CISSP Security Engineering Certification Practice Exam Set 3

One-way hash provides which of the following?


Options are :

  • Availability
  • Authentication
  • confidence
  • integrity (Correct)
  • None

Answer : integrity

Which of the following protocols provides native encryption?


Options are :

  • IPSEC, SSH, SSL, TFTP
  • None
  • IPSEC, SSH, PPTP, SSL, MPLS, L2TP, and
  • IPSEC, SSH, SSL, TLS (Correct)
  • IPSEC, SSH, PPTP, SSL, MPLS, L2TP, and L2F

Answer : IPSEC, SSH, SSL, TLS

Which of the following is not a type known as a Message Authentication Code (MAC)?


Options are :

  • A keyed-hash message authentication code (HMAC)
  • Universal Hashing based Mac (UMAC)
  • None
  • DES-CBC
  • Signature-MAC (SMAC) (Correct)

Answer : Signature-MAC (SMAC)

CISSP - Security and Risk Management Pratice Questions

Which of the following is more suitable for hardware implementation?


Options are :

  • Cipher Block Chaining
  • block ciphers
  • electronic book
  • stream cipher (Correct)
  • None

Answer : stream cipher

Which of the following statements is wrong to combine encryption?


Options are :

  • The information remains encrypted trip from edge to edge. (Correct)
  • It protects against packet sniffers and eavesdroppers.
  • It encrypts all the information together in a specific communication path.
  • None
  • User information, title, trailers, addresses and routing information, which are part of the packets are encrypted.

Answer : The information remains encrypted trip from edge to edge.

What size is the MD5 Message Digest (hash)?


Options are :

  • 160 bits
  • 128 bytes
  • 256 bits
  • 128 bits (Correct)
  • None

Answer : 128 bits

Which type of attack is based on the probability of two different messages with the same hash function to produce a joint message to the summary?


Options are :

  • differential cryptanalysis
  • differential linear cryptanalysis
  • birthday attack (Correct)
  • None
  • statistical attack

Answer : birthday attack

Which of the following elements does not include Public Key Infrastructure (PKI)?


Options are :

  • closing certificate
  • None
  • repository
  • Internet Key Exchange (IKE) (Correct)
  • Timestamping

Answer : Internet Key Exchange (IKE)

Cryptography does not help:


Options are :

  • the detection of fraudulent addition.
  • the detection of fraudulent disclosure.
  • the detection of fraudulent removal. (Correct)
  • None
  • to detect fraudulent change.

Answer : the detection of fraudulent removal.

CISSP - Software Development Security Mock Questions

Which vouches for linkages between data items in a digital certificate?


Options are :

  • None
  • registration authority
  • vouching authority
  • Issuing authority
  • certificate Authority (Correct)

Answer : certificate Authority

Which of the following services does not provide a public key infrastructure (PKI)?


Options are :

  • access control
  • None
  • Reliability (Correct)
  • integrity
  • Authentication

Answer : Reliability

What is the biggest key to the whole RC5 algorithm?


Options are :

  • 1024 bits (Correct)
  • 128 bits
  • None
  • 256 bits
  • 1024 bits

Answer : 1024 bits

Which of the following statements related to the message digest is not true?


Options are :

  • None
  • The message digest is calculated using at least 128 bytes of the file. (Correct)
  • Two different types of files should not be the same message digest.
  • The original file can not create a message digest.
  • Sanoma seals are usually fixed size.

Answer : The message digest is calculated using at least 128 bytes of the file.

Which of the following would best describe the concealment of the encryption?


Options are :

  • Permutation is used, which means that the letters are encrypted.
  • None
  • Replace bits, characters, or prevent the various bits of symbols, characters, or blocks
  • Every X number of words within the text, is part of the actual message. (Correct)
  • Hidden away in the second data message so that just the existence of the data is hidden.

Answer : Every X number of words within the text, is part of the actual message.

Which of the following is NOT a disadvantage as compared to symmetric encryption asymmetric encryption?


Options are :

  • Limited offers security services
  • Speed (Correct)
  • None
  • A large number of keys required
  • There is no built in key distribution

Answer : Speed

CISSP-ISSAP Information Systems Security Architecture Exam Set 3

Which is equivalent to BEST describes the encryption processor that can be used to store encryption keys, passwords or certificates of the component are located on the motherboard in your computer?


Options are :

  • None
  • TPM - Trusted Module
  • TPM - Trusted Platform Module (Correct)
  • Smart card
  • Enigma

Answer : TPM - Trusted Platform Module

What is the difference between OCSP (Online Certificate Status Protocol) and the certificates (CRL)?


Options are :

  • OCSP (Online Certificate Status Protocol) is used only for Active Directory and certificates (CRL) used Verifiers
  • OCSP (Online Certificate Status Protocol) is a way to check the properties of a list of certificate and Certificate Revocation List (CRL) is used Verifiers.
  • None
  • OCSP (Online Certificate Status Protocol) is a private certification mechanism developed by Microsoft and the certificates (CRL) is an open standard.
  • OCSP (Online Certificate Status Protocol) provides real-time checks of the certificate and the certificates (CRL) has been delayed update. (Correct)

Answer : OCSP (Online Certificate Status Protocol) provides real-time checks of the certificate and the certificates (CRL) has been delayed update.

Which of the following best describes the function of relying on a shared secret key, which is used in conjunction with a hash algorithm to verify the integrity of the content of communications, as well as the sender?


Options are :

  • PAM - Pluggable authentication module
  • The digital signature certificate
  • None
  • Message Authentication Code - MAC (Correct)
  • NAM - a negative response message

Answer : Message Authentication Code - MAC

Every key agreement method uses an implicit signatures?


Options are :

  • None
  • ECC
  • MQV (Correct)
  • DH
  • RSA

Answer : MQV

Which of the following statements related to the stream encryption is true?


Options are :

  • None
  • The stream cipher generating circuit to produce what is called a keystream. (Correct)
  • The stream cipher generating circuit is slower than the block cipher.
  • The stream cipher generating circuit is not suitable for hardware encryption.
  • The stream cipher generating circuit is a kind of asymmetric encryption algorithm.

Answer : The stream cipher generating circuit to produce what is called a keystream.

Which of the following statements Secure (SSL) is false?


Options are :

  • None
  • SSL's primary use is to authenticate a client device to the server using public key cryptography and digital certificates. (Correct)
  • SSL was developed by Netscape to secure Internet client-server transactions
  • SSL can be used in applications, such as Telnet, FTP and email protocols.
  • Websites using SSL start with https

Answer : SSL's primary use is to authenticate a client device to the server using public key cryptography and digital certificates.

CISSP Security Engineering Certification Practice Exam Set 1

What is the name of encryption exchange, which transfers the alphabet 13 places?


Options are :

  • None
  • ROT13 encryption (Correct)
  • Caesar cipher
  • Polyalphabetic cipher
  • transposition cipher

Answer : ROT13 encryption

What is the key to the whole DES efficient?


Options are :

  • 1024 bits
  • None
  • 128 bits
  • 56 bits (Correct)
  • 64 bits

Answer : 56 bits

How many rounds of DES use?


Options are :

  • 16 (Correct)
  • 32
  • 64
  • None
  • 48

Answer : 16

Which of the following is the best by defeating frequency analysis?


Options are :

  • replacement of the cipher
  • Ceasar cipher
  • transposition cipher
  • None
  • Polyalphabetic cipher (Correct)

Answer : Polyalphabetic cipher

Which of the following statements related to key management is not true?


Options are :

  • None
  • When you are not using the full KEYSPACE, the key should be very random (Correct)
  • The keys should be supported or security recorded in case of an emergency.
  • The keys should be supported or security recorded in case of an emergency.
  • The more the key is used, the shorter its life would be.

Answer : When you are not using the full KEYSPACE, the key should be very random

What can be defined as the calculated value of a cryptographic algorithm and appended to a data object in such a way that the recipient of the data can use the signature to verify the origin and integrity of the data?


Options are :

  • hash
  • Digital signature (Correct)
  • message authentication
  • Digital envelope
  • None

Answer : Digital signature

CISSP - Software Development Security Mock Questions

What can be defined as a data structure lists the CAS digital certificates issued have been canceled but their issuer before they were due to expire?


Options are :

  • trust in the certificate list
  • Certificate revocation tree
  • None
  • The revocation list
  • authority revocation list (Correct)

Answer : authority revocation list

Which of the following standards concerning digital certificates?


Options are :

  • X.75
  • X.509 (Correct)
  • X.25
  • None
  • X.400-

Answer : X.509

Which of the following would best describe the certificate path validation?


Options are :

  • Authentication certificate revocation status in question
  • Verification of the integrity of the root certificate
  • Verification of the integrity of the private key
  • Checking the validity of all the certificates in the chain the root certificate (Correct)
  • None

Answer : Checking the validity of all the certificates in the chain the root certificate

Comment / Suggestion Section
Point our Mistakes and Post Your Suggestions