CISSP Security Engineering Certification Practice Exam Set 4

Which of the following does not apply to the key management personnel themselves?


Options are :

  • None
  • Cryptology (CRYPTO) (Correct)
  • Internet Security Association Key Management Protocol (ISAKMP)
  • Diffie-Hellman (DH)
  • Key Exchange Algorithm (KEA)

Answer : Cryptology (CRYPTO)

In the Public Key Infrastructure, how public keys are published?


Options are :

  • They are sent by e-mail.
  • They will not be published.
  • Through digital certificates. (Correct)
  • None
  • They are sent to the owners.

Answer : Through digital certificates.

Which of the following is the most secure form of triple-DES?


Options are :

  • DES EEE4
  • DES EDE1
  • DES EDE3 (Correct)
  • None
  • DES EDE2

Answer : DES EDE3

CISSP Security Engineering Certification Practical Exam Set 9

When you use IPSec, ESP and AH protocols both offer honesty. However, when using AH, special attention must be paid if one of the peers use the NAT Address Translation service. Which of the below would affect the use and AH ita integrity check value (ICV) the most?


Options are :

  • Header of the packet source or destination address (Correct)
  • VPN encryption key size
  • encryption algorithm is used
  • None
  • Session Key Exchange

Answer : Header of the packet source or destination address

Which of the following best provided by symmetric cryptography?


Options are :

  • Non-repudiation
  • None
  • confidence (Correct)
  • integrity
  • Availability

Answer : confidence

Diffie-Hellman algorithm is used:


Options are :

  • encryption
  • Digital signature
  • None
  • key agreement protocols (Correct)
  • Non-repudiation

Answer : key agreement protocols

Which of the following is not a DES mode of operation?


Options are :

  • Input feedback (Correct)
  • cipher feedback
  • Cipher Block Chaining
  • electronic book
  • None

Answer : Input feedback

A code, such as the cryptography:


Options are :

  • is specific substitution cipher.
  • None
  • is a generic term for encryption.
  • is a special implementation of ciphers
  • deals with linguistic units. (Correct)

Answer : deals with linguistic units.

What is the name of the protocol to set up and manage security associations (SA) and IP Security (IPSec)?


Options are :

  • Oakley
  • Secure Key Exchange Mechanism
  • Internet Key Exchange (IKE) (Correct)
  • None
  • Internet Security Association and Key Management Protocol

Answer : Internet Key Exchange (IKE)

CISSP - Security Engineering Mock Questions

Which of the following would be the best to define a digital envelope?


Options are :

  • A message that is signed with a secret key and encrypted with the sender's private key.
  • A message that is encrypted and signed with a digital certificate.
  • None
  • The message is encrypted with a secret key attached to the message. The secret key is encrypted with the public key of the receiver. (Correct)
  • A message that is encrypted with the recipient's public key and signed with the private key of the sender.

Answer : The message is encrypted with a secret key attached to the message. The secret key is encrypted with the public key of the receiver.

What is the key to the whole use the Clipper Chip?


Options are :

  • 56 bits
  • 64 bits
  • 80 bits (Correct)
  • None
  • 40 bits

Answer : 80 bits

Which of the following is a stream cipher algorithms?


Options are :

  • None
  • RC5
  • RC2
  • RC6
  • RC4 (Correct)

Answer : RC4

Cryptography does not apply to itself which of the following choices?


Options are :

  • Validation
  • None
  • integrity
  • Availability (Correct)
  • confidence

Answer : Availability

Which of the following is NOT an example of block cipher?


Options are :

  • None
  • blowfish
  • RC4 (Correct)
  • skipjack
  • IDEA

Answer : RC4

Which of the following is NOT an encryption algorithm?


Options are :

  • SHA-1 (Correct)
  • twofish
  • skipjack
  • None
  • DEA

Answer : SHA-1

CISSP Security Engineering Certification Practical Exam Set 4

What is the key to the whole International Data Encryption Algorithm (IDEA)?


Options are :

  • 192 bits
  • None
  • 128 bits (Correct)
  • 160 bits
  • 64 bits

Answer : 128 bits

Which of the following statements is not true block ciphers?


Options are :

  • It is more suitable for software than hardware implementations.
  • Plain text is encrypted with the public key and decrypted with the private key (Correct)
  • None
  • It operates a fixed size blocks of plaintext.
  • In some block ciphers can operate internally stream.

Answer : Plain text is encrypted with the public key and decrypted with the private key

Clipper Chip to take advantage of this includes public key cryptography?


Options are :

  • key escrow (Correct)
  • replacement
  • Very strong encryption
  • None
  • undefined algorithm

Answer : key escrow

Which of the following statements is TRUE about the encryption method for data protection?


Options are :

  • None
  • It makes few demands on system resources
  • It is usually easy to administer
  • It requires careful key management (Correct)
  • It would sometimes be used for password files

Answer : It requires careful key management

power devices that support the commercial AC power failure is called which of the following?


Options are :

  • Power Conditioners
  • None
  • UPS accessories (Correct)
  • power dividers
  • power filters

Answer : UPS accessories

Which of the following was developed to address some of the weaknesses of Kerberos and uses public key encryption to distribute secret keys and provides additional support for access control?


Options are :

  • None
  • SESAME (Correct)
  • RAIN
  • KryptoKnight
  • TACACS +

Answer : SESAME

CISSP Security Engineering Certification Practical Exam Set 7

At which point the Internet Key Exchange (IKE) protocol is a peer authentication is performed?


Options are :

  • step 2
  • None
  • pre initialization phase
  • No peer authentication is performed
  • Phase 1 (Correct)

Answer : Phase 1

What is not within the IKE and IPsec authentication method?


Options are :

  • None
  • The public key
  • certificate authentication
  • CHAP (Correct)
  • Pre-shared key

Answer : CHAP

What is an error called that causes a system is vulnerable because of the environment in which it is installed?


Options are :

  • Access validation error
  • None
  • In excellent condition handling error
  • Environmental error (Correct)
  • a configuration error

Answer : Environmental error

What is the length of the MD5 message digest?


Options are :

  • None
  • 160 bits
  • will vary depending on the size of the message
  • 128 bits (Correct)
  • 256 bits

Answer : 128 bits

In a hierarchical PKI CA Supreme regularly referred to as the Root CA, it is also referred to one of the following term?


Options are :

  • Subordinate CA
  • Big CA
  • None
  • Master CA
  • Top-level CA (Correct)

Answer : Top-level CA

Which of the following components are considered as part of the Trusted Computing Base?


Options are :

  • Trusted hardware and software.
  • Trusted IT personnel and system administrators (Correct)
  • Trusted hardware, software and firmware.
  • A trusted and software.
  • None

Answer : Trusted IT personnel and system administrators

CISSP - Security Operations Mock Questions

In a known plaintext attack, the cryptanalyst has information, which of the following?


Options are :

  • as well as the plaintext and the associated ciphertext several messages (Correct)
  • plaintext and algorithm
  • The ciphertext, and the key
  • None
  • clear text and the secret key

Answer : as well as the plaintext and the associated ciphertext several messages

Which of the following is not a true statement in the implementation of 3DES spaces?


Options are :

  • DES uses a key EEE1 (Correct)
  • DES uses two keys EEE2
  • DES uses two keys EDE2
  • None
  • DES uses three keys EEE3

Answer : DES uses a key EEE1

Which of the following things does not deal with digital signatures?


Options are :

  • data integrity
  • nonrepudiation
  • authentication
  • Denial of Service Attack (Correct)
  • None

Answer : Denial of Service Attack

Comment / Suggestion Section
Point our Mistakes and Post Your Suggestions