CISSP Security Engineering Certification Practical Exam Set 4

Which of the following was developed to address some of the weaknesses in Kerberos and uses public key cryptography for the distribution of secret keys and provides additional access control support?


Options are :

  • TACACS+
  • SESAME (Correct)
  • KryptoKnight
  • RADIUS

Answer : SESAME

CISSP - Asset Security Mock

The high availability of multiple all-inclusive, easy-to-use hacking tools that do NOT require much technical knowledge has brought a growth in the number of which type of attackers?


Options are :

  • White hats
  • Black hats
  • Script kiddies (Correct)
  • Phreakers

Answer : Script kiddies

Which of the following issues is not addressed by digital signatures?


Options are :

  • nonrepudiation
  • data integrity
  • denial-of-service (Correct)
  • authentication

Answer : denial-of-service

What is NOT true with pre shared key authentication within IKE / IPsec protocol?


Options are :

  • IKE builds upon the Oakley protocol and the ISAKMP protocol.
  • Pre shared key authentication is normally based on simple passwords
  • Needs a Public Key Infrastructure (PKI) to work (Correct)
  • IKE is used to setup Security Associations

Answer : Needs a Public Key Infrastructure (PKI) to work

CISSP Security Engineering Certification Practical Exam Set 10

In a known plaintext attack, the cryptanalyst has knowledge of which of the following?


Options are :

  • the plaintext and the algorithm
  • the ciphertext and the key
  • the plaintext and the secret key
  • both the plaintext and the associated ciphertext of several messages (Correct)

Answer : both the plaintext and the associated ciphertext of several messages

Which is the last line of defense in a physical security sense?


Options are :

  • exterior barriers
  • interior barriers
  • perimeter barriers
  • people (Correct)

Answer : people

Which of the following is NOT a system-sensing wireless proximity card?


Options are :

  • transponder
  • magnetically striped card (Correct)
  • field-powered device
  • passive device

Answer : magnetically striped card

CISSP - Mock Questions with all domains

Which of the following is a cryptographic protocol and infrastructure developed to send encrypted credit card numbers over the Internet?


Options are :

  • Secure Hypertext Transfer Protocol (S-HTTP)
  • Secure Shell (SSH-2)
  • MONDEX
  • Secure Electronic Transaction (SET) (Correct)

Answer : Secure Electronic Transaction (SET)

What algorithm was DES derived from?


Options are :

  • Lucifer. (Correct)
  • Twofish.
  • Brooks-Aldeman
  • Skipjack.

Answer : Lucifer.

What is the name of the FIRST mathematical model of a multi-level security policy used to define the concept of a secure state, the modes of access, and rules for granting access?


Options are :

  • Rivest and Shamir Model
  • Harrison-Ruzzo-Ullman Model
  • Clark and Wilson Model
  • Bell-LaPadula Model (Correct)

Answer : Bell-LaPadula Model

CISSP - Security and Risk Management Pratice Questions

The Secure Hash Algorithm (SHA-1) creates:


Options are :

  • a variable length message digest from a variable length input message.
  • a variable length message digest from a fixed length input message.
  • a fixed length message digest from a variable length input message. (Correct)
  • a fixed length message digest from a fixed length input message.

Answer : a fixed length message digest from a variable length input message.

The RSA algorithm is an example of what type of cryptography?


Options are :

  • Private Key.
  • Secret Key.
  • Symmetric Key
  • Asymmetric Key. (Correct)

Answer : Asymmetric Key.

In what type of attack does an attacker try, from several encrypted messages, to figure out the key used in the encryption process?


Options are :

  • Ciphertext-only attack (Correct)
  • Plaintext-only attack
  • Chosen-Ciphertext attack
  • Known-plaintext attack

Answer : Ciphertext-only attack

CISSP - Security Operations Mock Questions

Public Key Infrastructure (PKI) uses asymmetric key encryption between parties. The originator encrypts information using the intended recipient's "public" key in order to get confidentiality of the data being sent. The recipients use their own "private" key to decrypt the information. The "Infrastructure" of this methodology ensures that:


Options are :

  • The recipient's identity can be positively verified by the sender.
  • The sender of the message is the only other person with access to the recipient's private key
  • The channels through which the information flows are secure. (Correct)
  • The sender and recipient have reached a mutual agreement on the encryption key exchange that they will use.

Answer : The channels through which the information flows are secure.

How many bits is the effective length of the key of the Data Encryption Standard algorithm?


Options are :

  • 128
  • 64
  • 168
  • 56 (Correct)

Answer : 56

What is NOT an authentication method within IKE and IPsec?


Options are :

  • certificate based authentication
  • Pre shared key
  • Public key authentication
  • CHAP (Correct)

Answer : CHAP

CISSP Security Engineering Certification Practice Exam Set 2

Which security model uses division of operations into different parts and requires different users to perform each part?


Options are :

  • Clark-Wilson model (Correct)
  • Bell-LaPadula model
  • Non-interference model
  • Biba model

Answer : Clark-Wilson model

Kerberos depends upon what encryption method?


Options are :

  • El Gamal cryptography.
  • Blowfish cryptography
  • Public Key cryptography.
  • Secret Key cryptography. (Correct)

Answer : Secret Key cryptography.

Devices that supply power when the commercial utility power system fails are called which of the following?


Options are :

  • power conditioners
  • power filters
  • uninterruptible power supplies (Correct)
  • power dividers

Answer : uninterruptible power supplies

CISSP Security Engineering Certification Practice Exam Set 8

Access control is the collection of mechanisms that permits managers of a system to exercise a directing or restraining influence over the behavior, use, and content of a system. It does not permit management to:


Options are :

  • specify which resources they can access.
  • specify what users can do.
  • specify what operations they can perform on a system
  • specify how to restrain hackers. (Correct)

Answer : specify how to restrain hackers.

Which of the following security models introduced the idea of mutual exclusivity which generates dynamically changing permissions?


Options are :

  • Biba
  • Graham-Denning
  • Brewer & Nash (Correct)
  • Clark-Wilson

Answer : Brewer & Nash

Which of the following answers BEST describes the Bell La-Padula model of storage and access control of classified information?


Options are :

  • No read over and no write up
  • No reading from higher classification levels
  • No read up and No write down (Correct)
  • No write up, no read down

Answer : No read up and No write down

CISSP - Mock Questions with all domains

Which of the following identifies th


Options are :

  • RC6
  • Serpent
  • Twofish
  • Rijndael (Correct)

Answer : Rijndael

Compared to RSA, which of the following is true of Elliptic Curve Cryptography (ECC)?


Options are :

  • It is believed to require shorter keys for equivalent security (Correct)
  • It has been mathematically proved to be less secure.
  • It is believed to require longer key for equivalent security.
  • It has been mathematically proved to be more secure

Answer : It is believed to require shorter keys for equivalent security

The Physical Security domain focuses on three areas that are the basis to physically protecting enterprise's resources and sensitive information. Which of the following is NOT one of these areas?


Options are :

  • Threats
  • Risks (Correct)
  • Countermeasures
  • Vulnerabilities

Answer : Risks

CISSP Security Engineering Certification Practical Exam Set 6

Which one of the following is a key agreement protocol used to enable two entities to agree and generate a session key (secret key used for one session) over an insecure medium without any prior secrets or communications between the entities? The negotiated key will subsequently be used for message encryption using Symmetric Cryptography.


Options are :

  • 3DES
  • RSA
  • PKI
  • Diffie_Hellmann (Correct)

Answer : Diffie_Hellmann

Which of the following ciphers is a subset on which the Vigenere polyalphabetic cipher was based on?


Options are :

  • Enigma
  • Caesar (Correct)
  • SIGABA
  • The Jefferson disks

Answer : Caesar

The primary purpose for using one-way hashing of user passwords within a password file is which of the following?


Options are :

  • It prevents an unauthorized person from reading the password. (Correct)
  • It minimizes the amount of storage required for user passwords
  • It prevents an unauthorized person from trying multiple passwords in one logon attempt.
  • It minimizes the amount of processing time used for encrypting passwords

Answer : It prevents an unauthorized person from reading the password.

CISSP - Security Operations Mock Questions

The Clipper Chip utilizes which concept in public key cryptography?


Options are :

  • Substitution
  • An undefined algorithm
  • Key Escrow (Correct)
  • Super strong encryption

Answer : Key Escrow

Which of the following is NOT true of Secure Sockets Layer (SSL)?


Options are :

  • By convention it uses 's-http://' instead of 'http://'. (Correct)
  • It was developed by Netscape
  • It is used for transmitting private information, data, and documents over the Internet
  • Is the predecessor to the Transport Layer Security (TLS) protocol

Answer : By convention it uses 's-http://' instead of 'http://'.

Comment / Suggestion Section
Point our Mistakes and Post Your Suggestions