Chapter 4 (35 Questions)
  5. Chapter 5 (34 Questions)
  6. Chapter 6 (30 Questions)
  7. Chapter 7 (30 Questions)
  8. Chapter 8 (32 Questions)
  9. Chapter 9 (30 Questions)
  10. Chapter 10 (30 Questions)
  11. Chapter 11 (30 Questions)
  12. Chapter 12 (30 Questions)
  13. Chapter 13 (30 Questions)
  14. Chapter 14 (30 Questions)
Advertisement Area