CISSP Security Engineering Certification Practice Exam Set 6

To break the encryption keys are against the increased power of the increased computing power. Which of the following is often seen as a good protection against brute force attack cryptography?


Options are :

  • Nothing can defend you against brute force encryption-key attack.
  • Use a good key generators.
  • Use only a series of sessions.
  • Algorithms that are immune to brute force key attacks
  • None

Answer : Use only a series of sessions.

Every security model used in access control triple and also requires separation of duty?


Options are :

  • Lattice
  • DAC
  • Clark Wilson
  • Bell-LaPadula
  • None

Answer : Clark Wilson

Which of the following is a subset of the encryption, which polyalphabetic Vigenere cipher was based on?


Options are :

  • emperor
  • The Jefferson plates
  • None
  • SIGABA
  • Mystery

Answer : emperor

CISSP Security Assessment Testing Security Operations Exam Set 1

Secure Hash Algorithm (SHA-1) consists of:


Options are :

  • None
  • a variable length message digest from the input variable length message.
  • a fixed length message digest to vary the length of the input signal.
  • a variable length of a fixed length message digest input signal.
  • a fixed length message digest fixed length of the input signal.

Answer : a fixed length message digest to vary the length of the input signal.

Which of the following is a key agreement protocol is used to enable the two entities to agree on and produces a session key (a secret key used for a single session) unsecured medium without any prior secrets or communication between the entities? The negotiated key later, message encryption Symmetric encryption is used.


Options are :

  • PKI
  • RSA
  • 3DES
  • None
  • Diffie_Hellmann

Answer : Diffie_Hellmann

Which of the following is the most expensive countermeasure to reduce the physical safety?


Options are :

  • None
  • Safety
  • The guards
  • devices
  • Electronic Systems

Answer : The guards

Kerberos depends on what encryption method?


Options are :

  • El Gamal cryptography.
  • blowfish cryptography
  • Public-key encryption.
  • None
  • The secret key encryption.

Answer : The secret key encryption.

Which of the following describes decryption attacks when the attacker is a copy of the plaintext and the corresponding ciphertext?


Options are :

  • only encryption
  • brute force
  • chosen plaintext
  • known-plaintext
  • None

Answer : known-plaintext

RSA algorithm is an example of what kind of cipher?


Options are :

  • None
  • Private key.
  • symmetric key
  • The secret key.
  • Asymmetric key.

Answer : Asymmetric key.

CISSP Security Engineering Certification Practical Exam Set 10

High Availability several all-inclusive, easy to use hacking tools that do not require much technical knowledge has brought an increase of the amount of the type of the attackers?


Options are :

  • None
  • white caps
  • script kiddies
  • Black hats
  • Phreakers

Answer : script kiddies

The public key algorithm, which makes both encryption and digital signature is which of the following?


Options are :

  • RSA
  • D FLAT
  • Diffie-Hellman
  • None
  • IDEA

Answer : RSA

What is the role of IPsec IKE inside?


Options are :

  • signature data
  • data encryption
  • peer authentication and key exchange
  • implement quality of service
  • None

Answer : peer authentication and key exchange

RSA algorithm uses a mathematical concept underlying the encryption?


Options are :

  • PI (3.14159 ...)
  • Geometry
  • None
  • The two large prime numbers
  • 16 rounds of ciphers

Answer : The two large prime numbers

Which of the following security models put forward the idea of ??mutual exclusivity that creates dynamically changing permissions?


Options are :

  • Clark Wilson
  • None
  • Graham-Denning
  • Brewer & Nash
  • biba

Answer : Brewer & Nash

Physical security domain will focus on three areas, which are the basis for physically protect corporate resources and sensitive data. Which of the following is not one of these areas?


Options are :

  • retaliatory
  • vulnerabilities
  • None
  • risks
  • threats

Answer : risks

CISSP - Security and Risk Management Pratice Questions

Data Encryption Standard (DES) encryption algorithm which has the following characteristics?


Options are :

  • 56 bits of the data input lead 56 bits of encrypted output
  • 64-bit blocks of 64 bits, the total length of the key
  • None
  • 64 bits of the data input lead 56 bits of encrypted output
  • 128-bit key 8 bits are used for parity

Answer : 64-bit blocks of 64 bits, the total length of the key

What is the Biba security model about?


Options are :

  • Reliability
  • Availability
  • confidence
  • integrity
  • None

Answer : integrity

Every access control model would be a lattice-based model of supervision to be an example?


Options are :

  • Discretionary access control.
  • Discretionary access control.
  • Mandatory access control.
  • None
  • Rule-based access control.

Answer : Mandatory access control.

Which of the following security models It does not apply to themselves the flow of information?


Options are :

  • harassing model
  • None
  • Bell-LaPadula model
  • Biba model
  • Information flow model

Answer : harassing model

What * (star) Integrity Axiom mean Biba model?


Options are :

  • Unread down
  • None
  • Well read
  • No write-down
  • No write up

Answer : No write up

What a simple safety (SS) assets refer to Bell-LaPadula model?


Options are :

  • No write up
  • Unread down
  • No write-down
  • Well read
  • None

Answer : Well read

CISSP Security Engineering Certification Practice Exam Set 7

What a simple integrity of the Axiom mean Biba model?


Options are :

  • Well read
  • No write-down
  • No write up
  • None
  • Unread down

Answer : Unread down

Which of the following would be the most serious risk if the systems development life cycle methodology is inadequate?


Options are :

  • The project will not succeed in achieving business and user needs
  • The project will exceed the cost estimates
  • The project will be completed in late.
  • The project is incompatible with existing systems.
  • None

Answer : The project will not succeed in achieving business and user needs

Which of the following stages of system development life cycle (SDLC) is the most important contingency planning?


Options are :

  • execution
  • Operation / Maintenance
  • commencement of
  • Development / acquisition
  • None

Answer : commencement of

Which of the following is true about the "dry pipe" sprinkler system?


Options are :

  • It reduces the likelihood of freezing of sprinkler system pipes.
  • It maximizes the potential for accidental discharge of water.
  • None
  • It uses less water than the "wet line" systems.
  • It is to replace the carbon dioxide systems.

Answer : It reduces the likelihood of freezing of sprinkler system pipes.

information technology security evaluation criteria (ITSEC) have been written to deal with what following the Orange Book did not solve?


Options are :

  • integrity and confidentiality
  • confidentiality and availability
  • does none of the above
  • integrity and availability
  • None

Answer : integrity and availability

When considering the life cycle of information systems development, security would be:


Options are :

  • Mostly considered to be under development.
  • Treated as part of the overall system design.
  • None
  • Mostly examined in the initial phase.
  • Added When the plan is completed.

Answer : Treated as part of the overall system design.

CISSP Security Engineering Certification Practical Exam Set 3

What is the minimum static charge capable of causing a disk drive data loss?


Options are :

  • 2000 volts
  • 1000 volts
  • None
  • 1500 volts
  • 550 volts

Answer : 1500 volts

What Clark-Wilson model focuses on safety?


Options are :

  • integrity
  • None
  • Availability
  • accountability
  • confidence

Answer : integrity

What is the main focus of Bell-LaPadula security model?


Options are :

  • Availability
  • None
  • accountability
  • integrity
  • confidence

Answer : confidence

Comment / Suggestion Section
Point our Mistakes and Post Your Suggestions

Subscribe to See Videos

Subscribe to my Youtube channel for new videos : Subscribe Now