CISSP-ISSAP Information Systems Security Architecture Exam Set 3

A network is configured on a Bus topology. Which of the following conditions could cause a

network failure? Each correct answer represents a complete solution. Choose all that apply.

A. A break in a network cable

B. 75 ohm terminators at open ends

C. A powered off workstation

D. An open-ended cable without terminators


Options are :

  • B,D,A
  • D,B,C
  • A,B,D (Correct)
  • A,B,C

Answer : A,B,D

Computer networks and the Internet are the prime mode of Information transfer today. Which of

the following is a technique used for modifying messages, providing Information and Cyber

security, and reducing the risk of hacking attacks during communications and message passing

over the Internet?


Options are :

  • OODA loop
  • Firewall security
  • Cryptography (Correct)
  • Risk analysis

Answer : Cryptography

CISSP - Software Development Security Mock Questions

Sam is creating an e-commerce site. He wants a simple security solution that does not require

each customer to have an individual key. Which of the following encryption methods will he use?


Options are :

  • Asymmetric encryption
  • S/MIME
  • Symmetric encryption (Correct)
  • PGP

Answer : Symmetric encryption

You want to connect a twisted pair cable segment to a fiber-optic cable segment. Which of the

following networking devices will you use to accomplish the task?


Options are :

  • Repeater (Correct)
  • Switch
  • Hub
  • Router

Answer : Repeater

Which of the following are the initial steps required to perform a risk analysis process? Each

correct answer represents a part of the solution. Choose three.

A. Estimate the potential losses to assets by determining their value.

B. Establish the threats likelihood and regularity.

C. Valuations of the critical assets in hard costs.

D. Evaluate potential threats to the assets.


Options are :

  • B,C,A
  • A,B,C
  • D,B,C
  • A,B,D (Correct)
  • None
  • None

Answer : A,B,D

CISSP - Security and Risk Management Pratice Questions

You work as a technician for Trade Well Inc. The company is in the business of share trading. To

enhance security, the company wants users to provide a third key (apart from ID and password) to

access the company's Web site. Which of the following technologies will you implement to

accomplish the task?


Options are :

  • VPN
  • Key fobs (Correct)
  • Smart cards
  • Biometrics

Answer : Key fobs

Which of the following are the countermeasures against a man-in-the-middle attack? Each correct

answer represents a complete solution. Choose all that apply.

A. Using public key infrastructure authentication.

B. Using basic authentication.

C. Using Secret keys for authentication.

D. Using Off-channel verification.


Options are :

  • A,B,C
  • A,C,D (Correct)
  • C,B,A
  • D,B,D

Answer : A,C,D

Kerberos is a computer network authentication protocol that allows individuals communicating

over a non-secure network to prove their identity to one another in a secure manner. Which of the

following statements are true about the Kerberos authentication scheme? Each correct answer

represents a complete solution. Choose all that apply.

A. Kerberos requires continuous availability of a central server.

B. Dictionary and brute force attacks on the initial TGS response to a client may reveal the

subject's passwords.

C. Kerberos builds on Asymmetric key cryptography and requires a trusted third party.

D. Kerberos requires the clocks of the involved hosts to be synchronized.


Options are :

  • A,B,C
  • C,B,A
  • A,B,D (Correct)
  • C,D,A

Answer : A,B,D

CISSP-ISSEP Information Systems Security Engineering Exam Set 6

An organization is seeking to implement a hot site and wants to maintain a live database server at

the backup site. Which of the following solutions will be the best for the organization?


Options are :

  • Transaction logging
  • Electronic vaulting
  • Remote journaling
  • Remote mirroring (Correct)

Answer : Remote mirroring

Which of the following encryption methods does the SSL protocol use in order to provide

communication privacy, authentication, and message integrity? Each correct answer represents a

part of the solution. Choose two.

A. Public key

B. IPsec

C. MS-CHAP

D. Symmetric


Options are :

  • A,D (Correct)
  • B,D
  • C,B
  • A,C

Answer : A,D

Which of the following refers to a location away from the computer center where document copies

and backup media are kept?


Options are :

  • Storage Area network
  • Off-site storage (Correct)
  • On-site storage
  • Network attached storage

Answer : Off-site storage

CISSP - Security and Risk Management Pratice Questions

You are the Network Administrator for a small business. You need a widely used, but highly

secure hashing algorithm. Which of the following should you choose?


Options are :

  • SHA (Correct)
  • AES
  • CRC32
  • EAP

Answer : SHA

Which of the following protocols is designed to efficiently handle high-speed data over wide area

networks (WANs)?


Options are :

  • PPP
  • Frame relay (Correct)
  • X.25
  • SLIP

Answer : Frame relay

Which of the following statements best describes a certification authority?


Options are :

  • A certification authority is a type of encryption that uses a public key and a private key pair for data encryption
  • A certification authority is a type of encryption that uses a single key to encrypt and decrypt data.
  • A certification authority is a technique to authenticate digital documents by using computer cryptography.
  • A certification authority is an entity that issues digital certificates for use by other parties. (Correct)

Answer : A certification authority is an entity that issues digital certificates for use by other parties.

CISSP Security Engineering Certification Practice Exam Set 7

You work as a Network Administrator of a TCP/IP network. You are having DNS resolution

problem. Which of the following utilities will you use to diagnose the problem?


Options are :

  • NSLOOKUP (Correct)
  • TRACERT
  • IPCONFIG
  • PING

Answer : NSLOOKUP

Which of the following are the primary components of a discretionary access control (DAC)

model? Each correct answer represents a complete solution. Choose two.

A. User's group

B. File and data ownership

C. Smart card

D. Access rights and permissions


Options are :

  • B,D (Correct)
  • B,A
  • B,C
  • A,B

Answer : B,D

In which of the following network topologies does the data travel around a loop in a single direction

and pass through each device?


Options are :

  • Mesh topology
  • Star topology
  • Ring topology (Correct)
  • Tree topology

Answer : Ring topology

CISSP Security Engineering Certification Practice Exam Set 3

In which of the following alternative processing sites is the backup facility maintained in a constant

order, with a full complement of servers, workstations, and communication links ready to assume

the primary operations responsibility?


Options are :

  • Mobile Site
  • Cold Site
  • Hot Site (Correct)
  • Warm Site

Answer : Hot Site

Which of the following is an input device that is used for controlling machines such as cranes,

trucks, underwater unmanned vehicles, wheelchairs, surveillance cameras, and zero turning

radius lawn mowers?


Options are :

  • Joystick (Correct)
  • PS/2
  • Microphone
  • AGP

Answer : Joystick

Which of the following two components does Kerberos Key Distribution Center (KDC) consist of?

Each correct answer represents a complete solution. Choose two.

A. Data service

B. Ticket-granting service

C. Account service

D. Authentication service


Options are :

  • B,D (Correct)
  • B,C
  • C,D
  • A,B

Answer : B,D

CISSP - Security Engineering Mock Questions

Which of the following statements about incremental backup are true? Each correct answer

represents a complete solution. Choose two.

A. It is the fastest method of backing up data.

B. It is the slowest method for taking a data backup.

C. It backs up the entire database, including the transaction log.

D. It backs up only the files changed since the most recent backup and clears the archive bit.


Options are :

  • A,D (Correct)
  • A,B
  • B,C
  • C,D

Answer : A,D

CISSP Security Engineering Certification Practice Exam Set 9

John works as a security manager for SoftTech Inc. He is working with his team on the disaster

recovery management plan. One of his team members has a doubt related to the most cost

effective DRP testing plan. According to you, which of the following disaster recovery testing plans

is the most cost-effective and efficient way to identify areas of overlap in the plan before

conducting more demanding training exercises?


Options are :

  • Walk-through drill
  • Evacuation drill
  • Full-scale exercise
  • Structured walk-through test (Correct)

Answer : Structured walk-through test

Which of the following are used to suppress paper or wood fires? Each correct answer represents

a complete solution. Choose two.

A. Soda acid

B. Kerosene

C. Water

D. CO2


Options are :

  • D,A
  • B,A
  • A,C (Correct)
  • D,B

Answer : A,C

Which of the following authentication methods support mutual authentication? Each correct

answer represents a complete solution. Choose two.

A. MS-CHAP v2

B. NTLM

C. EAP-MD5

D. EAP-TLS


Options are :

  • A,B
  • B,C
  • A,D (Correct)
  • C,D

Answer : A,D

CISSP - Security and Risk Management Pratice Questions

Adam works as a Network Administrator. He discovers that the wireless AP transmits 128 bytes of

plaintext, and the station responds by encrypting the plaintext. It then transmits the resulting

ciphertext using the same key and cipher that are used by WEP to encrypt subsequent network

traffic. Which of the following types of authentication mechanism is used here?


Options are :

  • Single key authentication
  • Shared key authentication (Correct)
  • Pre-shared key authentication
  • Open system authentication

Answer : Shared key authentication

A digital signature is a type of public key cryptography. Which of the following statements are true

about digital signatures? Each correct answer represents a complete solution. Choose all that

apply.

A. In order to digitally sign an electronic record, a person must use his/her public key.

B. In order to verify a digital signature, the signer's private key must be used.

C. In order to digitally sign an electronic record, a person must use his/her private key.

D. In order to verify a digital signature, the signer's public key must be used.


Options are :

  • A,B
  • D,A
  • C,D (Correct)
  • B,C

Answer : C,D

You work as a Network Administrator for Blue Bell Inc. The company has a TCP-based network.

The company has two offices in different cities. The company wants to connect the two offices by

using a public network. You decide to configure a virtual private network (VPN) between the

offices. Which of the following protocols is used by VPN for tunneling?


Options are :

  • HTTPS
  • NONE
  • L2TP (Correct)
  • SSL
  • IPSec

Answer : L2TP

CISSP - Security and Risk Management Pratice Questions

Which of the following is the technology of indoor or automotive environmental comfort?


Options are :

  • CCTV
  • NIPS
  • HIPS
  • HVAC (Correct)

Answer : HVAC

Which of the following are the centralized administration technologies? Each correct answer

represents a complete solution. Choose all that apply.

A. RADIUS

B. TACACS+

C. Media Access control

D. Peer-to-Peer


Options are :

  • D,A
  • C,D
  • A,B (Correct)
  • B,C

Answer : A,B

Which of the following firewalls inspects the actual contents of packets?


Options are :

  • Application-level firewall (Correct)
  • Circuit-level firewall
  • Packet filtering firewall
  • Stateful inspection firewall

Answer : Application-level firewall

CISSP Security Engineering Certification Practical Exam Set 5

Comment / Suggestion Section
Point our Mistakes and Post Your Suggestions

Subscribe to See Videos

Subscribe to my Youtube channel for new videos : Subscribe Now