CISSP Security Engineering Certification Practical Exam Set 5

What is the main problem of the renewal of a root CA certificate?


Options are :

  • It requires the collection of the old root CA certificates from all the users
  • It requires the authentic distribution of the new root CA certificate to all PKI participants (Correct)
  • It requires issuance of the new root CA certificate
  • It requires key recovery of all end user keys

Answer : It requires the authentic distribution of the new root CA certificate to all PKI participants

CISSP - Security and Risk Management Pratice Questions

Which of the following is NOT an example of an asymmetric key algorithm?


Options are :

  • Diffie-Hellman
  • Advanced Encryption Standard (AES) (Correct)
  • Merkle-Hellman Knapsack
  • Elliptic curve cryptosystem (ECC)

Answer : Advanced Encryption Standard (AES)

Which of the following is TRUE about link encryption?


Options are :

  • This mode does not provide protection if anyone of the nodes along the transmission path is compromised. (Correct)
  • Encrypted messages are only decrypted by the final node.
  • Only secure nodes are used in this type of transmission
  • Each entity has a common key with the destination node

Answer : This mode does not provide protection if anyone of the nodes along the transmission path is compromised.

Which of the following asymmetric encryption algorithms is based on the difficulty of factoring LARGE numbers?


Options are :

  • International Data Encryption Algorithm (IDEA)
  • El Gamal
  • Elliptic Curve Cryptosystems (ECCs)
  • RSA (Correct)

Answer : RSA

CISSP Security and Risk Management Certified Practice Exam Set 1

Which of the following questions is LESS likely to help in assessing physical access controls?


Options are :

  • Are visitors to sensitive areas signed in and escorted?
  • Is the operating system configured to prevent circumvention of the security software and application controls? (Correct)
  • Are keys or other access devices needed to enter the computer room and media library?
  • Does management regularly review the list of persons with physical access to sensitive facilities?

Answer : Is the operating system configured to prevent circumvention of the security software and application controls?

Which of the following modes of DES is MOST likely used for Database Encryption?


Options are :

  • Output Feedback (OFB)
  • Electronic Code Book (ECB) (Correct)
  • Cipher Block Chaining (CBC)
  • Cipher Feedback (CFB)

Answer : Electronic Code Book (ECB)

Critical areas should be lighted:


Options are :

  • Eight feet high and two feet out. (Correct)
  • Ten feet high and four feet out.
  • Ten feet high and six feet out.
  • Eight feet high and four feet out.

Answer : Eight feet high and two feet out.

CISSP Communication and Network Security Practice Exam Set 1

Complete the blanks. When using PKI, I digitally sign a message using my ______ key. The recipient verifies my signature using my ______ key.


Options are :

  • Symmetric / Asymmetric
  • Private / Public (Correct)
  • Public / Private
  • Private / Symmetric

Answer : Private / Public

What is the primary role of cross certification?


Options are :

  • Creating trust between different PKIs (Correct)
  • set up direct trust to a second root CA
  • Build an overall PKI hierarchy
  • Prevent the nullification of user certificates by CA certificate revocation

Answer : Creating trust between different PKIs

Physical security is accomplished through proper facility construction, fire and water protection, anti-theft mechanisms, intrusion detection systems, and security procedures that are adhered to and enforced. Which of the following is NOT a component that achieves this type of security?


Options are :

  • Technical control mechanisms
  • Integrity control mechanisms (Correct)
  • Physical control mechanisms
  • Administrative control mechanisms

Answer : Integrity control mechanisms

CISSP Security Engineering Certification Practice Exam Set 5

Which type of encryption is considered to be unbreakable if the stream is truly random and is as large as the plaintext and never reused in whole or part?


Options are :

  • One Time Pad (OTP) (Correct)
  • Cryptanalysis
  • Pretty Good Privacy (PGP)
  • One time Cryptopad (OTC)

Answer : One Time Pad (OTP)

Which of the following is a Hashing Algorithm?


Options are :

  • SHA (Correct)
  • RSA
  • Diffie Hellman (DH)
  • Elliptic Curve Cryptography (ECC)

Answer : SHA

What attribute is included in a X.509-certificate?


Options are :

  • secret key of the issuing CA
  • Distinguished name of the subject (Correct)
  • the key pair of the certificate holder
  • Telephone number of the department

Answer : Distinguished name of the subject

CISSP Security Engineering Certification Practice Exam Set 9

Which of the following is TRUE about digital certificate?


Options are :

  • Can't contain geography data such as country for example.
  • It is the same as digital signature proving Integrity and Authenticity of the data
  • You can only get digital certificate from Verisign, RSA if you wish to prove the key belong to a specific user.
  • Electronic credential proving that the person the certificate was issued to is who they claim to be. (Correct)

Answer : Electronic credential proving that the person the certificate was issued to is who they claim to be.

What kind of encryption technology does SSL utilize?


Options are :

  • Private Key
  • Secret or Symmetric key
  • Hybrid (both Symmetric and Asymmetric) (Correct)
  • Public Key

Answer : Hybrid (both Symmetric and Asymmetric)

The DES algorithm is an example of what type of cryptography?


Options are :

  • Public Key
  • Secret Key (Correct)
  • Two-key
  • Asymmetric Key

Answer : Secret Key

CISSP - Security Operations Mock Questions

Suppose that you are the COMSEC - Communications Security custodian for a large, multinational corporation. Susie, from Finance approaches you in the break room saying that she lost her smart ID card that she uses to digitally sign and encrypt emails in the PKI.What happens to the certificates contained on the smart card after the security officer takes appropriate action?


Options are :

  • They are reissued to the user
  • They are added to the CRL (Correct)
  • The user may no longer have certificates
  • New certificates are issued to the user

Answer : They are added to the CRL

Which of the following services is NOT provided by the digital signature standard (DSS)?


Options are :

  • Integrity
  • Authentication
  • Encryption (Correct)
  • Digital signature

Answer : Encryption

Readable is to unreadable just as plain text is to:


Options are :

  • Digitally Signed
  • Unplain Text
  • Encryption
  • Cipher Text (Correct)

Answer : Cipher Text

CISSP Security and Risk Management Certified Practice Exam Set 2

Which is NOT a suitable method for distributing certificate revocation information?


Options are :

  • Distribution point CRL
  • CA revocation mailing list (Correct)
  • Delta CRL
  • OCSP (online certificate status protocol)

Answer : CA revocation mailing list

Which of the following choices is a valid Public Key Cryptography Standard (PKCS) addressing RSA?


Options are :

  • PKCS-RSA
  • PKCS #17799
  • PKCS#1 (Correct)
  • PKCS#11

Answer : PKCS#1

Which of the following protocols would BEST mitigate threats of sniffing attacks on web application traffic?


Options are :

  • SSH - Secure Shell
  • SSL or TLS (Correct)
  • ARP Cache Security
  • 802.1X

Answer : SSL or TLS

CISSP Security Engineering Certification Practice Exam Set 1

Secure Sockets Layer (SSL) uses a Message Authentication Code (MAC) for what purpose?


Options are :

  • Message interleave checking.
  • Message non-repudiation.
  • Message confidentiality
  • Message integrity (Correct)

Answer : Message integrity

The ideal operating humidity range is defined as 40 percent to 60 percent. Low humidity (less than 40 percent) can produce what type of problem on computer parts?


Options are :

  • Element-plating
  • Static electricity (Correct)
  • Electro-plating
  • Energy-plating

Answer : Static electricity

Which of the following type of cryptography is used when both parties use the same key to communicate securely with each other?


Options are :

  • Diffie-Hellman
  • Symmetric Key Cryptography (Correct)
  • DSS - Digital Signature Standard
  • PKI - Public Key Infrastructure

Answer : Symmetric Key Cryptography

CISSP - Mock Questions with all domains

What is the maximum number of different keys that can be used when encrypting with Triple DES?


Options are :

  • 4
  • 2
  • 3 (Correct)
  • 1

Answer : 3

The environment that must be protected includes all personnel, equipment, data, communication devices, power supply and wiring. The necessary level of protection depends on the value of the data, the computer systems, and the company assets within the facility. The value of these items can be determined by what type of analysis?


Options are :

  • Critical-path analysis (Correct)
  • Critical-channel analysis
  • Covert channel analysis
  • Critical-conduit analysis

Answer : Critical-path analysis

Which of the following is a symmetric encryption algorithm?


Options are :

  • RSA
  • RC5 (Correct)
  • Elliptic Curve
  • El Gamal

Answer : RC5

CISSP Security Engineering Certification Practice Exam Set 1

Which of the following Kerberos components holds all users' and services' cryptographic keys?


Options are :

  • The Authentication Service
  • The Key Distribution Service
  • The Key Distribution Center (Correct)
  • The Key Granting Service

Answer : The Key Distribution Center

Which encryption algorithm is BEST suited for communication with handheld wireless devices?


Options are :

  • RSA
  • ECC (Elliptic Curve Cryptosystem) (Correct)
  • SHA
  • RC4

Answer : ECC (Elliptic Curve Cryptosystem)

Comment / Suggestion Section
Point our Mistakes and Post Your Suggestions