CISSP - Communications and Network Security Mock Questions

Which of these remote access protocol has the option to send our data encrypted?

Options are :

  • Secure Shell.
  • PowerShell.
  • Command prompt.
  • Telnet.

Answer : Secure Shell.

Explanation SSH (Secure Shell) is used for remote access over a network. Data is encrypted, but some recent leaks have shown the CIA may have tools that can break SSH.

CISSP - Security and Risk Management Pratice Questions

To establish a TCP session, we are using the TCP 3-way handshake. What is the correct order of the handshake?

Options are :

  • SYN/ACK > ACK > SYN.
  • SYN > ACK > ACK.
  • SYN > SYN/ACK > ACK.
  • SYN > SYN/ACK > SYN.

Answer : SYN > SYN/ACK > ACK.

Explanation The 3-way handshake is client SYN > Server SYN/ACK > Client ACK.

Which of these is a TRUE statement about the TCP protocol?

Options are :

  • It is always encrypted.
  • It is proprietary.
  • It is connection oriented.
  • It is connectionless.

Answer : It is connection oriented.

Explanation TCP (Transmission Control Protocol): Reliable, Connection oriented, Guaranteed delivery, 3 way handshake, slower/more overhead, data reassembled.

An IPv4 address consists of how many bits?

Options are :

  • 4 bit.
  • 32 bit
  • 128 bit.
  • 8 bit.

Answer : 32 bit

Explanation IPv4 (Internet Protocol version 4) addresses: IPv4 addresses are made up of 4 octets (dotted-decimal notation) and broken further down in a 32 bit integer binary.

CISSP - Security Engineering Mock Questions

Which type of IPv4 address is the range 172.31.0.0/24?

Options are :

  • Private.
  • Public.
  • Link-local.
  • Loopback.

Answer : Private.

Explanation 172.16.0.0 – 172.31.255.255 are private IP's, we can use them on our internal network, they are not routable on the internet.

Which layer of the Open Systems Interconnect (OSI) model isolates traffic into broadcast domains?

Options are :

  • 4
  • 5
  • 1
  • 3

Answer : 3

Explanation Layer 3: Network Layer: Expands to many different nodes (IP) – The Internet is IP based. Isolates traffic into broadcast domains.

We are using a distance vector routing protocol. Which path would our traffic take from router A to router B?


Options are :

  • The 1Mbps path.
  • The 10Mbps path.
  • The 1Gbps path.

Answer : The 10Mbps path.

Explanation Distance vector routing protocols: Only focuses on how far the destination is in Hops (how many routers in between here and there). Does not care about bandwidth, it just uses the shortest path.

CISSP - Software Development Security Mock Questions

The IPv4 address 169.254.0.0/16 is which type of an addresses?

Options are :

  • Link-local.
  • Private.
  • Public.
  • Loopback.

Answer : Link-local.

Explanation 169.254.0.1 to 169.254.255.254 may be used for link-local addressing in IPv4. Link-local addresses are assigned to interfaces by host-internal, i.e. stateless, address autoconfiguration when other means of address assignment are not available. Most commonly seen when our system for one reason ors from accessing the internet.

  • Segments a switch into multiple separate logical networks.
  • Divides a switch into equally large portions for each VLAN.
  • Shows a network administrator the traffic on his network.
  • Answer : Segments a switch into multiple separate logical networks.

    Explanation VLAN (Virtual LAN) is a broadcast domain that is partitioned and isolated at layer 2. Specific ports on a switch is assigned to a certain VLAN. It allows networks and devices that must be kept separate to share the same physical devices without interacting, for simplicity, security, traffic management, and/or cost reduction.

    Trying to convert a very old frame relay connection we have to a remote office, you are asked to include a list of the abbreviations you have used and what they stand for. Which of these would you add to that list? (Select all that apply).

    Options are :

    • DLCI (Data Link Connection Identifiers).
    • SVC (Switched Virtual Circuit).
    • SON (Synchronous Optical Networking).
    • PVC (Permanent Virtual Circuit).
    • PSC (Permanent Switched Circuit).

    Answer : DLCI (Data Link Connection Identifiers). SVC (Switched Virtual Circuit). PVC (Permanent Virtual Circuit).

    Explanation Frame Relay is a Packet-Switching L2 protocol, it has no error recovery and only focus on speed. Higher level protocols can provide that if needed. PVC (Permanent Virtual Circuit): Always up, ready to transmit data. Form logical end-to-end links mapped over a physical network. SVC (Switched Virtual Circuit): Calls up when it needs to transmit data and closes the call when it is done. Uses DLCI (Data Link Connection Identifiers) to identify the virtual connection, this way the receiving end knows which connection an information frame belongs to.

    Looking at the Open Systems Interconnection model (OSI model), which of these protocols would we find on layer 3? (Select all that apply).

    Options are :

    • IKE.
    • IPSEC.
    • IMAP.
    • ICMP.
    • IP.

    Answer : IKE. IPSEC. ICMP. IP.

    Explanation Layer 3: Network Layer: Expands to many different nodes (IP) – The Internet is IP based. Isolates traffic into broadcast domains. Protocols: IP, ICMP, IPSEC, IGMP, IGRP, IKE, ISAKMP, IPX. If the exam asks which layer a protocol with “I? is, remember IP, IGMP, IGRP, IPSEC, IKE, ISAKMP, … are all layer 3, all except IMAP which is layer 7.

    CISSP - Security Operations Mock Questions

    As part of a security audit, we have found some security flaws. The IT Security team has been asked to suggest mitigation strategies using the OSI model. Which of these would address layer 7 issues?

    Options are :

    • Access Lists.
    • Start using application firewalls.
    • Installing UPSes in the data center.
    • Shut down open unused ports.

    Answer : Start using application firewalls.

    Explanation Application layer firewalls are on the 7th OSI Layer. The key benefit of application layer firewalls is that they can understand certain applications and protocols. They see the entire packet; the packet isn't decrypted until layer 6; any other firewall can only inspect the packet, but not the payload. They can detect if an unwanted application or service is attempting to bypass the firewall using a protocol on an allowed port, or detect if a protocol is being used any malicious way.

    We use many different names for different types of networks. When our engineers are talking about the extranet, what are they referring to?

    Options are :

    • The global collection of peered WAN networks, often between ISPs or long haul providers.
    • The local area network we have in our home.
    • An organization's privately owned and operated internal network.
    • Connected private intranets often between business partners or parent/child companies.

    Answer : Connected private intranets often between business partners or parent/child companies.

    Explanation An Extranet is a connection between private Intranets, often connecting business partners' Intranets.

    You get stopped on the way to your office by the CEO. She wants to talk to you because you are one of those IT people. The CEO is wanting us to implement VoIP and has heard it uses the User Datagram Protocol (UDP). On which layer of the Open Systems Interconnection model (OSI model) would we find the UDP protocol?


    Options are :

    • B: Layer 4.
    • A: Layer 5.
    • E: Layer 1.
    • D: Layer 2.
    • C: Layer 3.

    Answer : B: Layer 4.

    Explanation OSI layer 4 (Transport Layer) UDP (User Datagram Protocol): Connectionless protocol, unreliable, VOIP, Live video, gaming, “real time’’. Timing is more important than delivery confirmation.

    CISSP - Software Development Security Mock Questions

    On which layer of the Open Systems Interconnect (OSI) model do we establish the connection between 2 applications?

    Options are :

    • 5
    • 4
    • 6
    • 3

    Answer : 5

    Explanation Layer 5: Session Layer: Establishes connection between 2 applications: Setup > Maintenance > Tear Down.

    If you see any IPv4 address in the 127.0.0.0/8 range, what type of IPv4 address is that?

    Options are :

    • Private.
    • Link-local.
    • Public.
    • Loopback.

    Answer : Loopback.

    Explanation IPv4 network standards reserve the entire 127.0.0.0/8 address block for loopback purposes. That means any packet sent to one of those 16,777,214 addresses (127.0.0.1 through 127.255.255.254) is looped back. IPv6 has just a single address, ::1.

    Which type of networking circuits would we use to ensure the traffic ALWAYS uses the same path?

    Options are :

    • Full traffic switching.
    • Packet switching.
    • Circuit switching.
    • Weighted routing tables.

    Answer : Circuit switching.

    Explanation Circuit switching - Expensive, but always available; used less often. A dedicated communications channel through the network. The circuit guarantees the full bandwidth. The circuit functions as if the nodes were physically connected by a cable.

    CISSP Security Engineering Certification Practice Exam Set 4

    We are using the OSI model to categorize attacks and threats. Which of these are COMMON layer 2 threats?

    Options are :

    • Eavesdropping.
    • SYN floods.
    • ARP spoofing.
    • Ping of death.

    Answer : ARP spoofing.

    Explanation ARP spoofing is an attack where an attacker sends a fake ARP (Address Resolution Protocol) messages over a local area network. This results in associating the attacker's MAC address with the IP address of an authorized computer or server on our network.

    Which organization is responsible for delegating IP addresses to ISPs in the Caribbean and Latin America?

    Options are :

    • APNIC.
    • ARIN.
    • RIPE NNC.
    • LACNIC.

    Answer : LACNIC.

    Explanation The world is divided into RIR (Regional Internet Registry) regions and organizations in those areas delegate the address space they have control over. LACNIC (Latin America and Caribbean Network Information Centre): Latin America and parts of the Caribbean region.

    We are blocking unused ports on our servers as part of our server hardening, when we block TCP/UDP port 138. Which protocol are we blocking?

    Options are :

    • IMAP.
    • Microsoft Terminal Server (RDP).
    • NetBIOS datagram service.
    • NetBIOS name service.

    Answer : NetBIOS datagram service.

    Explanation NetBIOS Datagram Service uses TCP/UCP port 138.

    CISSP Security Assessment Testing Security Operations Exam Set 2

    Jane is implementing Quality of Service (QoS) on our network. Which of these is one of the KEY benefit of QOS?

    Options are :

    • Priority traffic (often VoIP) gets higher priority.
    • All traffic gets equal preference on the network.
    • We have less traffic congestion, because we spread the traffic over multiple paths.
    • Larger data gets priority. This could be file uploads or downloads.

    Answer : Priority traffic (often VoIP) gets higher priority.

    Explanation QoS (Quality of Service) gives specific traffic priority over other traffic; this is most commonly VoIP (Voice over IP), or other UDP traffic needing close to real time communication. Other non real time traffic is down prioritized; the 0.25 second delay won’t be noticed.

    Which of these protocols are used to transport operating systems to diskless workstations?

    Options are :

    • SFTP.
    • FTPS
    • FTP.
    • TFTP.

    Answer : TFTP.

    Explanation TFTP (Trivial FTP): Uses UDP Port 69. No authentication or directory structure, files are written and read from one directory /tftpboot. Used for "Bootstrapping" - Downloading an OS over the network for diskless workstations.

    We are slowly migrating from IPv4 to IPv6. In the process we are using dual stack routers. One of your colleagues has asked how large IPv6 addresses are. What do you answer?

    Options are :

    • 128 bit.
    • 32 bit
    • 64 bit.
    • 256 bit.

    Answer : 128 bit.

    Explanation IPv6 is 128 bit in hexadecimal numbers (uses 0-9 and a-f). 8 groups of 4 hexadecimals, making addresses look like this: fd01:fe91:aa32:342d:74bb:234c:ce19:123b

    CISSP - Security Operations Mock Questions

    Our networking department is recommending we use a simplex solution for an implementation. What is one of the KEY FEATURES of simplex solutions?

    Options are :

    • Only one system on the network can send one signal at a time.
    • One way communication: One system transmits, the other receives. Direction can't be reversed.
    • Both systems can send and receive at the same time.
    • One way communication: one system transmits, the other receives. Direction can be reversed.

    Answer : One way communication: One system transmits, the other receives. Direction can't be reversed.

    Explanation Simplex is a one-way communication (one system transmits, the other listens).

    We have had a lot of employee complaints since we started blocking TCP/UDP port 80. What are we blocking?

    Options are :

    • SMTP.
    • POP3.
    • HTTPS.
    • HTTP.

    Answer : HTTP.

    Explanation Hypertext Transfer Protocol (HTTP) uses TCP/UDP port 80, can also use port 8008 and 8080 .

    We have been tasked with implementing secure cables throughout all the buildings in our organization. What would be our CHEAPEST option to use?

    Options are :

    • Copper Ethernet.
    • Wireless.
    • Coax copper.
    • Fiber Ethernet.

    Answer : Fiber Ethernet.

    Explanation The most secure cable is fiber cables, it is slightly more expensive than copper, since we need both we would use fiber cables. Wireless is .. well not a cable.

    CISSP Security and Risk Management Certified Practice Exam Set 2

    We are moving to IPv6, and a friend of yours is at our helpdesk is asking, "In MAC/EUI-64 MAC addresses, how many bits is the unique device identifier?" What should you answer?

    Options are :

    • 48
    • 12
    • 24
    • 40

    Answer : 40

    Explanation EUI/MAC-64 Mac addresses are 64 bits. The first 24 are the manufacturer identifier. The last 40 are unique and identifies the host.

    A system is requesting an IP address using DHCP. How would the traffic flow look?

    Options are :

    • Request > Discovery > Offer > Acknowledge.
    • Discovery > Offer > Request > Acknowledge.
    • Request > Offer >Discovery > Acknowledge.
    • Request > Offer > Acceptance > Acknowledge.

    Answer : Discovery > Offer > Request > Acknowledge.

    Explanation DHCP (Dynamic Host Configuration Protocol) uses the Discovery > Offer > Request > Acknowledge flow. It is the protocol we use to assign IP’s. Controlled by a DHCP Server for your environment.

    Comment / Suggestion Section
    Point our Mistakes and Post Your Suggestions

    Subscribe to See Videos

    Subscribe to my Youtube channel for new videos : Subscribe Now