CISSP-ISSAP Information Systems Security Architecture Exam Set 5

Which of the following Incident handling process phases is responsible for defining rules,

collaborating human workforce, creating a back-up plan, and testing the plans for an enterprise?


Options are :

  • Identification phase
  • Containment phase
  • Eradication phase
  • Recovery phase
  • Preparation phase (Correct)

Answer : Preparation phase

CISSP Security Engineering Certification Practical Exam Set 1

You are the Network Administrator for a bank. In addition to the usual security issues, you are

concerned that your customers could be the victim of phishing attacks that use fake bank Web

sites. Which of the following would protect against this?


Options are :

  • MAC
  • Two factor authentication
  • Mutual authentication (Correct)
  • Three factor authentication

Answer : Mutual authentication

You work as a Security Manager for Tech Perfect Inc. The management tells you to implement a


hashing method in the organization that can resist forgery and is not open to the man-in-the-

middle attack. Which of the following methods will you use to accomplish the task?


Options are :

  • NTLM
  • SHA
  • MAC (Correct)
  • MD

Answer : MAC

Which of the following authentication methods is based on physical appearance of a user?


Options are :

  • Key fob
  • ID/password combination
  • Biometrics (Correct)
  • Smart card

Answer : Biometrics

CISSP - Mock Questions with all domains

Which of the following encryption algorithms is used by the Clipper chip, which supports the

escrowed encryption standard?


Options are :

  • Blowfish
  • Skipjack (Correct)
  • IDEA
  • AES

Answer : Skipjack

You work as a Network Administrator for McRoberts Inc. You are expanding your company's

network. After you have implemented the network, you test the connectivity to a remote host by

using the PING command. You get the ICMP echo reply message from the remote host. Which of

the following layers of the OSI model are tested through this process? Each correct answer

represents a complete solution. Choose all that apply.

A. Layer 3

B. Layer 2

C. Layer 4

D. Layer 1


Options are :

  • A,B,D (Correct)
  • A,B,C
  • B,D,A
  • C,B,D

Answer : A,B,D

Which of the following layers of the OSI model provides non-repudiation services?


Options are :

  • The application layer (Correct)
  • The presentation layer
  • The physical layer
  • The data-link layer

Answer : The application layer

CISSP - Software Development Security Mock Questions

Which of the following is an entry in an object's discretionary access control list (DACL) that grants

permissions to a user or group?


Options are :

  • Access control entry (ACE) (Correct)
  • Security Identifier (SID)
  • Access control list (ACL)
  • Discretionary access control entry (DACE)

Answer : Access control entry (ACE)

Which of the following are man-made threats that an organization faces? Each correct answer

represents a complete solution. Choose three.

A. Theft

B. Employee errors

C. Strikes

D. Frauds


Options are :

  • B,A,C
  • A,B,C
  • A,B,D (Correct)
  • C,D,A

Answer : A,B,D

An organization has implemented a hierarchical-based concept of privilege management in which

administrators have full access, HR managers have less permission than the administrators, and

data entry operators have no access to resources. Which of the following access control models is

implemented in the organization?


Options are :

  • Discretionary access control (DAC)
  • Network-based access control (NBAC)
  • Mandatory Access Control (MAC)
  • Role-based access control (RBAC) (Correct)

Answer : Role-based access control (RBAC)

CISSP - Mock Questions with all domains

John works as an Ethical Hacker for company Inc. He wants to find out the ports that are open in

company's server using a port scanner. However, he does not want to establish a full TCP

connection. Which of the following scanning techniques will he use to accomplish this task?


Options are :

  • TCP SYN (Correct)
  • Xmas tree
  • TCP FIN
  • TCP SYN/ACK

Answer : TCP SYN

Which of the following statements about Network Address Translation (NAT) are true? Each

correct answer represents a complete solution. Choose three.

A. It hides the internal IP addressing scheme.

B. It protects network from the password guessing attacks.

C. It is used to connect private networks to the public Internet.

D. It shares public Internet addresses with a large number of internal network clients.


Options are :

  • A,B,C
  • C,D,A
  • A,C,D (Correct)
  • B,D,A

Answer : A,C,D

You are the Network Administrator for a large corporate network. You want to monitor all network

traffic on your local network for suspicious activities and receive a notification when a possible

attack is in process. Which of the following actions will you take for this?


Options are :

  • Install a DMZ firewall
  • Enable verbose logging on the firewall
  • Install a network-based IDS (Correct)
  • Install a host-based IDS

Answer : Install a network-based IDS

CISSP Security Engineering Certification Practical Exam Set 4

You work as a remote support technician. A user named Rick calls you for support. Rick wants to

connect his LAN connection to the Internet. Which of the following devices will you suggest that he

use?


Options are :

  • Switch
  • Repeater
  • Router (Correct)
  • Bridge
  • Hub

Answer : Router

Which of the following algorithms is found to be suitable for both digital signature and encryption?


Options are :

  • MD5
  • AES
  • RSA (Correct)
  • SHA-1

Answer : RSA

Which of the following protocols should a Chief Security Officer configure in the network of his

company to protect sessionless datagram protocols?


Options are :

  • SLIP
  • SWIPE
  • S/MIME
  • SKIP (Correct)

Answer : SKIP

CISSP - Security and Risk Management Pratice Questions

Which of the following is an infrastructure system that allows the secure exchange of data over an

unsecured network?


Options are :

  • PMK
  • GTK
  • PTK
  • PKI (Correct)

Answer : PKI

Which of the following encryption methods comes under symmetric encryption algorithm? Each

correct answer represents a complete solution. Choose three.

A. DES

B. Blowfish

C. RC5

D. Diffie-Hellman


Options are :

  • C,B,A
  • D,C,B
  • A,B,C (Correct)
  • D,B,A

Answer : A,B,C

You are responsible for security at a defense contracting firm. You are evaluating various possible

encryption algorithms to use. One of the algorithms you are examining is not integer based, uses

shorter keys, and is public key based. What type of algorithm is this?


Options are :

  • None - all encryptions are integer based.
  • Elliptic Curve (Correct)
  • RSA
  • Symmetric

Answer : Elliptic Curve

CISSP - Software Development Security Mock Questions

Which of the following categories of access controls is deployed in the organization to prevent all

direct contacts with systems?


Options are :

  • Physical access control (Correct)
  • Detective access control
  • Administrative access control
  • Technical access control

Answer : Physical access control

Which of the following methods for identifying appropriate BIA interviewees' includes examining

the organizational chart of the enterprise to understand the functional positions?


Options are :

  • Organizational chart reviews (Correct)
  • Executive management interviews
  • Organizational process models
  • Overlaying system technology

Answer : Organizational chart reviews

Which of the following user authentications are supported by the SSH-1 protocol but not by the

SSH-2 protocol? Each correct answer represents a complete solution. Choose all that apply.

A. TIS authentication

B. Rhosts (rsh-style) authentication

C. Kerberos authentication

D. Password-based authentication


Options are :

  • D,A,B
  • B,C,D
  • C,D,A
  • A,B,C (Correct)

Answer : A,B,C

CISSP Security and Risk Management Certified Practice Exam Set 1

Fill in the blank with the appropriate encryption system. The ______ encryption system is an


asymmetric key encryption algorithm for the public-key cryptography, which is based on the Diffie-

Hellman key agreement.


Options are :

  • ElGamal (Correct)

Answer : ElGamal

An access control secures the confidentiality, integrity, and availability of the information and data

of an organization. In which of the following categories can you deploy the access control? Each

correct answer represents a part of the solution. Choose all that apply.

A. Detective access control

B. Corrective access control

C. Administrative access control

D. Preventive access control


Options are :

  • D,B,A
  • C,B,D
  • A,B,C
  • A,B,D (Correct)

Answer : A,B,D

Which of the following decides access control on an object in the mandatory access control (MAC)

environment?


Options are :

  • Security log
  • Event log
  • Sensitivity label (Correct)
  • System Access Control List (SACL)

Answer : Sensitivity label

CISSP Security Engineering Certification Practical Exam Set 10

You work as a Network Administrator for company Inc. The company has deployed an ASA at the

network perimeter. Which of the following types of firewall will you use to create two different

communications, one between the client and the firewall, and the other between the firewall and

the end server?


Options are :

  • Stateful firewall
  • Proxy-based firewall (Correct)
  • Packet filter firewall
  • Endian firewall

Answer : Proxy-based firewall

Which of the following protocols provides the highest level of VPN security with a VPN connection

that uses the L2TP protocol?


Options are :

  • PPPoE
  • IPSec (Correct)
  • PPP
  • TFTP

Answer : IPSec

You work as a Chief Security Officer for Tech Perfect Inc. The company has an internal room

without any window and is totally in darkness. For security reasons, you want to place a device in

the room. Which of the following devices is best for that room?


Options are :

  • Closed-circuit television
  • Badge
  • Alarm
  • Photoelectric motion detector (Correct)

Answer : Photoelectric motion detector

CISSP - Software Development Security Mock Questions

You are the Security Administrator for a consulting firm. One of your clients needs to encrypt

traffic. However, he has specific requirements for the encryption algorithm. It must be a symmetric

key block cipher. Which of the following should you choose for this client?


Options are :

  • PGP
  • SSH
  • RC4
  • DES (Correct)

Answer : DES

Which of the following protocols supports encapsulation of encrypted packets in secure wrappers

that can be transmitted over a TCP/IP connection?


Options are :

  • PAP
  • PPTP (Correct)
  • UDP
  • IPSec

Answer : PPTP

Comment / Suggestion Section
Point our Mistakes and Post Your Suggestions

Subscribe to See Videos

Subscribe to my Youtube channel for new videos : Subscribe Now