CISSP-ISSAP Information Systems Security Architecture Exam Set 8

Which of the following methods will allow data to be sent on the Internet in a secure format?

A. Serial Line Interface Protocol

B. Point-to-Point Protocol

C. Browsing

D. Virtual Private Networks

Options are :

  • Serial Line Interface Protocol
  • Point-to-Point Protocol
  • Virtual Private Networks (Correct)
  • Browsing

Answer : Virtual Private Networks

Which of the following components come under the network layer of the OSI model? Each correct

answer represents a complete solution. Choose two.

A. Routers

B. MAC addresses

C. Firewalls

D. Hub

Options are :

  • B,C
  • C,D
  • A,C (Correct)
  • A,B

Answer : A,C

You work as a Chief Security Officer for Tech Perfect Inc. The company has a TCP/IP based

network. You want to use a firewall that can track the state of active connections of the network

and then determine which network packets are allowed to enter through the firewall. Which of the

following firewalls has this feature?

Options are :

  • Application gateway firewall
  • Stateful packet inspection firewall
  • Proxy-based firewall
  • Dynamic packet-filtering firewall (Correct)

Answer : Dynamic packet-filtering firewall

CISSP - Security Operations Mock Questions

Which of the following uses a Key Distribution Center (KDC) to authenticate a principle?

Options are :

  • PAP
  • Kerberos (Correct)
  • CHAP

Answer : Kerberos

Which of the following are examples of physical controls used to prevent unauthorized access to

sensitive materials?

A. Thermal alarm systems

B. Security Guards

C. Closed circuit cameras

D. Encryption

Options are :

  • B,C,A
  • A,B,C (Correct)
  • A,D,C
  • B,C,D

Answer : A,B,C

You are the administrator for You want to increase and enhance the security of your

computers and simplify deployment. You are especially concerned with any portable computers

that are used by remote employees. What can you use to increase security, while still allowing

your users to perform critical tasks?

Options are :

  • AppLocker
  • BitLocker
  • Service Accounts
  • Smart Cards (Correct)

Answer : Smart Cards

CISSP - Security Operations Mock Questions

You work as a Network Administrator for Net Perfect Inc. The company has a Linux-basednetwork. You need to configure a firewall for the company. The firewall should be able to keep

track of the state of network connections traveling across the network. Which of the following types

of firewalls will you configure to accomplish the task?

Options are :

  • Stateful firewall (Correct)
  • Host-based application firewall
  • An application firewall
  • A network-based application layer firewall

Answer : Stateful firewall

Which of the following are the goals of a public key infrastructure (PKI)? Each correct answer

represents a part of the solution. Choose all that apply.

A. Authenticity

B. Globalization

C. Mobility

D. Integrity

E. Confidentiality

F. Nonrepudiation

Options are :

  • C,D,B,A
  • A,B,C,D
  • F,E,D,A
  • A,D,E,F (Correct)

Answer : A,D,E,F

Which of the following protects against unauthorized access to confidential information via

encryption and works at the network layer?

Options are :

  • NAT
  • Firewall
  • MAC address
  • IPSec (Correct)

Answer : IPSec

CISSP Security Assessment Testing Security Operations Exam Set 6

Which of the following SDLC phases consists of the given security controls: Misuse Case

Modeling Security Design and Architecture Review Threat and Risk Modeling Security

Requirements and Test Cases Generation

Options are :

  • Deployment
  • Design (Correct)
  • Maintenance
  • Requirements Gathering

Answer : Design

Which of the following terms related to risk management represents the estimated frequency at

which a threat is expected to occur?

Options are :

  • Single Loss Expectancy (SLE)
  • Exposure Factor (EF)
  • Safeguard
  • Annualized Rate of Occurrence (ARO (Correct)

Answer : Annualized Rate of Occurrence (ARO

You are the Network Administrator at a large company. Your company has a lot of contractors and

other outside parties that come in and out of the building. For this reason you are concerned that

simply having usernames and passwords is not enough and want to have employees use tokens

for authentication. Which of the following is not an example of tokens?

Options are :

  • Smart card
  • CHAP (Correct)
  • Key fob
  • USB device with cryptographic data

Answer : CHAP

CISSP Security Engineering Certification Practice Exam Set 10

Which of the following statements are true about Public-key cryptography? Each correct answer

represents a complete solution. Choose two.

A. Data encrypted with the secret key can only be decrypted by another secret key.

B. The secret key can encrypt a message, and anyone with the public key can decrypt it.

C. The distinguishing technique used in public key-private key cryptography is the use of

symmetric key algorithms.

D. Data encrypted by the public key can only be decrypted by the secret key.

Options are :

  • C,D
  • B,D (Correct)
  • A,B
  • B,C

Answer : B,D

In which of the following phases of the SDLC does the software and other components of the

system faithfully incorporate the design specifications and provide proper documentation and


Options are :

  • Evaluation and acceptance
  • Initiation
  • Design
  • Programming and training (Correct)

Answer : Programming and training

Which of the following attacks allows the bypassing of access control lists on servers or routers,

and helps an attacker to hide? Each correct answer represents a complete solution. Choose two.

A. DNS cache poisoning

B. MAC spoofing

C. IP spoofing attack

D. DDoS attack

Options are :

  • D,A
  • A,B
  • B,C (Correct)
  • B,D

Answer : B,C

CISSP - Security Operations Mock Questions

Fill in the blank with the appropriate security device. ___________ is a device that contains a

physical mechanism or electronic sensor that quantifies motion that can be either integrated with

or connected to other devices that alert the user of the presence of a moving object within the field

of view.

Options are :

  • Motion detector (Correct)

Answer : Motion detector

You are the Security Consultant and have been contacted by a client regarding their encryption

and hashing algorithms. Their in-house network administrator tells you that their current hashing

algorithm is an older one with known weaknesses and is not collision resistant.Which algorithm

are they most likely using for hashing?

Options are :

  • SHA
  • Kerberos
  • MD5 (Correct)
  • PKI

Answer : MD5

Which of the following are used to suppress electrical and computer fires? Each correct answer

represents a complete solution. Choose two.

A. Halon

B. Water

C. CO2

D. Soda acid

Options are :

  • A,C (Correct)
  • B,C
  • A,B
  • C,D

Answer : A,C

CISSP Security Engineering Certification Practice Exam Set 7

Which of the following statements about Discretionary Access Control List (DACL) is true?

Options are :

  • It is a rule list containing access control entries.
  • It specifies whether an audit activity should be performed when an object attempts to access a resource.
  • It is a unique number that identifies a user, group, and computer account.
  • It is a list containing user accounts, groups, and computers that are allowed (or denied) access to the object. (Correct)

Answer : It is a list containing user accounts, groups, and computers that are allowed (or denied) access to the object.

Shoulder surfing is a type of in-person attack in which the attacker gathers information about the

premises of an organization. This attack is often performed by looking surreptitiously at the

keyboard of an employee's computer while he is typing in his password at any access point such

as a terminal/Web site. Which of the following is violated in a shoulder surfing attack?

Options are :

  • Integrity
  • Authenticity
  • Availability
  • Confidentiality (Correct)

Answer : Confidentiality

Which of the following backup types backs up files that have been added and all data that have

been modified since the most recent backup was performed?

Options are :

  • Full backup
  • Differential backup
  • Daily backup
  • Incremental backup (Correct)

Answer : Incremental backup

CISSP - Identity and Access Management (IAM)

Which of the following are types of asymmetric encryption algorithms? Each correct answer

represents a complete solution. Choose two.





Options are :

  • A,B
  • D,C
  • A,C (Correct)
  • B,D

Answer : A,C

You work as a Security Manager for Tech Perfect Inc. A number of people are involved with you in

the DRP efforts. You have maintained several different types of plan documents, intended for

different audiences. Which of the following documents will be useful for you as well as public

relations personnel who require a non-technical perspective on the entire organization's disaster

recovery efforts?

Options are :

  • Executive summary (Correct)
  • Department-specific plan
  • Checklist
  • A. Technical guide

Answer : Executive summary

At which of the following layers of the Open System Interconnection (OSI) model the Internet

Control Message Protocol (ICMP) and the Internet Group Management Protocol (IGMP) work?

Options are :

  • The Physical layer
  • The Data-Link layer
  • The Presentation layer
  • The Network layer (Correct)

Answer : The Network layer

CISSP-ISSEP Information Systems Security Engineering Exam Set 6

Which of the following heights of fence deters only casual trespassers?

Options are :

  • 6 to 7 feet
  • 8 feet
  • 2 to 2.5 feet
  • 3 to 4 feet (Correct)

Answer : 3 to 4 feet

Which of the following processes is used by remote users to make a secure connection to internal

resources after establishing an Internet connection?

Options are :

  • Tunneling (Correct)
  • Spoofing
  • Packet sniffing
  • Packet filtering

Answer : Tunneling

Which of the following plans is designed to protect critical business processes from natural or

man-made failures or disasters and the resultant loss of capital due to the unavailability of normal

business processes?

Options are :

  • Business continuity plan (Correct)
  • Contingency plan
  • Crisis communication plan
  • Disaster recovery plan

Answer : Business continuity plan

CISSP - Mock Questions with all domains

Which of the following is a network service that stores and organizes information about a network

users and network resources and that allows administrators to manage users' access to the


Options are :

  • SMTP service
  • Directory service (Correct)
  • Terminal service
  • DFS service

Answer : Directory service

Which of the following two cryptography methods are used by NTFS Encrypting File System (EFS)

to encrypt the data stored on a disk on a file-by-file basis?

A. Twofish

B. Digital certificates

C. Public key


Options are :

  • C,A
  • B,C (Correct)
  • B,C
  • A,B

Answer : B,C

You have just set up a wireless network for customers at a coffee shop. Which of the following are

good security measures to implement? Each correct answer represents a complete solution.

Choose two.

A. MAC filtering the router

B. Not broadcasting SSID

C. Using WEP encryption

D. Using WPA encryption

Options are :

  • C,D (Correct)
  • B,C
  • A,B
  • C,A

Answer : C,D

CISSP Security Engineering Certification Practice Exam Set 4

Comment / Suggestion Section
Point our Mistakes and Post Your Suggestions

Subscribe to See Videos

Subscribe to my Youtube channel for new videos : Subscribe Now