CISSP Communication and Network Security Practice Exam Set 1

Of the following, which multiple access method for computer networks does 802.11 Wireless Local Area Network use?


Options are :

  • 802.11 RTS/CTS Exchange
  • CSMA/CD
  • 802.11 does not support multiple access methods
  • CSMA/CA (Correct)

Answer : CSMA/CA

You are part of a security staff at a highly profitable bank and each day, all traffic on the network is logged for later review. Every Friday when major deposits are made you're seeing a series of bits placed in the "Urgent Pointer" field of a TCP packet. This is only 16 bits which isn't much but it concerns you because:


Options are :

  • It is normal traffic because sometimes the previous fields 16 bit checksum value can over run into the urgent pointer's 16 bit field causing the condition.
  • It could be a sign of a damaged network cable causing the issue.
  • This could be a sign of covert channeling in bank network communications and should be investigated. (Correct)
  • It could be a symptom of malfunctioning network card or drivers and the source system should be checked for the problem

Answer : This could be a sign of covert channeling in bank network communications and should be investigated.

How many bits is the address space reserved for the source IP address within an IPv6 header?


Options are :

  • 32
  • 256
  • 64
  • 128 (Correct)

Answer : 128

Which type of attack involves the altering of a systems Address Resolution Protocol (ARP) table so that it contains incorrect IP to MAC address mappings?


Options are :

  • Reverse ARP
  • Poisoning ARP cache
  • Reverse ARP table poisoning
  • ARP table poisoning (Correct)

Answer : ARP table poisoning

CISSP - Software Development Security Mock Questions

What would you call the process that takes advantages of the security provided by a transmission protocol by carrying one protocol over another?


Options are :

  • Tunneling (Correct)
  • Steganography
  • Concealing
  • Piggy Backing

Answer : Tunneling

Which of the following is NOT a countermeasure to traffic analysis?


Options are :

  • Faraday Cage
  • Padding messages.
  • Eavesdropping. (Correct)
  • Sending noise.

Answer : Eavesdropping.

Which of the following describes the sequence of steps required for a Kerberos session to be established between a user (Principal P1), and an application server (Principal P2)?


Options are :

  • Principal P1 receives a Ticket Granting Ticket (TGT), and then Principal P2 requests a service ticket from the KDC.
  • Principal P1 authenticates to the Key Distribution Center (KDC), Principal P1 receives a Ticket Granting Ticket (TGT), and Principal P1 requests a service ticket from the Ticket Granting Service (TGS) in order to access the application server P2 (Correct)
  • Principal P1 authenticates to the Key Distribution Center (KDC),
  • Principals P1 and Principals P2 authenticate to the Key Distribution Center (KDC),

Answer : Principal P1 authenticates to the Key Distribution Center (KDC), Principal P1 receives a Ticket Granting Ticket (TGT), and Principal P1 requests a service ticket from the Ticket Granting Service (TGS) in order to access the application server P2

What is called an attack in which an attacker floods a system with connection requests but does not respond when the target system replies to those requests?


Options are :

  • Buffer overflow attack
  • SYN attack (Correct)
  • Smurf attack
  • Ping of death attack

Answer : SYN attack

At which OSI layer does SSL reside in?


Options are :

  • Network
  • Transport (Correct)
  • Session
  • Application

Answer : Transport

You are using an open source packet analyzer called Wireshark and are sifting through the various conversations to see if anything appears to be out of order.You are observing a UDP conversation between a host and a router. It was a file transfer between the two on port 69. What protocol was used here to conduct the file transfer?


Options are :

  • LAND Attack
  • Replay Attack
  • Fraggle Attack
  • Smurf Attack (Correct)

Answer : Smurf Attack

CISSP Security and Risk Management Certified Practice Exam Set 1

What is the three-way handshake sequence used to initiate TCP connections?


Options are :

  • SYN, SYN, ACK/ACK
  • ACK, SYN/ACK, ACK
  • SYN, SYN/ACK, ACK (Correct)
  • ACK, SYN/ACK, SYN

Answer : SYN, SYN/ACK, ACK

Organizations should consider which of the following first before allowing external access to their LANs via the Internet?


Options are :

  • Plan for implementing workstation locking mechanisms.
  • Plan for considering proper authentication options. (Correct)
  • Plan for providing the user with his account usage information.
  • Plan for protecting the modem pool.

Answer : Plan for considering proper authentication options.

A packet containing a long string of NOP's followed by a command is usually indicative of what?


Options are :

  • A half-port scan.
  • A syn scan.
  • A packet destined for the network's broadcast address.
  • A buffer overflow attack. (Correct)

Answer : A buffer overflow attack.

Several analysis methods can be employed by an IDS, each with its own strengths and weaknesses, and their applicability to any given situation should be carefully considered. There are two basic IDS analysis methods that exist.Which of the basic method is more prone to false positive?


Options are :

  • .Host-based intrusion detection
  • Anomaly Detection (Correct)
  • Pattern Matching (also called signature analysis)
  • Network-based intrusion detection

Answer : Anomaly Detection

Which of the following service is a distributed database that translate host name to IP address to IP address to host name?


Options are :

  • SMTP
  • DNS (Correct)
  • SSH
  • FTP

Answer : DNS

Which of the following answers presents the MOST significant threat to network based IDS or IPS systems?


Options are :

  • Encrypted Traffic (Correct)
  • Complex IDS/IPS Signature Syntax
  • Digitally Signed Network Packets
  • Segregated VLANs

Answer : Encrypted Traffic

CISSP Security and Risk Management Certified Practice Exam Set 4

What is the BEST answer pertaining to the difference between the Session and Transport layers of the OSI model?


Options are :

  • The Transport layer sets up communication between computer systems, while the Session layer sets up connections between applications. (Correct)
  • The Session layer sets up communication between computer systems, while the Transport layer sets up connections between protocols
  • The Session layer sets up communication between protocols, while the Transport layer sets up connections between computer systems.

Answer : The Transport layer sets up communication between computer systems, while the Session layer sets up connections between applications.

In the days before CIDR (Classless Internet Domain Routing), networks were commonly organized by classes. Which of the following would have been true of a Class A network?


Options are :

  • The first bit of the IP address would be set to one and the second bit set to zero.
  • None
  • The first two bits of the IP address would be set to one, and the third bit set to zero
  • The first bit of the IP address would be set to zero. (Correct)
  • The first three bits of the IP address would be set to one

Answer : The first bit of the IP address would be set to zero.

Which of the following is an IP address that is private (i.e. reserved for internal networks, and not a valid address to use on the Internet)?


Options are :

  • 192.168.42.5 (Correct)
  • 192.175.42.5
  • 192.166.42.5
  • 192.1.42.5

Answer : 192.168.42.5

Which of the following is most affected by denial-of-service (DoS) attacks?


Options are :

  • Availability (Correct)
  • Integrity
  • Confidentiality
  • Accountability

Answer : Availability

Which of the following is NOT a way to secure a wireless network?


Options are :

  • Give AP's descriptive names (Correct)
  • Put the access points (AP) in a location protected by a firewall
  • Disable broadcast of SSID within AP`s configuration
  • Change AP's default values

Answer : Give AP's descriptive names

CISSP - Mock Questions with all domains

In the Open Systems Interconnect (OSI) Reference Model, at what level are TCP and UDP provided?


Options are :

  • Transport (Correct)
  • Presentation
  • Application
  • Network

Answer : Transport

What is called an attack where the attacker spoofs the source IP address in an ICMP ECHO broadcast packet so it seems to have originated at the victim's system, in order to flood it with REPLY packets?


Options are :

  • SYN Flood attack
  • Ping of Death attack
  • Smurf attack (Correct)
  • Denial of Service (DoS) attack

Answer : Smurf attack

Which conceptual approach to intrusion detection system is the MOST common?


Options are :

  • Host-based intrusion detection
  • Behavior-based intrusion detection
  • Statistical anomaly-based intrusion detection
  • Knowledge-based intrusion detection (Correct)

Answer : Knowledge-based intrusion detection

Which of the following DoD Model layer provides non-repudiation services?


Options are :

  • Data link layer.
  • Network layer.
  • Transport layer.
  • Application layer. (Correct)

Answer : Application layer.

In this type of attack, the intruder re-routes data traffic from a network device to a personal machine. This diversion allows an attacker to gain access to critical resources and user credentials, such as passwords, and to gain unauthorized access to critical systems of an organization. Pick the BEST choice below.


Options are :

  • Network Address Hijacking (Correct)
  • Network Address Sniffing
  • Network Address Supernetting
  • Network Address Translation

Answer : Network Address Hijacking

What is a decrease in amplitude as a signal propagates along a transmission medium BEST known as?


Options are :

  • Delay distortion
  • Attenuation (Correct)
  • Noise
  • Crosstalk

Answer : Attenuation

CISSP Security Engineering Certification Practical Exam Set 10

The IP header contains a protocol field. If this field contains the value of 2, what type of data is contained within the IP datagram?


Options are :

  • ICMP
  • UDP
  • TCP.
  • IGMP. (Correct)

Answer : IGMP.

Which of the following is TRUE regarding Transmission Control Protocol (TCP) and User Datagram Protocol (UDP)?


Options are :

  • UDP is useful for longer messages, rather than TCP
  • UDP provides for Error Correction, TCP does not
  • TCP does not guarantee delivery of data, while UDP does guarantee data delivery.
  • TCP is connection-oriented, UDP is not (Correct)

Answer : TCP is connection-oriented, UDP is not

Looking at the choices below, which ones would be the most suitable protocols/tools for securing e-mail?


Options are :

  • SSH
  • TLS and SSL
  • PGP and S/MIME (Correct)
  • IPsec and IKE

Answer : PGP and S/MIME

Comment / Suggestion Section
Point our Mistakes and Post Your Suggestions