Latest Review Questions and answers of CISSP Informations Systems Security Professional Certification

General Knowledge
General Aptitude
General English
Networking
Interview Questions
- .NET
- Java
- ASP.NET
- C++
- Perl
- Python
- Ruby and Rails
- Struts
- Core Java
- Hibernate
- DB2
- MS SQL Server
- MySQL
- Oracle
- SQL
- DBMS
- Data Warehousing
- Data structures and Algorithms
- CCNA
- CCNP Routing
- CCNP Switching
- Internetworking
- Border Gateway Protocol
- MCSE
- Exchange Server
- Windows Server 2008
- DNS & Active Directory
- Firewall Questions
- Unix
- Linux Server Administrator
- Linux System Administrator
- Linux File Manipulation
Database

Home
Security
CISSP

STRIDE is often used in relation to assessing threats against applications or operating systems. Which of the following is not an element of STRIDE?

A.
Spoofing
B.
Elevation of privilege
C.
Repudiation
D.
Disclosure

Answer & Explanation
Report

Answer : [D]
Explanation :

Disclosure is not an element of STRIDE. The elements of STRIDE are spoofing, tampering, repudiation, information disclosure, denial of service, and elevation of privilege.

Report

Name

If a security mechanism offers availability, then it offers a high level of assurance that authorized subjects can _________________________ the data, objects, and resources.

A.
Control
B.
Audit
C.
Access
D.
Repudiate

Answer & Explanation
Report

Answer : [C]
Explanation :

Accessibility of data, objects, and resources is the goal of availability. If a security mechanism offers availability, then it is highly likely that the data, objects, and resources are accessible to authorized subjects.

Report

Name

______________ refers to keeping information confidential that is personally identifiable or which might cause harm, embarrassment, or disgrace to someone if revealed.

A.
Seclusion
B.
Concealment
C.
Privacy
D.
Criticality

Answer & Explanation
Report

Answer : [C]
Explanation :

Privacy refers to keeping information confidential that is personally identifiable or which might cause harm, embarrassment, or disgrace to someone if revealed. Seclusion is to store something in an out of the way location. Concealment is the act of hiding or preventing disclosure. The level to which information is mission critical is its measure of criticality.

Report

Name

All but which of the following items requires awareness for all individuals affected?

A.
Restricting personal email
B.
Recording phone conversations
C.
Gathering information about surfing habits
D.
The backup mechanism used to retain email messages

Answer & Explanation
Report

Answer : [D]
Explanation :

Users should be aware that email messages are retained, but the backup mechanism used to perform this operation does not need to be disclosed to them.

Report

Name

10.

What element of data categorization management can override all other forms of access control?

A.
Classification
B.
Physical access
C.
Custodian responsibilities
D.
Taking ownership

Answer & Explanation
Report

Answer : [D]
Explanation :

Ownership grants an entity full capabilities and privileges over the object they own. The ability to take ownership is often granted to the most powerful accounts in an operating system because it can be used to overstep any access control limitations otherwise implemented.

Report

Name

Pages
1
2
3
4
5
6
7
8
9
10

Sitemap