Home > CISSP > Quizzes > CISSP Operational Security
CISSP Operational Security
Fast practice, instant feedback. Timer auto-submits when time’s up.
Avg score: 70% Most missed: “Striped set with dedicated parity at the block level - employs a dedicated parit…”
CISSP Operational Security
Time left 00:00
25 Questions

1. Masquerading as another endpoint. presenting false information - usually within packets - to trick other systems and hide the origin of the message. done to prevent an identity from becoming uncovered

2. Striped set with distributed parity - uses block level striping - writes parity information that is used for recovery purposes. distributes the parity information across multiple disks. allows for data recovery in the event that one disk fails

3. Administrative control where employees are required to take a vacation. helps determine personnel single points of failure - detection and deterence of fraud - and the risk that comes with employees being unavailable for work. can also detect suspici

4. Two parties conspire to undermine the security of the transaction

5. Data that persists beyond noninvasive means to delete it. sometimes used to refer to residual data that remains after sanitization takes place

6. Stipulate all expectations regarding the providing of a service and its quality. what is considered acceptable regarding things such as bandwidth - time to delivery - response time - etc.

7. An offline technique in which the attacker has gained access to the password hashes or database

8. Writing the same data on multiple hard disks

9. Striped set with dedicated parity at the block level - employs a dedicated parity drive rather than having parity data distributed amongst all disks. allows for data recovery in the event that one disk fails

10. Malicious code that hooks onto executable code - and requires user interaction to spread. In addition to spreading - the actual payload of the virus - that is - what it is intended to do - could be anything

11. Means load balancing - each node in a HA cluster is actively processing data prior to failure

12. Striped set - offers no data redundancy and is a poor choice if recovery of data is the reason for leveraging RAID

13. Striped sets in a mirrored set (minimum four disks; even number of disks) provides fault tolerance and improved performance but increases complexity. The key difference from RAID 1+0 is that RAID 0+1 creates a second striped set to mirror a primary s

14. Administrative control - a work related contractual agreement that ensures that employees - prior to being given sensitive information - will maintain the confidentiality and sensitivity of this information (also considered a directive control)

15. Incident response stage in which the affected system(s) are restored to operational status. typically the business unit responsible for the system will dictate when the system will go back online. close monitoring is necessary

16. Considered the most secure means of data sanititzation - commonly uses incineration or pulverization

17. An online technique that involves attempting to authenticate a particular user to a system

18. Striped set with dedicated parity at the byte level - data at the byte level is striped across multiple disks - but an additional disk is leveraged for storage of parity information - which is used for recovery in the event of a failure. allows for d

19. Mirrored set - creates an exact duplicate of all data to an additional disk. allows for data recovery in the event that n-1 disk fails

20. A hot standy - configuration in which the backup systems only begin processing when a failure state is detected

21. Spreading data across multiple hard disks. increases performance and does create data redundancy

22. Administrative security control used in MAC systems where access determination is based upon a clearance level of subjects and classification levels of objects. Compartmentalization enforces need to know which necessitates that someone requires acces

23. The actors causing the threats that might exploit a vulnerability

24. DOS - resource exhaustion - involves ICMP flooding. The attacker sends ICMP echo request messages with spoofed source addresses of the victim to the directed broadcast address of a network known to be smurf amplifier. As with most resource exhaustive

25. Introducing a magnetic field to magnetic storage media. a degausser destroys the integrity of the magnetization of the storage media - making the data unrecoverable