Click "Start Quiz" to start your CISSP Quiz.
1.
[Identity and Access Management (IAM)]
What type of attack uses precomputed hash tables to reduce password cracking time?
2.
[Identity and Access Management (IAM)]
What is identity management as a service (IDaaS)?
3.
[Basic Security Concepts,Security and Risk Management]
What is the definition of "Concealment"?
4.
[Policies, Procedures and Guidelines,Security and Risk Management]
What is the difference between standards and baselines in security?
5.
[Cryptography,Security Architecture and Engineering]
What is a nonce in cryptography?
6.
[Policies, Procedures and Guidelines,Security and Risk Management]
What is the main purpose of security policies in an organization?
7.
[Basic Security Concepts,Security and Risk Management]
Which of the following is an example of Authenticity?
8.
[Communication and Network Security]
What are the different types of firewalls?
9.
[Communication and Network Security]
What does the OSI model describe in a networking environment?
10.
[Asset Security]
Why is it important to protect proprietary data?
11.
[Cryptography,Security Architecture and Engineering]
What is the name of the algorithm chosen as AES?
12.
[Cryptography,Security Architecture and Engineering]
What is the maximum key size for RSA?
13.
[Identity and Access Management (IAM)]
What is the mechanism used by asynchronous token devices in authentication?
14.
[Asset Security]
What is the main purpose of Data Loss Prevention (DLP) systems?
15.
[Cryptography,Security Architecture and Engineering]
What was the replacement chosen by NIST in 2002 for DES?
16.
[Cryptography,Security Architecture and Engineering]
Which of the following asymmetric encryption algorithms is considered to be secure, but slow?
17.
[Security Assessment and Testing]
What is the difference between a blind test and a double-blind test in penetration testing?
18.
[Cryptography,Security Architecture and Engineering]
What are the two functions of a block cipher during the encryption and decryption process?
19.
[Cryptography,Security Architecture and Engineering]
What is the main disadvantage of using symmetric encryption?
20.
[Asset Security]
What is the best way to protect the confidentiality of data in all data states?
21.
[Asset Security]
What type of protection is available for proprietary data?
22.
[Asset Security]
What steps do database administrators take to protect sensitive data at rest in a web application scenario?
23.
[Identity and Access Management (IAM)]
What are the two broad categories of physical access control cards?
24.
[Basic Security Concepts,Security and Risk Management]
What is the definition of "Criticality"?
25.
[Security Assessment and Testing]
When should web application scans be performed?
26.
[Security Assessment and Testing]
What is test coverage in the context of audits?
27.
[Communication and Network Security]
What are two options that could be performed in a switched environment to use a NIDS?
28.
[Cryptography,Security Architecture and Engineering]
What is El Gamal?
29.
[Basic Security Concepts,Security and Risk Management]
Which of the following is considered a confidentiality threat?
30.
[Security Assessment and Testing]
What type of penetration test refers to using social interaction techniques involving the organization’s employees, suppliers, and contractors to gather information and penetrate the organization’s systems?
31.
[Policies, Procedures and Guidelines,Security and Risk Management]
What is the difference between an organizational security policy and a system-specific security policy?
32.
[Security Assessment and Testing]
What is network scanning?
33.
[Communication and Network Security]
What is the main difference between PGP and PKI?
34.
[Basic Security Concepts,Security and Risk Management]
What is the definition of "Privacy"?
35.
[Basic Security Concepts,Security and Risk Management]
A company's website experiences a DDoS attack, causing it to be inaccessible to customers for several hours. This is an example of which of the following?
36.
[Cryptography,Security Architecture and Engineering]
Who is credited for developing public key encryption?
37.
[Identity and Access Management (IAM)]
What is the purpose of identification in access control?
38.
[Basic Security Concepts,Security and Risk Management]
An employee at a financial institution is found to have unauthorized access to sensitive customer information. This is an example of which of the following?
39.
[Basic Security Concepts,Security and Risk Management]
What is the difference between Authentication and Authorization?
40.
[Communication and Network Security]
What are some protocols included in the Network layer (Layer 3) of the OSI model?