CISSP Security Engineering Certification Practice Exam Set 5

Access control is a collection of mechanisms, the system allows managers to engage in the lead, or to curb the influence of behavior, usage, and content of the system. It does not allow conclusions:


Options are :

  • to determine how to curb hackers. (Correct)
  • to determine what users can do.
  • to determine what functions they can perform in the system
  • None
  • which resources they can access.

Answer : to determine how to curb hackers.

Which of the following protocols that provide integrity and authentication for IPSec, can also provide non-repudiation IPSec?


Options are :

  • Secure Shell (SSH-2)
  • Secure Sockets Layer (SSL)
  • Authentication Header (AH) (Correct)
  • None
  • Encapsulating Security Payload (ESP)

Answer : Authentication Header (AH)

Which of the following does NOT include models of the integrity of the data or conflict of interest?


Options are :

  • None
  • Clark Wilson
  • biba
  • Brewer-Nash
  • Bell-LaPadula (Correct)

Answer : Bell-LaPadula

CISSP - Software Development Security Mock Questions

Which of the following is an encryption protocol and infrastructure being developed to send encrypted credit card numbers on the Internet?


Options are :

  • Secure Hypertext Transfer Protocol (S-HTTP)
  • None
  • Secure Electronic Transaction (SET) (Correct)
  • Secure Shell (SSH-2)
  • MONDEX

Answer : Secure Electronic Transaction (SET)

What DES algorithm from?


Options are :

  • Brooks-Aldeman
  • None
  • Lucifer. (Correct)
  • Twofish.
  • Skipjack.

Answer : Lucifer.

What is not true inside the pre-shared key IKE / IPsec?


Options are :

  • Pre-shared key is usually based on simple passwords
  • IKE is used to setup the Security Associations
  • None
  • Needs a Public Key Infrastructure (PKI) to work (Correct)
  • IKE is based on the Oakley protocol and ISAKMP protocol.

Answer : Needs a Public Key Infrastructure (PKI) to work

Every security model used for the distribution of different parts of their activity and requires different users to perform each part?


Options are :

  • Non-interference model
  • Bell-LaPadula model
  • None
  • Clark-Wilson model (Correct)
  • Biba model

Answer : Clark-Wilson model

What is a typical use of electronic Dictionary Status Code DES?


Options are :

  • A given block of plaintext and on the key always produces the same ciphertext (Correct)
  • DES previous output is used as input.
  • None
  • Repeated encryption appear at all repeating patterns that may have been present in plaintext.
  • is coded individual characters by combining the output from the previous encryption routines in clear text.

Answer : A given block of plaintext and on the key always produces the same ciphertext

You are approached by someone to customers. They are interested in making some of the security-re-engineering. The customer is looking for different security models. It is a very safe environment, where data is not leaked high ratings to people with lower credit ratings. The primary concern to them, it is scrambled channel potential. As security experts, which model would you recommend to the customer?


Options are :

  • None
  • Information Flow Model
  • Information flow model combined with Bell's LaPadula (Correct)
  • biba
  • Bell LaPadula

Answer : Information flow model combined with Bell's LaPadula

CISSP - Security Assessment and Testing Mock

Public Key Infrastructure (PKI) uses asymmetric key cryptography between the parties. Started by secretly "public" key using the information of the intended recipient in order to get the confidentiality of information transmitted. Recipients use their own "private" key to decrypt the data. "Infrastructure," This method ensures that:


Options are :

  • the identity of the recipient can be sure to verify the sender.
  • The sender of the message is the only person who has access to the recipient's private key
  • None
  • The sender and recipient have failed to reach an agreement on the exchange of the encryption key that they use.
  • The channels through which information flows are safe. (Correct)

Answer : The channels through which information flows are safe.

Which of the following is not true Secure (SSL)?


Options are :

  • It is used to transmit personal information, data and documents on the Internet
  • By convention the use of 's-http: // "instead of" http: // ". (Correct)
  • None
  • It was developed by Netscape
  • The predecessor of the Transport Layer Security (TLS) protocol

Answer : By convention the use of 's-http: // "instead of" http: // ".

The primary purpose of using one-way hashing user passwords within the password file is which of the following?


Options are :

  • It minimizes the processing time passwords used for encryption
  • It prevents an unauthorized person to try several passwords for single sign-on attempt.
  • None
  • It minimizes the storage space required for user passwords
  • It prevents unauthorized person from reading the password. (Correct)

Answer : It prevents unauthorized person from reading the password.

If the parties do not have a shared secret, and large amounts of sensitive data is transferred, the most effective way to transfer knowledge is to use hybrid encryption methods. What does this mean?


Options are :

  • Use the recipient's public key encryption and decryption is based on the recipient's private key.
  • Use of software encryption to assist the hardware encryption accelerator.
  • None
  • The use of elliptic curve cryptography.
  • Public key encryption to secure secret key and message encryption using a secret key. (Correct)

Answer : Public key encryption to secure secret key and message encryption using a secret key.

Protocols which are suitable for securing VPN connections from the lower layer of the OSI model?


Options are :

  • S / MIME and SSH
  • TLS and SSL
  • IPSec, and L2TP (Correct)
  • PKCS # 10 and X.509
  • None

Answer : IPSec, and L2TP

How many bits is an effective key length of the Data Encryption Standard algorithm?


Options are :

  • 64
  • None
  • 128
  • 168
  • 56 (Correct)

Answer : 56

CISSP - Mock Questions with all domains

Which type of attack is the attacker attempts, a number of encrypted messages, to determine the encryption key used in the process?


Options are :

  • The known-plaintext attack
  • None
  • Only plaintext attack
  • Is chosen-ciphertext attack
  • Sala text only attack (Correct)

Answer : Sala text only attack

Which of the following best describes your responses Bell-La Padula model of classified data storage and access control?


Options are :

  • Not reading from higher safety classes
  • No write up, no read down
  • Was not read over and write up
  • None
  • There is nothing to read and write-down (Correct)

Answer : There is nothing to read and write-down

Which is the last line of defense against physical security in mind?


Options are :

  • borders of the region
  • None
  • people (Correct)
  • interior barriers
  • external barriers

Answer : people

What type of algorithm is considered to be the strongest slightly towards the key length for some asymmetric algorithms?


Options are :

  • None
  • Elliptic Curve Cryptography (ECC) (Correct)
  • Advanced Encryption Standard (AES)
  • Rivest, Shamir, Adleman (RSA)
  • el Gamal

Answer : Elliptic Curve Cryptography (ECC)

Which of the following is not a system, wireless sensing proximity card?


Options are :

  • a passive device
  • None
  • the field device,
  • transponder
  • magnetically striped card (Correct)

Answer : magnetically striped card

Individual responsibility does not include which of the following?


Options are :

  • audit trails
  • unique identifiers
  • policies and procedures (Correct)
  • None
  • rules on access to

Answer : policies and procedures

CISSP Security Engineering Certification Practice Exam Set 9

The main difference between the state and Dedicated system security, security mode:


Options are :

  • need to know (Correct)
  • Topics can use all of the objects
  • The clearance required
  • object classification
  • None

Answer : need to know

Which forced the integrity of the model defines a data item, the integrity of the inspection procedure and the transformation?


Options are :

  • Take-Grant model
  • Bell-LaPadula the integrity of the model
  • None
  • Clark Wilson integrity model (Correct)
  • Biba integrity model

Answer : Clark Wilson integrity model

What is the first name of a mathematical model of multi-level security is used to define the concept of granting a safe space, modes of access, and the rules to use?


Options are :

  • Rivest and Shamir Model
  • Harrison-RUZZO-Ullman Model
  • Bell-LaPadula Model (Correct)
  • Clark and Wilson Model
  • None

Answer : Bell-LaPadula Model

Which of the following algorithms does not provide diversification?


Options are :

  • MD2
  • None
  • MD5
  • RC4 (Correct)
  • SHA-1

Answer : RC4

Which of the following identifies th


Options are :

  • RC6
  • Rijndael (Correct)
  • Snake
  • None
  • twofish

Answer : Rijndael

PGP uses which of the following to encrypt data?


Options are :

  • X.509 digital certificate
  • Symmetric encryption algorithm (Correct)
  • The symmetric key distribution system
  • None
  • Asymmetric encryption algorithm

Answer : Symmetric encryption algorithm

CISSP - Software Development Security Mock Questions

Which of the following authentication mechanisms, creates a problem for mobile users?


Options are :

  • The challenge response mechanism.
  • None
  • Mechanism of reusable passwords
  • One-time password mechanism
  • Mechanisms based on IP addresses (Correct)

Answer : Mechanisms based on IP addresses

Compared to RSA, which of the following is true for Elliptic Curve Cryptography (ECC)?


Options are :

  • It is mathematically proven to be more secure
  • It is believed to require a longer key equivalent guarantees.
  • It is mathematically proven to be less secure.
  • It is believed to require shorter keys equivalent guarantees (Correct)
  • None

Answer : It is believed to require shorter keys equivalent guarantees

Which of the following was the first mathematical model of multi-level security is used to define the concepts of state security, and usage, and outline rules to use?


Options are :

  • None
  • Clark Wilson
  • Bell-LaPadula (Correct)
  • biba
  • state machine

Answer : Bell-LaPadula

Comment / Suggestion Section
Point our Mistakes and Post Your Suggestions