CISSP Operational Security MCQs

CISSP Operational Security MCQs

Our experts have gathered these CISSP Operational Security MCQs through research, and we hope that you will be able to see how much knowledge base you have for the subject of CISSP Operational Security by answering these 30 multiple-choice questions.
Get started now by scrolling down!

1: Administrative control where in order to mitigate risk and uncover potential fraud - employee's job or job functions are shifted and changed

A.   Dictionary method of password cracking

B.   Ping of death

C.   Rotation of job/duties


2: Distributed denial of service - many to one availability attack


B.   SYN Flood

C.   Mandatory vacation

D.   Differential backup

3: Considered the most secure means of data sanititzation - commonly uses incineration or pulverization

A.   Wiping

B.   Physical destruction

C.   RAID 1+0

D.   Virus

4: More effective data sanitization technique where data on a drive is overwritten

A.   Password guessing

B.   Wiping

C.   RAID 0

D.   Worm

5: Backup of any files that have changed since the last backup

A.   Eradication

B.   Incremental backup

C.   Brute force approach to password cracking

D.   Need to know

6: An offline technique in which the attacker has gained access to the password hashes or database

A.   Brute force approach to password cracking

B.   Recovery

C.   Password cracking

D.   Worm

7: Denial of service - one to one availability attack

A.   Macro virus

B.   Fraggle

C.   DOS

D.   Password guessing

8: Process: identify a change - propose a change - assess the risk associated with the change - test - schedule the change - notify impacted parties - implement - report the results to management - all changes must be tracked and auditable - a detailed

A.   Collusion

B.   Malware

C.   Change management

D.   Macro virus

9: Uses the dictionary attack but makes alterations to the word before putting the guess through the hashing algorithm

A.   Hybrid approach to password cracking

B.   Rotation of job/duties

C.   Brute force approach to password cracking

D.   Striping

10: Redundant array of inexpensive disks - goal is to mitigate the risk of failure of a hard disk

A.   Ping of death

B.   Password cracking


D.   Dictionary method of password cracking

11: Any type of software that attacks a system or application - also called malicious code

A.   Malware

B.   Full backup

C.   Man in the middle attack

D.   Separation of duties

12: Incident response stage in which the response team attempts to keep further damage from occurring as a result of the incident. also the phase where a binary forensic backup is made of systems involved in the incident.

A.   Recovery

B.   Mandatory vacation

C.   Containment

D.   Man in the middle attack

13: OS - like the smurf attack - leverages a third party - the attacker who has poorly configured third party DNS servers queries an attacker controlled DNS server and cahce the response (the maximum size DNS response). Once the large record is cached by

A.   Reporting

B.   Smurf

C.   DNS reflection

D.   Mirroring

14: DOS - Malformed packet - denial of service involved in sending a malformed ICMP echo request (ping) that was larger than the maximum size of an IP packet. Patching TCPIP stacks of systems removed the vulnerability of this DOS attack

A.   Ping of death

B.   Brute force approach to password cracking

C.   Collusion

D.   Principle of least privileges

15: Used to prevent an attack from being able to simply guess the correct password by attempting a large number of possibilities

A.   RAID 0+1

B.   RAID 6

C.   Non-disclosure agreement

D.   Account lockouts

16: Incident response stage in which a final report is presented to management. the goal is to detail ways in which the identification could have occurred sooner - the response could have been quicker or more effective - and organizational shortcomings t

A.   Reporting

B.   Differential backup

C.   Principle of least privileges

D.   Degaussing

17: Places the attacker between the victim and another system. the attackers goal is to be able to serve as an undiscovered proxy for either or both of two endpoints engaging in communication. Uses sniffing and spoofing. The capabilities of session hijac

A.   RAID 1

B.   Trojan horse

C.   Eradication

D.   Man in the middle attack

18: Introducing a magnetic field to magnetic storage media. a degausser destroys the integrity of the magnetization of the storage media - making the data unrecoverable

A.   Degaussing

B.   Rotation of job/duties

C.   Detection

D.   Fraggle

19: Have the ability to self-propogate - or spread without user interaction. more well known worms: Code Red - Nimda - SQL Slammer - Blaster - MyDoom - Witty

A.   RAID 5

B.   Worm

C.   Threat vectors

D.   Password cracking

20: Administrative security control used in MAC systems where access determination is based upon a clearance level of subjects and classification levels of objects. Compartmentalization enforces need to know which necessitates that someone requires acces

A.   Passive-active cluster

B.   RAID 5

C.   Spoofing

D.   Need to know

21: The actors causing the threats that might exploit a vulnerability

A.   High availability clusters

B.   Threat agent

C.   Collusion

D.   Reporting

22: Striped sets in a mirrored set (minimum four disks; even number of disks) provides fault tolerance and improved performance but increases complexity. The key difference from RAID 1+0 is that RAID 0+1 creates a second striped set to mirror a primary s

A.   RAID 0+1

B.   DNS reflection

C.   Account lockouts

D.   Password guessing

23: Striped set - offers no data redundancy and is a poor choice if recovery of data is the reason for leveraging RAID

A.   RAID 5

B.   Service level agreements

C.   Threat vectors

D.   RAID 0

24: An online technique that involves attempting to authenticate a particular user to a system

A.   Eradication

B.   Threat vectors

C.   Password guessing

D.   Clipping levels

25: Mirrored set - creates an exact duplicate of all data to an additional disk. allows for data recovery in the event that n-1 disk fails

A.   Detection

B.   RAID 1

C.   Non-disclosure agreement

D.   RAID 5

26: Spreading data across multiple hard disks. increases performance and does create data redundancy

A.   Active-active

B.   Macro virus

C.   Data remanence

D.   Striping

27: Writing the same data on multiple hard disks


B.   Recovery

C.   Mirroring

D.   Brute force approach to password cracking

28: Means load balancing - each node in a HA cluster is actively processing data prior to failure

A.   Active-active

B.   Non-disclosure agreement

C.   Worm

D.   Malware

29: Masquerading as another endpoint. presenting false information - usually within packets - to trick other systems and hide the origin of the message. done to prevent an identity from becoming uncovered

A.   Spoofing

B.   Nested raid

C.   Sniffing

D.   Zero day attacks

30: Stipulate all expectations regarding the providing of a service and its quality. what is considered acceptable regarding things such as bandwidth - time to delivery - response time - etc.

A.   Reporting

B.   Full backup

C.   Service level agreements

D.   RAID 4