CISSP - Question Bank 07
Test your knowledge of CISSP with these multiple choice questions. Each Question Bank includes 20 practice questions that have been designed to measure your knowledge of key ideas.
A key factor to keep in mind is that guessing is better than not answering a question.
Every single question on the CISSP exam is a four-option multiple choice question with a single correct answer. Some are straightforward, such as asking you to select a definition. Some are a bit more involved, such as asking you to select the appropriate concept or best practice. And some questions present you with a scenario or situation and ask you to select the best response.
StartQ1. Which one of the following malicious code objects might be inserted in an application by a disgruntled software developer with the purpose of destroying system data upon the deletion of the developer's account (presumably following their termination)?
A. Virus
B. Worm
C. Trojan horse
D. Logic bomb
Q2. What term is used to describe code objects that act on behalf of a user while operating in an unattended manner?
A. Agent
B. Worm
C. Applet
D. Browser
Q3. Which form of DBMS primarily supports the establishment of one-to-many relationships?
A. Relational
B. Hierarchical
C. Mandatory
D. Distributed
Q4. Which of the following characteristics can be used to differentiate worms from viruses?
A. Worms infect a system by overwriting data in the Master Boot Record of a storage device.
B. Worms always spread from system to system without user intervention.
C. Worms always carry a malicious payload that impacts infected systems.
D. All of the above.
Q5. What programming language(s) can be used to develop ActiveX controls for use on an Internet site?
A. Visual Basic
B. C
C. Java
D. All of the above
Q6. What form of access control is concerned with the data stored by a field rather than any other issue?
A. Content-dependent
B. Context-dependent
C. Semantic integrity mechanisms
D. Perturbation
Q7. Which one of the following key types is used to enforce referential integrity between database tables?
A. Candidate key
B. Primary key
C. Foreign key
D. Super key
Q8. Richard believes that a database user is misusing his privileges to gain information about the company's overall business trends by issuing queries that combine data from a large number of records. What process is the database user taking advantage of?
A. Inference
B. Contamination
C. Polyinstantiation
D. Aggregation
Q9. What database technique can be used to prevent unauthorized users from determining classified information by noticing the absence of information normally available to them?
A. Inference
B. Manipulation
C. Polyinstantiation
D. Aggregation
Q10. Which one of the following terms cannot be used to describe the main RAM of a typical computer system?
A. Nonvolatile
B. Sequential access
C. Real memory
D. Primary memory
Q11. What type of information is used to form the basis of an expert system’s decision-making process?
A. A series of weighted layered computations
B. Combined input from a number of human experts, weighted according to past performance
C. A series of "if/then" rules codified in a knowledge base
D. A biological decision-making process that simulates the reasoning process used by the human mind
Q12. Which one of the following intrusion detection systems makes use of an expert to detect anomalous user activity?
A. PIX
B. IDIOT
C. AAFID
D. NIDES
Q13. Which of the following acts as a proxy between two different systems to support interaction and simplify the work of programmers?
A. SDLC
B. ODBC
C. DSS
D. Abstraction
Q14. Which software development life cycle model allows for multiple iterations of the development process, resulting in multiple prototypes, each produced according to a complete design and testing process?
A. Software Capability Maturity Model
B. Waterfall model
C. Development cycle
D. Spiral model
Q15. In systems utilizing a ring protection scheme, at what level does the security kernel reside?
A. Level 0
B. Level 1
C. Level 2
D. Level 3
Q16. Which database security risk occurs when data from a higher classification level is mixed with data from a lower classification level?
A. Aggregation
B. Inference
C. Contamination
D. Polyinstantiation
Q17. Which of the following programming languages is least prone to the insertion of malicious code by a third party?
A. C++
B. Java
C. VBScript
D. FORTRAN
Q18. Which one of the following is not part of the change control process?
A. Request control
B. Release control
C. Configuration audit
D. Change control
Q19. What transaction management principle ensures that two transactions do not interfere with each other as they operate on the same data?
A. Atomicity
B. Consistency
C. Isolation
D. Durability
Q20. Which subset of the Structured Query Language is used to create and modify the database schema?
A. Data Definition Language
B. Data Structure Language
C. Database Schema Language
D. Database Manipulation Language
- Question Bank 00
- Question Bank 01
- Question Bank 02
- Question Bank 03
- Question Bank 04
- Question Bank 05
- Question Bank 06
- Question Bank 07
- Question Bank 08
- Question Bank 09
- Question Bank 10
- Question Bank 11
- Question Bank 12
- Question Bank 13
- Question Bank 14
- Question Bank 15
- Question Bank 16
- Question Bank 17
- Question Bank 18
- Question Bank 19