CISSP (Information Systems Security) Practice Tests 2019 Set 1

The collection of components in the TCB that work together to implement reference monitor functions is called the

______________________ .

Options are :

  • B. Security kernel
  • C. Access matrix
  • A. Security perimeter

Answer : B. Security kernel

CISSP - Mock Questions with all domains

In what phase of the Capability Maturity Model for Software (SWCMM) are quantitative measures utilized to gain a detailed

understanding of the software development process?

Options are :

  • A. Repeatable
  • B. Defined
  • C. Managed
  • D. Optimizing

Answer : C. Managed

Which of the following is a procedure designed to test and perhaps bypass a system’s security controls?

Options are :

  • B. War dialing
  • A. Logging usage data
  • D. Deploying secured desktop workstations
  • C. Penetration testing

Answer : C. Penetration testing

What type of malware uses social engineering to trick a victim into installing it?

Options are :

  • A. Viruses
  • B. Worms
  • D. Logic bomb
  • C. Trojan horse

Answer : C. Trojan horse

CISSP Security and Risk Management Certified Practice Exam Set 4

A VPN can be established over which of the following?

Options are :

  • A. Wireless LAN connection
  • C. WAN link
  • D. All of the above
  • B. Remote access dial-up connection

Answer : D. All of the above

Which type of intrusion detection system (IDS) can be considered an expert system?

Options are :

  • D. Behavior-based
  • B. Network-based
  • C. Knowledge-based
  • A. Host-based

Answer : D. Behavior-based

What is the length of a message digest produced by the MD5 algorithm?

Options are :

  • B. 128 bits
  • C. 256 bits
  • D. 384 bits
  • A. 64 bits

Answer : B. 128 bits

CISSP (Information Systems Security) Practice Tests 2019 Set 4

Which type of firewall automatically adjusts its filtering rules based on the content of the traffic of existing sessions?

Options are :

  • A. Static packet filtering
  • C. Circuit level gateway
  • D. Dynamic packet filtering
  • B. Application-level gateway

Answer : D. Dynamic packet filtering

Which of the following is considered a denial-of-service attack?

Options are :

  • D. Sending message packets to a recipient who did not request them simply to be annoying
  • C. Intercepting network traffic by copying the packets as they pass through a specific subnet
  • B. While surfing the Web, sending to a web server a malformed URL that causes the system to consume 100 percent of the CPU
  • A. Pretending to be a technical manager over the phone and asking a receptionist to change their password

Answer : B. While surfing the Web, sending to a web server a malformed URL that causes the system to consume 100 percent of the CPU

What type of detected incident allows the most time for an investigation?

Options are :

  • C. Malicious code
  • D. Scanning
  • B. Denial of service
  • A. Compromise

Answer : D. Scanning

CISSP Security Engineering Certification Practice Exam Set 4

The CIA Triad comprises what elements?

Options are :

  • C. Capable, available, integral
  • D. Availability, confidentiality, integrity
  • A. Contiguousness, interoperable, arranged
  • B. Authentication, authorization, accountability

Answer : D. Availability, confidentiality, integrity

System architecture, system integrity, covert channel analysis, trusted facility management, and trusted recovery are elements of what security criteria?

Options are :

  • D. Quantity assurance
  • B. Operational assurance
  • C. Lifecycle assurance
  • A. Quality assurance

Answer : B. Operational assurance

Which of the following is not a required component in the support of accountability?

Options are :

  • C. Authentication
  • D. Authorization
  • B. Privacy
  • A. Auditing

Answer : B. Privacy

CISSP Security Engineering Certification Practice Exam Set 5

In what type of cipher are the letters of the plain-text message rearranged to form the cipher text?

Options are :

  • B. Block cipher
  • D. Onetime pad
  • C. Transposition cipher
  • A. Substitution cipher

Answer : C. Transposition cipher

Which one of the following is a layer of the ring protection scheme that is not normally implemented in practice?

Options are :

  • B. Layer 1
  • C. Layer 3
  • A. Layer 0
  • D. Layer 4

Answer : B. Layer 1

Define and detail the aspects of password selection that distinguish

good password choices from ultimately poor password choices.

Options are :

  • C. Meet specific complexity requirements
  • D. All of the above
  • B. Meet minimum length requirements
  • A. Difficult to guess or unpredictable

Answer : D. All of the above

CISSP - Security Operations Mock Questions

A data custodian is responsible for securing resources after ______________________ has assigned the resource a security label.

Options are :

  • C. An auditor
  • B. The data owner
  • D. Security staff
  • A. Senior management

Answer : B. The data owner

What is the first step of the business impact assessment process?

Options are :

  • C. Risk identification
  • A. Identification of priorities
  • B. Likelihood assessment
  • D. Resource prioritization

Answer : A. Identification of priorities

Which of the following is most likely to detect DoS attacks?

Options are :

  • A. Host-based IDS
  • C. Vulnerability scanner
  • B. Network-based IDS
  • D. Penetration testing

Answer : B. Network-based IDS

CISSP (Information Systems Security) Practice Tests 2019 Set 4

What kind of recovery facility enables an organization to resume operations as quickly as possible, if not immediately, upon failure of the primary facility?

Options are :

  • C. Cold site
  • B. Warm site
  • D. All of the above
  • A. Hot site

Answer : A. Hot site

What is the value of the logical operation shown here?

X: 0 1 1 0 1 0

Y: 0 0 1 1 0 1


X ? Y: ?

Options are :

  • C. 0 0 1 0 0 0
  • A. 0 1 1 1 1 1
  • B. 0 1 1 0 1 0
  • D. 0 0 1 1 0 1

Answer : A. 0 1 1 1 1 1

Which one of the following vulnerabilities would best be countered by adequate parameter checking?

Options are :

  • B. Buffer overflow
  • A. Time of check to time of use
  • D. Distributed denial of service
  • C. SYN flood

Answer : B. Buffer overflow

CISSP - Security Engineering Mock Questions

Audit trails, logs, CCTV, intrusion detection systems, antivirus software, penetration testing, password crackers, performance monitoring, and cyclic redundancy checks (CRCs) are examples of what?

Options are :

  • A. Directive controls
  • D. Corrective controls
  • B. Preventive controls
  • C. Detective controls

Answer : C. Detective controls

Ring 0, from the design architecture security mechanism known as protection rings, can also be referred to as all but which of the following?

Options are :

  • A. Privileged mode
  • B. Supervisory mode
  • C. System mode
  • D. User m

Answer : D. User m

Which of the following is not a defense against collusion?

Options are :

  • B. Restricted job responsibilities
  • A. Separation of duties
  • C. Group user accounts
  • D. Job rotation

Answer : C. Group user accounts

CISSP Security and Risk Management Certified Practice Exam Set 2

If you want to restrict access into or out of a facility, which would you choose?

Options are :

  • D. Mantrap
  • A. Gate
  • B. Turnstile
  • C. Fence

Answer : B. Turnstile

What is the formula used to compute the ALE?

Options are :

  • A. ALE = AV * EF * ARO
  • D. ALE = EF * ARO
  • C. ALE = AV * ARO
  • B. ALE = ARO * EF

Answer : A. ALE = AV * EF * ARO

Spamming attacks occur when numerous unsolicited messages are sent to a victim. Because enough data is sent to the victim to prevent legitimate activity, it is also known as what?

Options are :

  • B. Denial of service
  • D. Buffer overflow attack
  • C. Brute-force attack
  • A. Sniffing

Answer : B. Denial of service

CISSP Security Engineering Certification Practical Exam Set 8

Which of the following represent natural events that can pose a threat or risk to an organization?

Options are :

  • D. All of the above
  • C. Tornado
  • A. Earthquake
  • B. Flood

Answer : D. All of the above

If Renee receives a digitally signed message from Mike, what key does she use to verify that the message truly came from Mike?

Options are :

  • D. Mike’s private key
  • B. Renee’s private key
  • C. Mike’s public key
  • A. Renee’s public key

Answer : C. Mike’s public key

Comment / Suggestion Section
Point our Mistakes and Post Your Suggestions

Subscribe to See Videos

Subscribe to my Youtube channel for new videos : Subscribe Now