CISSP Communication and Network Security Practice Exam Set 7

You are using the open-source packet analyzer called Wireshark and you go through the various discussions of whether something seems to be out order.You monitor the UDP conversation between the host and the router. It was the transfer of files between the two gates 69. What protocol is used here to manage file transfer?


Options are :

  • None
  • replay attack
  • Fraggle Attack
  • Smurf attack (Correct)
  • LAND Attack

Answer : Smurf attack

The package includes a long string of NOP's, followed by the command is usually a sign of what?


Options are :

  • None
  • A buffer overflow attack. (Correct)
  • Syn scan.
  • Half-port scan.
  • The package is intended for the network broadcast address.

Answer : A buffer overflow attack.

DMZ is also known as a:


Options are :

  • three-legged firewall.
  • bastion host
  • None
  • place to attract hackers.
  • screened subnet. (Correct)

Answer : screened subnet.

CISSP - Security Assessment and Testing Mock

In stateful firewall, data packets captured by the inspection engine that is in operation:


Options are :

  • The Audit Layer.
  • Network or Transport Layer. (Correct)
  • None
  • Application Layer.
  • The Data Link Layer.

Answer : Network or Transport Layer.

Application-layer firewall is also known as:


Options are :

  • Session Layer Gateway.
  • Transfer Layer Gateway.
  • power of attorney (Correct)
  • None
  • Presentation Layer Gateway.

Answer : power of attorney

Which of the following is the most secure firewall implementation?


Options are :

  • The screened subnet firewalls (Correct)
  • None
  • The dual-homed host firewalls
  • Packet filtering firewalls
  • The screened host firewalls

Answer : The screened subnet firewalls

CISSP - Security Operations Mock Questions

Which of the following was developed a simple mechanism allows simple network terminals to load the operating system from the server over the LAN?


Options are :

  • ARP
  • BootP (Correct)
  • DHCP
  • DNS
  • None

Answer : BootP

Older coaxial cable has largely been replaced by a twisted pair, which is very easy to handle, inexpensive, and resistant to a number of host error at once, particularly when one of the following topology:


Options are :

  • None
  • Point to Point Configuration.
  • The ring assembly.
  • Star Configuration. (Correct)
  • Shift the transfer Configuration.

Answer : Star Configuration.

Which of the following NAT firewall translation facilities allows a large number of internal customers share one or a small group of routable IP addresses for secret identities when communicating with external hosts?


Options are :

  • Verkkoredundanssin translation
  • static translation
  • Load Balancing translation
  • None
  • dynamic translation (Correct)

Answer : dynamic translation

CISSP - Mock Questions with all domains

Network-based intrusion detection


Options are :

  • .commonly do not live in a separate network segment and monitor traffic to the network segment.
  • None
  • tend to be located in a discrete segment of the network and monitor traffic to the network segment. (Correct)
  • tend to be located in a discrete segment of the network and monitor traffic to the network segment.
  • tend to be located in the host and monitor traffic on that particular server.

Answer : tend to be located in a discrete segment of the network and monitor traffic to the network segment.

DMZ is located:


Options are :

  • right behind the first passive network the Internet http firewall
  • right behind the first Internet firewall (Correct)
  • in front of the first Internet firewall
  • None
  • in front of the first Internet firewall

Answer : right behind the first Internet firewall

Which of the following describes the steps required for Kerberos session is established between the user (Principal P1), and an application server (Principal P2)?


Options are :

  • None
  • The heads P1 and P2 principals to authenticate key (KDC);
  • The main P1 receives a Ticket Granting Ticket (TGT), and then the main P2 to request service from the KDC.
  • The key to verify the P1 key functions (KDC)
  • The key P1 to authenticate key functions (KDC), the Principal P1 receives a Ticket Granting Ticket (TGT), and the main P1 to request service from the Ticket Granting Service (TGS) for access to the application server P2 (Correct)

Answer : The key P1 to authenticate key functions (KDC), the Principal P1 receives a Ticket Granting Ticket (TGT), and the main P1 to request service from the Ticket Granting Service (TGS) for access to the application server P2

CISSP Security Engineering Certification Practice Exam Set 7

Frame Relaying to use the public telephone network to provide:


Options are :

  • Local area network (LAN) connection.
  • Metropolitan Area Network (MAN) connectivity.
  • Wide Area Network (WAN) connections (Correct)
  • World Area Network (WAN) connections
  • None

Answer : Wide Area Network (WAN) connections

With the OSI / ISO layer encrypted authentication of the client software package and the firewall is done?


Options are :

  • DataLink Layer
  • None
  • Session layer
  • the network layer
  • transport layer (Correct)

Answer : transport layer

Which OSI layer does not live in SSL?


Options are :

  • session
  • Transport (Correct)
  • application
  • network
  • None

Answer : Transport

CISSP - Software Development Security Mock Questions

Which type of attack involves conversion systems Address Resolution Protocol (ARP) table so that it contains the incorrect IP address is the MAC descriptions?


Options are :

  • ARP poisoning (Correct)
  • None
  • Poison ARP cache
  • Reverse ARP
  • Reverse ARP poisoning

Answer : ARP poisoning

Which of the following NAT firewall translation facilities do not offer protection against hacking attacks internal to the host using this function?


Options are :

  • Load Balancing translation
  • static translation (Correct)
  • None
  • Verkkoredundanssin translation
  • dynamic translation

Answer : static translation

How many bits are reserved for address space the source IP address of the IPv6 header?


Options are :

  • 32
  • 64
  • 256
  • None
  • 128 (Correct)

Answer : 128

CISSP Communication and Network Security Practice Exam Set 2

Which of the following packages should not be dropped at the firewall to protect the internal network of the organization?


Options are :

  • Outgoing packets to an external destination IP address (Correct)
  • Incoming packets with source routing is used
  • The router protocols
  • None
  • Incoming packets to the internal address as the source IP address

Answer : Outgoing packets to an external destination IP address

Demilitarized is:


Options are :

  • None
  • militarized network segment
  • part of the network completely safe from hackers
  • party wall
  • between the network segment of the Internet and private network (Correct)

Answer : between the network segment of the Internet and private network

One drawback Application Level Firewall is that it will reduce network performance is due to the fact that it has to be analyzed each package and:


Options are :

  • decide what to do for each user.
  • decide what to do for each application.
  • None
  • decide what to do for each port
  • decide what to do with each packet. (Correct)

Answer : decide what to do with each packet.

CISSP Security Engineering Certification Practice Exam Set 3

DMZ normally does not contain:


Options are :

  • e-mail access
  • None
  • the encryption server (Correct)
  • external DNS server
  • network server

Answer : the encryption server

Which of the following was designed more fault-tolerant than the Ethernet topology, and very flexible when properly?


Options are :

  • Token system.
  • Overlapping ring.
  • Token Link
  • None
  • Token Ring. (Correct)

Answer : Token Ring.

Knowledge-based intrusion detection systems (IDS) are more common than:


Options are :

  • Host-based IDS
  • Network-based IDS
  • Application-Based IDS
  • None
  • behavior-based IDS (Correct)

Answer : behavior-based IDS

CISSP Security Engineering Certification Practice Exam Set 6

What do you want to call a process that takes advantages of reliability transmission protocol by making one protocol on top?


Options are :

  • concealment
  • Piggy backing
  • None
  • steganography
  • tunneling (Correct)

Answer : tunneling

What is the three-way handshake sequence used to initiate TCP connections?


Options are :

  • ACK, SYN / ACK, SYN
  • SYN, SYN, ACK / ACK
  • None
  • SYN, SYN / ACK ACK (Correct)
  • ACK, SYN / ACK ACK

Answer : SYN, SYN / ACK ACK

Proxy servers work by transferring a copy of the data packet from one network to another for each of the approved, which covers:


Options are :

  • owner of the information.
  • None
  • the origin of the information. (Correct)
  • The data payload.
  • Data for details.

Answer : the origin of the information.

CISSP Security Engineering Certification Practical Exam Set 1

Which of the following should be used to replace Telnet secure remote login insecure network?


Options are :

  • rLogin
  • None
  • SSH (Correct)
  • S-Telnet
  • SSL

Answer : SSH

Which of the following is designed to support multiple network types on the same serial link?


Options are :

  • PPTP
  • Ethernet
  • PPP (Correct)
  • SLIP
  • None

Answer : PPP

Which of the following is the primary safety feature of a proxy server?


Options are :

  • route blocking
  • content filtering (Correct)
  • antivirus
  • URL blocking
  • None

Answer : content filtering

CISSP - Mock Questions with all domains

A packet filtering firewall system is considered:


Options are :

  • second-generation firewall.
  • Third Generation Firewall.
  • Fourth-generation firewall.
  • None
  • The first generation of firewall. (Correct)

Answer : The first generation of firewall.

Which of the following attack is mostly performed an attacker to steal the identity of the user information such as credit card number, passwords, etc.?


Options are :

  • Smurf attack
  • interrupt the attack
  • pharming (Correct)
  • None
  • traffic analysis

Answer : pharming

Which of the following allows two computers to coordinate the software to perform?


Options are :

  • RSH
  • SNMP
  • None
  • NFS (Correct)
  • RPC

Answer : NFS

CISSP Security and Risk Management Certified Practice Exam Set 3

What is the biggest danger DHCP?


Options are :

  • Having multiple clients at the same local area network with the same IP address.
  • Having the wrong router is the default gateway.
  • Having the organization's mail server unreachable.
  • None
  • The intruder online presence of a DHCP server, and thus misconfiguring DHCP clients. (Correct)

Answer : The intruder online presence of a DHCP server, and thus misconfiguring DHCP clients.

Which of the following is less likely to be currently used to create a Virtual Private Network?


Options are :

  • .L2F (Correct)
  • L2TP
  • PPTP
  • None
  • IPSec

Answer : .L2F

Which of the following is not usually should be allowed through the firewall?


Options are :

  • HTTP
  • SSH
  • SNMP (Correct)
  • None
  • SMTP

Answer : SNMP

CISSP - Mock Questions with all domains

You are part of the security staff very profitable bank, and every day, all network traffic is logged for later review. Every Friday when large deposits are shown a series of bits placed in the "Urgent Pointer" field of the TCP packet. This is only 16 bits, which is not much, but it applies to you, because:


Options are :

  • None
  • This may be a sign of covert channeling bank network communication should look into. (Correct)
  • It is normal traffic, because sometimes the last fields of 16-bit checksum can be more than run into urgent pointer to a 16-bit field causes the condition.
  • It could be a sign of a damaged network cable is causing the problem.
  • It could be a symptom of a malfunction, or network card drivers and the source of the problem has to be reviewed

Answer : This may be a sign of covert channeling bank network communication should look into.

Comment / Suggestion Section
Point our Mistakes and Post Your Suggestions

Subscribe to See Videos

Subscribe to my Youtube channel for new videos : Subscribe Now