CISSP Domain 3 Exam Questions –

CISSP Domain 3 Practice Questions

Carl has noticed a high level of TCP traffic in and out of the network. After running a packet sniffer, he discovered malformed TCP ACK packets with unauthorized data. What has Carl discovered?

  • Buffer overflow attack
  • Asynchronous attack
  • Covert channel attack
  • DoS attack

Which of the BEST internationally recognized standard for evaluating security products and systems?

  • Payment Card Industry Data Security Standards (PCI-DSS)
  • Common Criteria (CC)
  • Health Insurance Portability and Accountability Act (HIPAA)
  • Sarbanes-Oxley (SOX)

What is the purpose of the *-property in the Bell-LaPadula model?

  • No read up
  • No write up
  • No read down
  • No write down

Which of the following standards evaluates functionality and assurance separately?

Which model is also known as the Chinese Wall model?

  • Biba
  • Take-Grant
  • Harrison-Ruzzo-Ullman
  • Brewer-Nash

Attempt to take advantage of how a system handles multiple requests

  • Aggregation
  • State attacks
  • State machine model
  • Message authentication code (MAC)

Which part of an operating system (OS) is responsible for providing security interfaces among the hardware, OS, and other parts of the computing system?

  • Reference monitor
  • Trusted Computing Base (TCB)
  • Time separation
  • Security kernel

Which of the following types of CPUs can perform multiple operations from a single instruction?

Involves the removal of characteristics from an entity in order to easily represent its essential properties.

  • Algorithm
  • Abstraction
  • Diffusion
  • Substitution

Which of the following examines integrity and availability?

  • Orange Book
  • Brown Book
  • Red Book
  • Purple Book

Which of the following statements BEST describes least privilege principle in a cloud environment?

  • A single cloud administrator is configured to access core functions.
  • Internet traffic is inspected for all incoming and outgoing packets.
  • Routing configurations are regularly updated with the latest routes.
  • Network segments remain private if unneeded to access the internet.

The action of changing a message into another format through the use of a code.

  • Paging
  • OWASP
  • Firmware
  • Encoding

The core of an OS, and one of its main functions is to provide access to system resources, which includes the system’s hardware and processes.

  • System kernel
  • State attacks
  • Abstraction
  • Firmware

What is the purpose of the simple integrity property of the Biba model?

  • No read up
  • No write up
  • No read down
  • No write down

Which of the following are developed by programmers and used to allow the bypassing of normal processes during development but are left in the software when it ships to the customer?

  • Back doors
  • Traps
  • Buffer overflows
  • Covert channels

Which of the following does the Biba model address?

  • Focuses on internal threats
  • Focuses on external threats
  • Addresses confidentiality
  • Addresses availability

Which of the following security modes of operation best describes when a user has a valid need to know all data?

  • Dedicated
  • System High
  • Compartmented
  • Multilevel

Stores data that has a high probability of being requested by the CPU.

  • Digital signatures
  • Primary storage
  • Stores data that has a high probability of being requested by the CPU. Paging
  • IT infrastructure library (ITIL)

Which of the following can be used to connect different MAC systems together?

  • Labels
  • Reference model
  • Controls
  • Guards

Which of the following was the first model developed that was based on confidentiality?

  • Bell-LaPadula
  • Biba
  • Clark-Wilson
  • Take-Grant

Multilevel lattice models are security models that describes strict layers of subjects and objects and defines clear rules that allow or disallow interactions between them based on the layers they are in.

Which of the following models is integrity based and was developed for commercial applications?

  • Information Flow
  • Clark-Wilson
  • Bell-LaPadula
  • Brewer-Nash

Message digest is a small representation of a larger message. Message digests are used to ensure the authentication and integrity of information, not the confidentiality.

Hybrid cloud infrastructure is a composition of two or more distinct cloud infrastructures (private, community, or public) that remain unique entities but are bound together by standardized or proprietary technology that enables data and application portability.

Which of the following security models make use of the TLC concept?

  • Biba
  • Clark Wilson
  • Bell-LaPadula
  • Brewer Nash

A private cloud is a model where the cloud infrastructure is provisioned for exclusive use by a single organization comprising multiple consumers.

Key clustering is when different encryption keys generate the same ciphertext from the same plaintext message.

Which of the following best describes a superscalar processor?

  • A superscalar processor can execute only one instruction at a time.
  • A superscalar processor has two large caches that are used as input and output buffers.
  • A superscalar processor can execute multiple instructions at the same time.
  • A superscalar processor has two large caches that are used as output buffers.


Source link