CISSP Security Engineering Certification Practical Exam Set 9

Which of the following can best be defined as a cryptanalysis technique in which the analyst tries to determine the key from knowledge of some plaintext-ciphertext pairs?


Options are :

  • A chosen-ciphertext attack
  • A chosen-plaintext attack
  • A known-algorithm attack
  • A known-plaintext attack (Correct)

Answer : A known-plaintext attack

CISSP - Security and Risk Management Pratice Questions

The most prevalent cause of computer center fires is which of the following?


Options are :

  • Electrical distribution systems (Correct)
  • Heating systems
  • AC equipment
  • Natural causes

Answer : Electrical distribution systems

Which of the following type of lock uses a numeric keypad or dial to gain entry?


Options are :

  • Cipher lock (Correct)
  • Biometric door lock
  • Electronic door lock
  • Bolting door locks

Answer : Cipher lock

Which of the following controls related to physical security is NOT an administrative control?


Options are :

  • Emergency response and procedures
  • Training (Correct)
  • Alarms
  • Personnel controls

Answer : Training

CISSP - Security Assessment and Testing Mock

Which type of fire extinguisher is MOST appropriate for a digital information processing facility?


Options are :

  • Type D
  • Type B
  • Type A
  • Type C (Correct)

Answer : Type C

A momentary high voltage is a:


Options are :

  • surge
  • blackout
  • fault
  • spike (Correct)

Answer : spike

This type of attack is generally most applicable to public-key cryptosystems, what type of attack am I?


Options are :

  • Plaintext Only Attack
  • Adaptive-Chosen-Plaintext attack
  • Ciphertext-only attack
  • Chosen-Ciphertext attack (Correct)

Answer : Chosen-Ciphertext attack

CISSP Security Engineering Certification Practice Exam Set 2

Under what conditions would the use of a Class C fire extinguisher be preferable to a Class A extinguisher?


Options are :

  • When the fire involves paper products
  • When the fire is caused by flammable products
  • When the fire is in an enclosed area
  • When the fire involves electrical equipment (Correct)

Answer : When the fire involves electrical equipment

What is NOT true about a one-way hashing function?


Options are :

  • The results of a one-way hash is a message digest
  • A hash cannot be reverse to get the message used to create the hash
  • It provides authentication of the message (Correct)
  • It provides integrity of the message

Answer : It provides authentication of the message

What is a common problem when using vibration detection devices for perimeter control?


Options are :

  • They can be defeated by electronic means
  • They must be buried below the frost line
  • Signal amplitude is affected by weather conditions
  • They are vulnerable to non-adversarial disturbances. (Correct)

Answer : They are vulnerable to non-adversarial disturbances.

CISSP Communication and Network Security Practice Exam Set 6

The computations involved in selecting keys and in enciphering data are complex, and are not practical for manual use. However, using mathematical properties of modular arithmetic and a method known as "_________________," RSA is quite feasible for computer use.


Options are :

  • `computing in Gallipoli fields
  • computing in Galois fields (Correct)
  • computing in Gladden fields
  • computing in Galbraith fields

Answer : computing in Galois fields

According to ISC2, what should be the fire rating for the internal walls of an information processing facility?


Options are :

  • All walls must have a two-hour minimum fire rating.
  • All walls must have a one-hour minimum fire rating.
  • All walls must have a two-hour minimum fire rating, except for walls to adjacent rooms where records such as paper and media are stored, which should have a three-hour minimum fire rating.
  • All internal walls must have a one-hour minimum fire rating, except for walls to adjacent rooms where records such as paper and media are stored, which should have a two-hour minimum fire rating. (Correct)

Answer : All internal walls must have a one-hour minimum fire rating, except for walls to adjacent rooms where records such as paper and media are stored, which should have a two-hour minimum fire rating.

Which of the following concerning the Rijndael block cipher algorithm is NOT true?


Options are :

  • The cipher has a variable block length and key length.
  • Both block size and key length can be extended to multiples of 64 bits. (Correct)
  • The design of Rijndael was strongly influenced by the design of the block cipher Square.
  • A total of 25 combinations of key length and block length are possible

Answer : Both block size and key length can be extended to multiples of 64 bits.

CISSP - Security Operations Mock Questions

A prolonged high voltage is a:


Options are :

  • surge (Correct)
  • blackout
  • fault
  • spike

Answer : surge

Which of the following floors would be MOST appropriate to locate information processing facilities in a 6-stories building?


Options are :

  • Sixth floor
  • Ground floor
  • Basement
  • Third floor (Correct)

Answer : Third floor

A prolonged electrical power supply that is below normal voltage is a:


Options are :

  • surge
  • brownout (Correct)
  • fault
  • blackout

Answer : brownout

CISSP-ISSEP Information Systems Security Engineering Exam Set 4

To be in compliance with the Montreal Protocol, which of the following options can be taken to refill a Halon flooding system in the event that Halon is fully discharged in the computer room?


Options are :

  • Order a Non-Hydrochlorofluorocarbon compound from the manufacturer. (Correct)
  • Order an immediate refill with Halon 1301 from the manufacturer.
  • Contact a Halon recycling bank to make arrangements for a refill.
  • Order an immediate refill with Halon 1201 from the manufacturer.

Answer : Order a Non-Hydrochlorofluorocarbon compound from the manufacturer.

QUESTION NO: 243 Which of the following is defined as an Internet, IPsec, key-establishment protocol, partly based on OAKLEY, that is intended for putting in place authenticated keying material for use with ISAKMP and for other security associations?


Options are :

  • Simple Key-management for Internet Protocols (SKIP)
  • Security Association Authentication Protocol (SAAP)
  • Internet Key exchange (IKE) (Correct)
  • Key Exchange Algorithm (KEA)

Answer : Internet Key exchange (IKE)

In a dry pipe system, there is no water standing in the pipe - it is being held back by what type of valve?


Options are :

  • Clapper valve (Correct)
  • Release valve
  • Relief valve
  • Emergency valve

Answer : Clapper valve

CISSP - Software Development Security Mock Questions

An employee ensures all cables are shielded, builds concrete walls that extend from the true floor to the true ceiling and installs a white noise generator. What attack is the employee trying to protect against?


Options are :

  • Social Engineering
  • Object reuse
  • Wiretapping
  • Emanation Attacks (Correct)

Answer : Emanation Attacks

Within Crime prevention through Environmental Design (CPTED) the concept of territoriality is BEST described as:


Options are :

  • ownership (Correct)
  • localized emissions.
  • compromise of the perimeter.
  • protecting specific areas with different measures.

Answer : ownership

Examples of types of physical access controls include all EXCEPT which of the following?


Options are :

  • locks
  • guards
  • badges
  • passwords (Correct)

Answer : passwords

CISSP - Software Development Security Mock Questions

Because ordinary cable introduces a toxic hazard in the event of fire, special cabling is required in a separate area provided for air circulation for heating, ventilation, and airconditioning (sometimes referred to as HVAC) and typically provided in the space between the structural ceiling and a drop-down ceiling. This area is referred to as the:


Options are :

  • smoke boundary area.
  • fire detection area.
  • plenum area. (Correct)
  • intergen area.

Answer : plenum area.

Which of the following statements pertaining to secure information processing facilities is NOT true?


Options are :

  • Location and type of fire suppression systems should be known.
  • Windows should be protected with bars. (Correct)
  • Doors must resist forcible entry.
  • Walls should have an acceptable fire rating.

Answer : Windows should be protected with bars.

Which of the following is NOT a property of a one-way hash function?


Options are :

  • It converts a message of a fixed length into a message digest of arbitrary length. (Correct)
  • It is computationally infeasible to construct two different messages with the same digest.
  • Given a digest value, it is computationally infeasible to find the corresponding message.
  • It converts a message of arbitrary length into a message digest of a fixed length

Answer : It converts a message of a fixed length into a message digest of arbitrary length.

CISSP Security Engineering Certification Practical Exam Set 2

Which of the following can best be defined as a key recovery technique for storing knowledge of a cryptographic key by encrypting it with another key and ensuring that only certain third parties can perform the decryption operation to retrieve the stored key?


Options are :

  • Zero-knowledge recovery
  • Key escrow
  • Fair cryptography
  • Key encapsulation (Correct)

Answer : Key encapsulation

A prolonged complete loss of electric power is a:


Options are :

  • blackout (Correct)
  • brownout
  • surge
  • fault

Answer : blackout

While referring to physical security, what does positive pressurization means?


Options are :

  • Causes the sprinkler system to go off.
  • The air goes out of a room when a door is opened and outside air does not go into the room. (Correct)
  • The pressure inside your sprinkler system is greater than zero.
  • A series of measures that increase pressure on employees in order to make them more productive.

Answer : The air goes out of a room when a door is opened and outside air does not go into the room.

CISSP Security and Risk Management Certified Practice Exam Set 3

Which of the following can best be defined as a key distribution protocol that uses hybrid encryption to convey session keys? This protocol establishes a long-term key once, and then requires no prior communication in order to establish or exchange keys on a sessionby-session basis?


Options are :

  • Simple Key-management for Internet Protocols (SKIP) (Correct)
  • Internet Security Association and Key Management Protocol (ISAKMP)
  • Diffie-Hellman Key Distribution Protocol
  • Psec Key exchange (IKE)

Answer : Simple Key-management for Internet Protocols (SKIP)

Which of the following statements pertaining to air conditioning for an information processing facility is TRUE?


Options are :

  • The AC units must keep negative pressure in the room so that smoke and other gases are forced out of the room.
  • The AC units must be controllable from outside the area.
  • The AC units must be dedicated to the information processing facility. (Correct)
  • The AC units must be on the same power source as the equipment in the room to allow for easier shutdown.

Answer : The AC units must be dedicated to the information processing facility.

Comment / Suggestion Section
Point our Mistakes and Post Your Suggestions