CISSP Security Engineering Certification Practical Exam Set 7

What can be defined as a digital certificate that binds a set of descriptive data items, other than a public key, either directly to a subject name or to the identifier of another certificate that is a public-key certificate?


Options are :

  • A descriptive certificate
  • An attribute certificate (Correct)
  • A public-key certificate
  • A digital certificate

Answer : An attribute certificate

CISSP - Software Development Security Mock Questions

Which key agreement scheme uses implicit signatures?


Options are :

  • RSA
  • ECC
  • DH
  • MQV (Correct)

Answer : MQV

What is the effective key size of DES?


Options are :

  • 64 bits
  • 1024 bits
  • 56 bits (Correct)
  • 128 bits

Answer : 56 bits

Which of the following BEST describes a function relying on a shared secret key that is used along with a hashing algorithm to verify the integrity of the communication content as well as the sender?


Options are :

  • Message Authentication Code - MAC (Correct)
  • NAM - Negative Acknowledgement Message
  • PAM - Pluggable Authentication Module
  • Digital Signature Certificate

Answer : Message Authentication Code - MAC

CISSP Security Engineering Certification Practice Exam Set 2

In a Public Key Infrastructure, how are public keys published?


Options are :

  • They are sent via e-mail.
  • They are not published.
  • They are sent by owners.
  • Through digital certificates. (Correct)

Answer : Through digital certificates.

Which of the following was developed in order to protect against fraud in electronic fund transfers (EFT) by ensuring the message comes from its claimed originator and that it has not been altered in transmission?


Options are :

  • Secure Hash Standard (SHS)
  • Cyclic Redundancy Check (CRC)
  • Secure Electronic Transaction (SET)
  • Message Authentication Code (MAC) (Correct)

Answer : Message Authentication Code (MAC)

Which of the following is BEST at defeating frequency analysis?


Options are :

  • Transposition cipher
  • Substitution cipher
  • Ceasar cipher
  • Polyalphabetic cipher (Correct)

Answer : Polyalphabetic cipher

CISSP - Security Operations Mock Questions

What is the name of the protocol use to set up and manage Security Associations (SA) for IP Security (IPSec)?


Options are :

  • Internet Key Exchange (IKE) (Correct)
  • Oakley
  • Internet Security Association and Key Management Protocol
  • Secure Key Exchange Mechanism

Answer : Internet Key Exchange (IKE)

Which of the following protocols offers native encryption?


Options are :

  • IPSEC, SSH, PPTP, SSL, MPLS, L2F, and L2TP
  • IPSEC, SSH, PPTP, SSL, MPLS, and L2TP
  • IPSEC, SSH, SSL, TLS (Correct)
  • IPSEC, SSH, SSL, TFTP

Answer : IPSEC, SSH, SSL, TLS

Which of the following was NOT designed to be a proprietary encryption algorithm?


Options are :

  • Skipjack
  • Blowfish (Correct)
  • RC4
  • RC2

Answer : Blowfish

CISSP - Mock Questions with all domains

Which of the following is BEST provided by symmetric cryptography?


Options are :

  • Non-repudiation
  • Availability
  • Integrity
  • Confidentiality (Correct)

Answer : Confidentiality

Which of the following service is not provided by a public key infrastructure (PKI)?


Options are :

  • Reliability (Correct)
  • Integrity
  • Authentication
  • Access control

Answer : Reliability

What is the name for a substitution cipher that shifts the alphabet by 13 places?


Options are :

  • Transposition cipher
  • ROT13 cipher (Correct)
  • Polyalphabetic cipher
  • Caesar cipher

Answer : ROT13 cipher

CISSP - Security and Risk Management Pratice Questions

Which of the following is more suitable for a hardware implementation?


Options are :

  • Cipher block chaining
  • Stream ciphers (Correct)
  • Electronic code book
  • Block ciphers

Answer : Stream ciphers

Which fire class can water be most appropriate for?


Options are :

  • Class C fires
  • Class D fires
  • Class A fires (Correct)
  • Class B fires

Answer : Class A fires

While using IPsec, the ESP and AH protocols both provide integrity services. However, when using AH, some special attention needs to be paid if one of the peers uses NAT for address translation service. Which of the items below would affects the use of AH and its Integrity Check Value (ICV) the MOST?


Options are :

  • Packet Header Source or Destination address (Correct)
  • VPN cryptographic key size
  • Cryptographic algorithm used
  • Key session exchange

Answer : Packet Header Source or Destination address

CISSP - Security and Risk Management Pratice Questions

In an SSL session between a client and a server, who is responsible for generating the master secret that will be used as a seed to generate the symmetric keys that will be used during the session?


Options are :

  • The client's browser
  • The merchant's Certificate Server
  • The web server
  • Both client and server (Correct)

Answer : Both client and server

Which of the following is the MOST secure form of triple-DES encryption?


Options are :

  • DES-EDE3 (Correct)
  • DES-EDE1
  • DES-EDE2
  • DES-EEE4

Answer : DES-EDE3

Which of the following is defined as a key establishment protocol based on the DiffieHellman algorithm proposed for IPsec but superseded by IKE?


Options are :

  • Diffie-Hellman Key Exchange Protocol
  • Internet Security Association and Key Management Protocol (ISAKMP)
  • OAKLEY (Correct)
  • Simple Key-management for Internet Protocols (SKIP)

Answer : OAKLEY

CISSP - Mock Questions with all domains

A code, as is pertains to cryptography:


Options are :

  • deals with linguistic units. (Correct)
  • is specific to substitution ciphers.
  • is specific to transposition ciphers
  • is a generic term for encryption.

Answer : deals with linguistic units.

Which of the following offers confidentiality to an e-mail message?


Options are :

  • The sender encrypting it with the receiver's private key.
  • The sender encrypting it with its public key.
  • The sender encrypting it with the receiver's public key. (Correct)
  • The sender encrypting it with its private key.

Answer : The sender encrypting it with the receiver's public key.

What is the maximum key size for the RC5 algorithm?


Options are :

  • 256 bits
  • 1024 bits (Correct)
  • 1024 bits
  • 128 bits

Answer : 1024 bits

CISSP - Software Development Security Mock Questions

A one-way hash provides which of the following?


Options are :

  • Integrity (Correct)
  • Authentication
  • Availability
  • Confidentiality

Answer : Integrity

Which of the following standards concerns digital certificates?


Options are :

  • X.509 (Correct)
  • X.400
  • X.25
  • X.75

Answer : X.509

Which of the following elements is NOT included in a Public Key Infrastructure (PKI)?


Options are :

  • Internet Key Exchange (IKE) (Correct)
  • Repository
  • Certificate revocation
  • Timestamping

Answer : Internet Key Exchange (IKE)

CISSP Security Engineering Certification Practice Exam Set 6

Which of the following is NOT a known type of Message Authentication Code (MAC)?


Options are :

  • Keyed-hash message authentication code (HMAC)
  • Universal Hashing Based MAC (UMAC)
  • Signature-based MAC (SMAC) (Correct)
  • DES-CBC

Answer : Signature-based MAC (SMAC)

What size is an MD5 message digest (hash)?


Options are :

  • 128 bits (Correct)
  • 128 bytes
  • 256 bits
  • 160 bits

Answer : 128 bits

Which of the following would BEST describe a Concealment cipher?


Options are :

  • Permutation is used, meaning that letters are scrambled.
  • Every X number of words within a text, is a part of the real message. (Correct)
  • Hiding data in another message so that the very existence of the data is concealed.
  • Replaces bits, characters, or blocks of characters with different bits, characters or blocks

Answer : Every X number of words within a text, is a part of the real message.

CISSP - Security Assessment and Testing Mock

Which of the following statements pertaining to Secure Sockets Layer (SSL) is FALSE?


Options are :

  • SSL can be used with applications such as Telnet, FTP and email protocols.
  • Web pages using the SSL protocol start with HTTPS
  • The SSL protocol's primary use is to authenticate the client to the server using public key cryptography and digital certificates. (Correct)
  • The SSL protocol was developed by Netscape to secure Internet client-server transactions

Answer : The SSL protocol's primary use is to authenticate the client to the server using public key cryptography and digital certificates.

The Diffie-Hellman algorithm is used for:


Options are :

  • Key agreement (Correct)
  • Digital signature
  • Encryption
  • Non-repudiation

Answer : Key agreement

Comment / Suggestion Section
Point our Mistakes and Post Your Suggestions