The primary purpose for using one-way hashing of user passwords within a password file is which of the following?

It prevents an unauthorized person from reading the password.

It prevents an unauthorized person from trying multiple passwords in one logon attempt

It minimizes the amount of storage required for user passwords.

It minimizes the amount of processing time used for encrypting passwords.

Which of the following best describes the principle of least privilege ?

Users are granted only the privileges necessary to perform their tasks..

Users are granted all available privileges for convenience.

Privileges are granted on a rotational basis.

Privileges are granted based on user seniority.

In cryptography, asymmetric encryption primarily differs from symmetric encryption because:

It uses separate public and private keys for encryption and decryption.

It uses a single shared key for both encryption and decryption.

It cannot be used for digital signatures.

It is less secure than symmetric encryption.

Which of the following is a key function of the Trusted Platform Module (TPM)?

Protecting data at rest by storing cryptographic keys securely.

Encrypting network communications.

Acting as a firewall for network security.

Performing real-time data monitoring.

Which of the following is an example of a preventive security control in system architecture?

Implementing firewalls to block unauthorized traffic.

Logging and monitoring user activity.

Encrypting sensitive files before storage.

Performing regular vulnerability scans.

The Clark-Wilson model is based on which key concept?

Well-formed transactions and separation of duties.

Mandatory access control and confidentiality.

Least privilege and need-to-know.

In a Public Key Infrastructure (PKI), the role of a Certificate Authority (CA) is to:

Issue and revoke digital certificates.

Encrypt and decrypt data for end-users.

Encrypt and store data for end-users.

Perform key exchanges between users

The Security Through Obscurity principle is generally:

Discouraged as it relies on keeping details secret rather than securing the system properly.

An essential part of a secure design.

Considered a best practice for modern security.

The primary approach in cryptography.

The concept of Defense in Depth involves:

Using multiple layers of security controls to protect against threats.

Relying on a single, strong control to protect a system.

Obscuring system details to hide vulnerabilities.

Ensuring complete system transparency to detect attacks early.

CISSP Domain 3

Authored by Miftah Rahman

Computers

Professional Development

Used 15+ times

AI Actions

Add similar questions

Adjust reading levels

Convert to real-world scenario

Translate activity

More...

Content View

Student View

20 questions

Show all answers

MULTIPLE CHOICE QUESTION

5 mins • 5 pts

The Secure Hash Algorithm (SHA-1) creates:

a fixed length message digest from a fixed length input message

a variable length message digest from a variable length input message

a fixed length message digest from a variable length input message

a variable length message digest from a fixed length input message

MULTIPLE CHOICE QUESTION

5 mins • 5 pts

A public key algorithm that does both encryption and digital signature is which of the following?

RSA

AES

3DES

SHA

MULTIPLE CHOICE QUESTION

5 mins • 5 pts

Which of the following was developed by the National Computer Security Center (NCSC) for the US Department of Defense?

TCSEC

ITSEC

ICC

ISO 27001

MULTIPLE CHOICE QUESTION

5 mins • 5 pts

Which of the following statements relating to the Bell-LaPadula security model is FALSE?

A subject is not allowed to read up.

The property restriction can be escaped by temporarily downgrading a high level subject.

A subject is not allowed to read down.

It is restricted to confidentiality.

MULTIPLE CHOICE QUESTION

5 mins • 5 pts

Which of the following is a class A fire?

common combustibles

liquid

electrical

Halon

MULTIPLE CHOICE QUESTION

5 mins • 5 pts

Which of the following questions is less likely to help in assessing physical and environmental protection?

Are entry codes changed periodically?

Are appropriate fire suppression and prevention devices installed and working?data transmission lines controlled?

Are there processes to ensure that unauthorized individuals cannot read, copy, alter, or steal printed or electronic information?

Is physical access to data transmission lines controlled?

MULTIPLE CHOICE QUESTION

5 mins • 5 pts

Which security model introduces access to objects only through programs?

The Biba model

The Bell-LaPadula model

The Clark-Wilson model

The information flow model

Access all questions and much more by creating a free account

Create resources

Host any resource

Get auto-graded reports

Continue with Google

Continue with Email

Continue with Classlink

Continue with Clever

or continue with

Microsoft

Apple

Others

Already have an account?

Similar Resources on Wayground

15 questions

Unit 1 lesson 1

Quiz

•

University - Professi...

15 questions

JOB PRO - SOFTWARE

Quiz

•

Professional Development

20 questions

TUGAS 2 PROTOCOL DAN IP ADDRESS

Quiz

•

Professional Development

15 questions

Module 2A. Active Reconnaissance - Scanning

Quiz

•

Professional Development

15 questions

Computer basics for beginners

Quiz

•

Professional Development

15 questions

Python Class 1

Quiz

•

Professional Development

15 questions

Sec+ CH.2 Review Test

Quiz

•

Professional Development

15 questions

China: Communism

Quiz

•

Professional Development

Popular Resources on Wayground

15 questions

Fractions on a Number Line

Quiz

•

3rd Grade

14 questions

Boundaries & Healthy Relationships

Lesson

•

6th - 8th Grade

13 questions

SMS Cafeteria Expectations Quiz

Quiz

•

6th - 8th Grade

20 questions

Equivalent Fractions

Quiz

•

3rd Grade

25 questions

Multiplication Facts

Quiz

•

5th Grade

12 questions

SMS Restroom Expectations Quiz

Quiz

•

6th - 8th Grade

20 questions

Main Idea and Details

Quiz

•

5th Grade

10 questions

Pi Day Trivia!

Quiz

•

6th - 9th Grade

Discover more resources for Computers

20 questions

90s Cartoons

Quiz

•

Professional Development

5 questions

Workplace Documents Practice Test: Document 1

Quiz

•

Professional Development

5 questions

Workplace Documents Practice Test: Document 2

Quiz

•

Professional Development

10 questions

March Quiz

Quiz

•

Professional Development

5 questions

Copy of G5_U6_L8_22-23

Lesson

•

KG - Professional Dev...

CISSP Domain 3

The Secure Hash Algorithm (SHA-1) creates:

A public key algorithm that does both encryption and digital signature is which of the following?

Which of the following was developed by the National Computer Security Center (NCSC) for the US Department of Defense?

Which of the following statements relating to the Bell-LaPadula security model is FALSE?

Which of the following is a class A fire?

Which of the following questions is less likely to help in assessing physical and environmental protection?

Which security model introduces access to objects only through programs?

A model can be used to quickly summarize what permissions a subject has for various system objects.

Who can publish and generate digital signature

The primary purpose for using one-way hashing of user passwords within a password file is which of the following?

Access all questions and much more by creating a free account

Similar Resources on Wayground

Popular Resources on Wayground

Discover more resources for Computers