CISSP Security Engineering Certification Practical Exam Set 6

What would you call a microchip installed on the motherboard of modern computers and is dedicated to carrying out security functions that involve the storage and processing of symmetric and asymmetric keys, hashes, and digital certificates.


Options are :

  • Arithmetic Logical Unit (ALU)
  • Trusted BIOS Module (TBM)
  • Trusted Platform Module (TPM) (Correct)
  • Central Processing Unit (CPU)

Answer : Trusted Platform Module (TPM)

CISSP - Security and Risk Management Pratice Questions

You are an information systems security officer at a mid-sized business and are called upon to investigate a threat conveyed in an email from one employee to another. You gather the evidence from both the email server transaction logs and from the computers of the two individuals involved in the incident and prepare an executive summary.You find that a threat was sent from one user to the other in a digitally signed email. The sender of the threat says he didn't send the email in question. What concept of PKI - Public Key Infrastructure will implicate the sender?


Options are :

  • Authentication
  • Integrity
  • The digital signature of the recipient
  • Non-repudiation (Correct)

Answer : Non-repudiation

In which mode of DES, will a block of plaintext and a key always give the same ciphertext?


Options are :

  • Output Feedback (OFB)
  • Cipher Feedback (CFB)
  • Electronic Code Book (ECB) (Correct)
  • Counter Mode (CTR)

Answer : Electronic Code Book (ECB)

What can be defined as an instance of two different keys generating the same ciphertext from the same plaintext?


Options are :

  • Hashing
  • Ciphertext collision
  • Key collision
  • Key clustering (Correct)

Answer : Key clustering

CISSP - Security and Risk Management Pratice Questions

Which of the following can best define the "revocation request grace period"?


Options are :

  • The period of time allotted within which the user must make a revocation request upon a revocation reason
  • Time period between the arrival of a revocation request and the publication of the revocation information
  • Maximum response time for performing a revocation by the CA (Correct)
  • Minimum response time for performing a revocation by the CA

Answer : Maximum response time for performing a revocation by the CA

There are parallels between the trust models in Kerberos and Public Key Infrastructure (PKI). When we compare them side by side, Kerberos tickets correspond most closely to which of the following?


Options are :

  • private-key certificates
  • private keys
  • public-key certificates (Correct)
  • public keys

Answer : public-key certificates

Public key infrastructure (PKI) consists of programs, data formats, procedures, communication protocols, security policies, and public key cryptographic mechanisms working in a comprehensive manner to enable a wide range of dispersed people to communicate in a secure and predictable fashion.This infrastructure is based upon which of the following Standard?


Options are :

  • X.500
  • X.400
  • X.25
  • X.509 (Correct)

Answer : X.509

CISSP - Security Operations Mock Questions

The Diffie-Hellman algorithm is primarily used to provide which of the following?


Options are :

  • Confidentiality
  • Integrity
  • Key Agreement (Correct)
  • Non-repudiation

Answer : Key Agreement

What uses a key of the same length as the message where each bit or character from the plaintext is encrypted by a modular addition?


Options are :

  • One-time pad (Correct)
  • Cipher block chaining
  • Steganography
  • Running key cipher

Answer : One-time pad

Which of the following is not a property of the Rijndael block cipher algorithm?


Options are :

  • It operates on 64-bit plaintext blocks and uses a 128 bit key. (Correct)
  • It could be used on a smart card.
  • It is suited for high speed chips with no area restrictions.
  • It employs a round transformation that is comprised of three layers of distinct and invertible transformations.

Answer : It operates on 64-bit plaintext blocks and uses a 128 bit key.

CISSP - Software Development Security Mock Questions

Complete the following sentence. A message can be encrypted, which provides:


Options are :

  • integrity. (Correct)
  • confidentiality.
  • confidentiality.
  • authentication.

Answer : integrity.

Where in a PKI infrastructure is a list of revoked certificates stored?


Options are :

  • Registration Authority
  • CRL (Correct)
  • Recovery Agent
  • Key escrow

Answer : CRL

Which of the following is NOT a property of the Rijndael block cipher algorithm?


Options are :

  • Maximum key size is 512 bits (Correct)
  • Maximum block size is 256 bits
  • The key size does not have to match the block size
  • The key sizes must be a multiple of 32 bits

Answer : Maximum key size is 512 bits

CISSP - Security Engineering Mock Questions

What type of key would you find within a browser's list of trusted root CAs?


Options are :

  • Recovery key
  • Private key
  • Symmetric key
  • Public key (Correct)

Answer : Public key

When we encrypt or decrypt data there is a basic operation involving ones and zeros where they are compared in a process that looks something like this: 0101 0001 Plain text 0111 0011 Key stream 0010 0010 Output What is this cryptographic operation called?


Options are :

  • Exclusive-OR (Correct)
  • Logical-NOR
  • Bit Swapping
  • Decryption

Answer : Exclusive-OR

Which of the following encryption methods is known to be unbreakable?


Options are :

  • Symmetric ciphers.
  • DES codebooks
  • Elliptic Curve Cryptography.
  • One-time pads. (Correct)

Answer : One-time pads.

CISSP Security Engineering Certification Practice Exam Set 8

What kind of encryption is realized in the S/MIME-standard?


Options are :

  • Public key based, hybrid encryption scheme (Correct)
  • Elliptic curve based encryption
  • Password based encryption scheme
  • Asymmetric encryption scheme

Answer : Public key based, hybrid encryption scheme

What is the name of a one way transformation of a string of characters into a usually shorter fixed-length value or key that represents the original string? Such a transformation cannot be reversed.


Options are :

  • Substitution
  • One-way hash (Correct)
  • DES
  • Transposition

Answer : One-way hash

Which of the following keys has the SHORTEST lifespan?


Options are :

  • Private key
  • Secret key
  • Session key (Correct)
  • Public key

Answer : Session key

CISSP - Security Operations Mock Questions

Which of the following is NOT an asymmetric key algorithm?


Options are :

  • Data Encryption Standard (DES) (Correct)
  • RSA
  • El Gamal
  • Elliptic Curve Cryptosystem (ECC)

Answer : Data Encryption Standard (DES)

What is the maximum allowable key size of the Rijndael encryption algorithm?


Options are :

  • 192 bits
  • 128 bits
  • 512 bits
  • 256 bits (Correct)

Answer : 256 bits

What is the RESULT of a hash algorithm being applied to a message?


Options are :

  • A plaintext
  • A digital signature
  • A message digest (Correct)
  • A ciphertext

Answer : A message digest

CISSP Security Engineering Certification Practical Exam Set 4

Which of the following is NOT a symmetric key algorithm?


Options are :

  • Triple DES (3DES)
  • Digital Signature Standard (DSS)
  • Blowfish (Correct)
  • RC5

Answer : Blowfish

What algorithm has been selected as the AES algorithm, replacing the DES algorithm?


Options are :

  • Twofish
  • RC6
  • Blowfish
  • Rijndael (Correct)

Answer : Rijndael

The equation used to calculate the total number of symmetric keys (K) needed for a group of users (N) to communicate securely with each other is given by which of the following?


Options are :

  • N(K – 1)/ 2
  • K(N – 1)/ 2
  • K(N + 1)/ 2
  • N(N – 1)/ 2 (Correct)

Answer : N(N – 1)/ 2

CISSP - Security Operations Mock Questions

Guards are appropriate whenever the function required by the security program involves which of the following?


Options are :

  • The operation of access control devices
  • The use of physical force
  • The need to detect unauthorized access (Correct)
  • The use of discriminating judgment

Answer : The need to detect unauthorized access

FIPS-140 is a standard for the security of which of the following?


Options are :

  • Cryptographic service providers
  • Hardware and software cryptographic modules (Correct)
  • Smartcards
  • Hardware security modules

Answer : Hardware and software cryptographic modules

Which of the following protection devices is used for spot protection within a few inches of the object, rather than for overall room security monitoring?


Options are :

  • Field-powered devices
  • Audio detectors
  • Capacitance detectors (Correct)
  • Wave pattern motion detectors

Answer : Capacitance detectors

CISSP Security Engineering Certification Practice Exam Set 8

An X.509 public key certificate with the key usage attribute "non-repudiation" can be used for which of the following?


Options are :

  • verifying signed messages (Correct)
  • signing messages
  • decrypting encrypted messages
  • encrypting messages

Answer : verifying signed messages

Complete the following sentence. A digital signature is a:


Options are :

  • hash value that has been encrypted with the sender’s private key (Correct)
  • hash value that has been encrypted with the sender’s public key
  • senders signature signed and scanned in a digital format
  • hash value that has been encrypted with the senders Session key

Answer : hash value that has been encrypted with the sender’s private key

Comment / Suggestion Section
Point our Mistakes and Post Your Suggestions