CSSLP UPDATED Exam Questions and
CORRECT Answers
*-property - CORRECT ANSWER - This aspect of the Bell-LaPadula security model is
commonly referred to as the "no-write-down" rule because it doesn't allow a user to write to a
file with a lower security classification, thus preserving confidentiality.
Triple DES encryption (3DES) - CORRECT ANSWER - This type of encryption uses a
standard and puts it through three rounds of encryption used to improve security.
802.11 - CORRECT ANSWER - A family of standards that describe network protocols for
wireless devices.
802.1X - CORRECT ANSWER - An IEEE standard for performing authentication over
networks.
abuse case - CORRECT ANSWER - A use case built around a work process designed to
abuse a normal work process.
acceptance testing - CORRECT ANSWER - The formal analysis that is done to determine
whether a system or software product satisfies its acceptance criteria.
acceptable use policy (AUP) - CORRECT ANSWER - A policy that communicates to
users what specific uses of computer resources are permitted.
access - CORRECT ANSWER - A subject's ability to perform specific operations on an
object, such as a file. Typical levels include read, write, execute, and delete.
access control - CORRECT ANSWER - Mechanisms or methods used to determine what
access permissions subjects (such as users) have for specific objects (such as files).
,access control list (ACL) - CORRECT ANSWER - A list associated with an object (such
as a file) that identifies what level of access each subject (such as a user) has—what they can do
to the object (such as read, write, or execute).
Active Directory - CORRECT ANSWER - The directory service portion of the Windows
operating system that stores information about network-based entities (such as applications, files,
printers, and people) and provides a structured, consistent way to name, describe, locate, access,
and manage these resources.
ActiveX - CORRECT ANSWER - A Microsoft technology that facilitates rich Internet
applications and, therefore, extends and enhances the functionality of Microsoft Internet
Explorer. Like Java, ActiveX enables the development of interactive content. When an ActiveX-
aware browser encounters a webpage that includes an unsupported feature, it can automatically
install the appropriate application so the feature can be used.
Address Resolution Protocol (ARP) - CORRECT ANSWER - A protocol in the TCP/IP
suite specification used to map an IP address to a Media Access Control (MAC) address.
adware - CORRECT ANSWER - Advertising-supported software that automatically plays,
displays, or downloads advertisements after the software is installed or while the application is
being used.
algorithm - CORRECT ANSWER - A step-by-step procedure—typically an established
computation for solving a problem within a set number of steps.
alpha testing - CORRECT ANSWER - This is a form of end-to-end testing done prior to
product delivery to determine operational and functional issues.
annualized loss expectancy (ALE) - CORRECT ANSWER - How much an event is
expected to cost the business per year, given the dollar cost of the loss and how often it is likely
to occur. ALE = single loss expectancy * annualized rate of occurrence.
,annualized rate of occurrence (ARO) - CORRECT ANSWER - The frequency with which
an event is expected to occur on an annualized basis.
anomaly - CORRECT ANSWER - Something that does not fit into an expected pattern.
application - CORRECT ANSWER - A program or group of programs designed to provide
specific user functions, such as a word processor or web server.
ARP - CORRECT ANSWER - See Address Resolution Protocol.
asset - CORRECT ANSWER - Resources and information an organization needs to
conduct its business.
asymmetric encryption - CORRECT ANSWER - Also called public key cryptography, this
is a system for encrypting data that uses two mathematically derived keys to encrypt and decrypt
a message—a public key, available to everyone, and a private key, available only to the owner of
the key.
attack - CORRECT ANSWER - An action taken against a vulnerability to exploit a system.
Attack Surface Analyzer - CORRECT ANSWER - A product from Microsoft designed to
enumerate the elements of a system that are subject to attack.
attack surface evaluation - CORRECT ANSWER - An examination of the elements of a
system that are subject to attack and mitigations that can be applied.
attack surface measurement - CORRECT ANSWER - A measurement of the relative
number of attack points in the system throughout the development process.
attack surface minimization - CORRECT ANSWER - The processes used to minimize the
number of attackable elements in a system.
, attack tree - CORRECT ANSWER - A graphical method of examining the required
elements to successfully prosecute an attack.
audit trail - CORRECT ANSWER - A set of records or events, generally organized
chronologically, that record what activity has occurred on a system. These records (often
computer files) are often used in an attempt to re-create what took place when a security incident
occurred, and they can also be used to detect possible intruders.
auditing - CORRECT ANSWER - Actions or processes used to verify the assigned
privileges and rights of a user, or any capabilities used to create and maintain a record showing
who accessed a particular system and what actions they performed.
authentication - CORRECT ANSWER - The process by which a subject's (such as a user's)
identity is verified.
authentication, authorization, and accounting (AAA) - CORRECT ANSWER - Three
common functions performed upon system login. Authentication and authorization almost
always occur, with accounting being somewhat less common.
Authentication Header (AH) - CORRECT ANSWER - A portion of the IPsec security
protocol that provides authentication services and replay-detection ability. AH can be used either
by itself or with Encapsulating Security Payload (ESP). Refer to RFC 2402.
availability - CORRECT ANSWER - Part of the "CIA" of security. Availability applies to
hardware, software, and data, specifically meaning that each of these should be present and
accessible when the subject (the user) wants to access or use them.
backdoor - CORRECT ANSWER - A hidden method used to gain access to a computer
system, network, or application. Often used by software developers to ensure unrestricted access
to the systems they create. Synonymous with trapdoor.
CORRECT Answers
*-property - CORRECT ANSWER - This aspect of the Bell-LaPadula security model is
commonly referred to as the "no-write-down" rule because it doesn't allow a user to write to a
file with a lower security classification, thus preserving confidentiality.
Triple DES encryption (3DES) - CORRECT ANSWER - This type of encryption uses a
standard and puts it through three rounds of encryption used to improve security.
802.11 - CORRECT ANSWER - A family of standards that describe network protocols for
wireless devices.
802.1X - CORRECT ANSWER - An IEEE standard for performing authentication over
networks.
abuse case - CORRECT ANSWER - A use case built around a work process designed to
abuse a normal work process.
acceptance testing - CORRECT ANSWER - The formal analysis that is done to determine
whether a system or software product satisfies its acceptance criteria.
acceptable use policy (AUP) - CORRECT ANSWER - A policy that communicates to
users what specific uses of computer resources are permitted.
access - CORRECT ANSWER - A subject's ability to perform specific operations on an
object, such as a file. Typical levels include read, write, execute, and delete.
access control - CORRECT ANSWER - Mechanisms or methods used to determine what
access permissions subjects (such as users) have for specific objects (such as files).
,access control list (ACL) - CORRECT ANSWER - A list associated with an object (such
as a file) that identifies what level of access each subject (such as a user) has—what they can do
to the object (such as read, write, or execute).
Active Directory - CORRECT ANSWER - The directory service portion of the Windows
operating system that stores information about network-based entities (such as applications, files,
printers, and people) and provides a structured, consistent way to name, describe, locate, access,
and manage these resources.
ActiveX - CORRECT ANSWER - A Microsoft technology that facilitates rich Internet
applications and, therefore, extends and enhances the functionality of Microsoft Internet
Explorer. Like Java, ActiveX enables the development of interactive content. When an ActiveX-
aware browser encounters a webpage that includes an unsupported feature, it can automatically
install the appropriate application so the feature can be used.
Address Resolution Protocol (ARP) - CORRECT ANSWER - A protocol in the TCP/IP
suite specification used to map an IP address to a Media Access Control (MAC) address.
adware - CORRECT ANSWER - Advertising-supported software that automatically plays,
displays, or downloads advertisements after the software is installed or while the application is
being used.
algorithm - CORRECT ANSWER - A step-by-step procedure—typically an established
computation for solving a problem within a set number of steps.
alpha testing - CORRECT ANSWER - This is a form of end-to-end testing done prior to
product delivery to determine operational and functional issues.
annualized loss expectancy (ALE) - CORRECT ANSWER - How much an event is
expected to cost the business per year, given the dollar cost of the loss and how often it is likely
to occur. ALE = single loss expectancy * annualized rate of occurrence.
,annualized rate of occurrence (ARO) - CORRECT ANSWER - The frequency with which
an event is expected to occur on an annualized basis.
anomaly - CORRECT ANSWER - Something that does not fit into an expected pattern.
application - CORRECT ANSWER - A program or group of programs designed to provide
specific user functions, such as a word processor or web server.
ARP - CORRECT ANSWER - See Address Resolution Protocol.
asset - CORRECT ANSWER - Resources and information an organization needs to
conduct its business.
asymmetric encryption - CORRECT ANSWER - Also called public key cryptography, this
is a system for encrypting data that uses two mathematically derived keys to encrypt and decrypt
a message—a public key, available to everyone, and a private key, available only to the owner of
the key.
attack - CORRECT ANSWER - An action taken against a vulnerability to exploit a system.
Attack Surface Analyzer - CORRECT ANSWER - A product from Microsoft designed to
enumerate the elements of a system that are subject to attack.
attack surface evaluation - CORRECT ANSWER - An examination of the elements of a
system that are subject to attack and mitigations that can be applied.
attack surface measurement - CORRECT ANSWER - A measurement of the relative
number of attack points in the system throughout the development process.
attack surface minimization - CORRECT ANSWER - The processes used to minimize the
number of attackable elements in a system.
, attack tree - CORRECT ANSWER - A graphical method of examining the required
elements to successfully prosecute an attack.
audit trail - CORRECT ANSWER - A set of records or events, generally organized
chronologically, that record what activity has occurred on a system. These records (often
computer files) are often used in an attempt to re-create what took place when a security incident
occurred, and they can also be used to detect possible intruders.
auditing - CORRECT ANSWER - Actions or processes used to verify the assigned
privileges and rights of a user, or any capabilities used to create and maintain a record showing
who accessed a particular system and what actions they performed.
authentication - CORRECT ANSWER - The process by which a subject's (such as a user's)
identity is verified.
authentication, authorization, and accounting (AAA) - CORRECT ANSWER - Three
common functions performed upon system login. Authentication and authorization almost
always occur, with accounting being somewhat less common.
Authentication Header (AH) - CORRECT ANSWER - A portion of the IPsec security
protocol that provides authentication services and replay-detection ability. AH can be used either
by itself or with Encapsulating Security Payload (ESP). Refer to RFC 2402.
availability - CORRECT ANSWER - Part of the "CIA" of security. Availability applies to
hardware, software, and data, specifically meaning that each of these should be present and
accessible when the subject (the user) wants to access or use them.
backdoor - CORRECT ANSWER - A hidden method used to gain access to a computer
system, network, or application. Often used by software developers to ensure unrestricted access
to the systems they create. Synonymous with trapdoor.
