Which
of the following fire-extinguishing system incorporating the detection
system is currently the most recommended water system for a computer
class?
Options are :
- the wet pipe type
- Overwhelm
- None
- dry pipe
- Preaction
(Correct)
Answer : Preaction
Which of the following would be used to implement Mandatory Access Control (MAC)?
Options are :
- The grid-based access control
(Correct)
- Role-based access control
- Clark-Wilson Access Control
- User dictated by the access control
- None
Answer : The grid-based access control
Every Orange Book security rating introduce security labels?
Options are :
- B1
(Correct)
- None
- B3
- C2
- B2
Answer : B1
CISSP Security and Risk Management Certified Practice Exam Set 4
Which of the following was developed by the National Computer Security Center (NCSC) for the US Department of Defense?
Options are :
- TCSEC
(Correct)
- ITSEC
- NIACAP
- DIACAP
- None
Answer : TCSEC
Which of the following is NOT a precautionary measure to reduce the static electricity?
Options are :
- power cords
(Correct)
- None
- Anti-static floor
- to maintain humidity levels
- anti-static spray
Answer : power cords
What are the four basic elements of Fire?
Options are :
- None
- Heat, fuel, CO2, and Chain Reaction
- The flame, fuel, oxygen, and Chain Reaction
- Heat, wood, oxygen, and Chain Reaction
- The heat, fuel, oxygen and Chain Reaction
(Correct)
Answer : The heat, fuel, oxygen and Chain Reaction
Which of the following is not EPA-certified replacement for Halon?
Options are :
- Inergen
- MA-200
- FE-13
- Bromine
(Correct)
- None
Answer : Bromine
Which developed one of the first mathematical models for multi-level security information system?
Options are :
- None
- Diffie and Hellman.
- Gasser and Lipner.
- Bell and LaPadula.
(Correct)
- Clark and Wilson.
Answer : Bell and LaPadula.
Which of the following is not classified as "security and audit frameworks and methods"?
Options are :
- IT Infrastructure Library (ITIL)
- The control objectives information and related technology (COBIT)
- Bell LaPadula
(Correct)
- None
- The Committee of Sponsoring Organizations the Treadway Commission (COSO)
Answer : Bell LaPadula
CISSP-ISSEP Information Systems Security Engineering Exam Set 7
Which of the following organizations to produce and publish a Federal Information Processing Standards (FIPS)?
Options are :
- American National Standards Institute (ANSI)
- National Computer Security Center (NCSC)
- National Institute of Standards and Technology (NIST)
(Correct)
- None
- National Security Agency (NSA)
Answer : National Institute of Standards and Technology (NIST)
Which of the following is currently the most recommended water system for a computer class?
Options are :
- the wet pipe type
- preaction
(Correct)
- overwhelm
- dry pipe
- None
Answer : preaction
In
order to ensure the safety of the design, what kind of fence is the
most efficient and cost-effective way (Foot has been used for the unit
of measurement below)?
Options are :
- None
- double fences
- 6 'and 7' high.
- 8 'high, and the strands of barbed wire
(Correct)
- 3 ', 4' high.
Answer : 8 'high, and the strands of barbed wire
What * (star) refer to the property Bell-LaPadula model?
Options are :
- Unread down
- No write-down
(Correct)
- No write up
- None
- Well read
Answer : No write-down
Which of the following is a Class A fire?
Options are :
- a common piece of
(Correct)
- None
- liquid
- electric
- halon
Answer : a common piece of
Every
security model will ensure that it takes place in a higher security
level will not affect the actions that take place at a lower level?
Options are :
- harassing model
(Correct)
- Bell-LaPadula model
- Clark-Wilson model
- None
- Information flow model
Answer : harassing model
CISSP Security Engineering Certification Practice Exam Set 10
What can be defined as follows: It confirms that the user is satisfied with the solution supplied?
Options are :
- Accreditation
- None
- certification
- Adoption
(Correct)
- certainty
Answer : Adoption
Risk reduction system development life cycle should be applied:
Options are :
- Mostly stage of development.
- None
- Equally in all stages.
(Correct)
- Mostly caring phase.
- Mainly in the initial phase.
Answer : Equally in all stages.
Which of the following services are not supplied digital signature standard (DSS)?
Options are :
- encryption
(Correct)
- integrity
- None
- Authentication
- Digital signature
Answer : encryption
Where's PKI infrastructure is a list of revoked certificates stored?
Options are :
- recovery agent
- key escrow
- None
- CRL
(Correct)
- Registration Authority
Answer : CRL
Physical
security is successful right facility construction, fire and water
protection, anti-theft mechanisms, intrusion detection systems and
security procedures that complied with and monitored. Which of the
following is not a component that achieves this kind of security?
Options are :
- None
- Physical control mechanisms
- administrative control systems
- Technical surveillance systems
- Integrity monitoring
(Correct)
Answer : Integrity monitoring
What kind of key you will find a list inside the browser's trusted root CAs?
Options are :
- the public key
(Correct)
- private key
- symmetric key
- None
- recovery key
Answer : the public key
CISSP-ISSEP Information Systems Security Engineering Exam Set 7
Which of the following asymmetric encryption algorithms based on the difficulty of factoring large numbers?
Options are :
- None
- RSA
(Correct)
- International Data Encryption Algorithm (IDEA)
- el Gamal
- Elliptic Curve Cryptosystems (ECC)
Answer : RSA
You
are information systems security officer at medium-sized enterprises
and invited to examine the threat transported to an email from one
employee to another. You collect evidence, as well as e-mail server
event logs from computers and two individuals involved in the incident
and prepare Executive summary.You find that the threat was sent from one
user to another, a digitally signed e-mail. a threat to the sender says
he did not send the email in question. What does the concept of PKI -
Public Key Infrastructure accusation to the sender?
Options are :
- The digital signature of the recipient
- Non-repudiation
(Correct)
- integrity
- None
- Authentication
Answer : Non-repudiation
S / MIME standard for encryption What has been implemented?
Options are :
- Public-key-based, hybrid encryption method
(Correct)
- None
- Password-based encryption method
- Elliptic curve cryptography
- Asymmetric encryption method
Answer : Public-key-based, hybrid encryption method
Let's
say that you're COMSEC - Communications Security custodian bank for a
large, multinational company. Susie, Finance approaching you break room
saying that he lost the Smart ID card that he uses to digitally sign and
encrypt e-mails PKI.What happens after the certificates contained in
smart card security officer will take appropriate action?
Options are :
- They re-released to the user
- They are added to CRL
(Correct)
- New certificates will be issued to the user
- The user may no longer certifications
- None
Answer : They are added to CRL
Which of the following is NOT a feature of the Rijndael block cipher algorithm?
Options are :
- The key to the whole do not have to answer the block size
- The maximum key size of 512 bits
(Correct)
- The maximum block size of 256 bits
- None
- The key size is 32 bits have a number of
Answer : The maximum key size of 512 bits
Which of the following Kerberos components contains all the encryption keys of users and services?
Options are :
- Key Distribution Center
(Correct)
- The key to the granting of service
- None
- authentication service
- Key Distribution Service
Answer : Key Distribution Center
CISSP Security Engineering Certification Practice Exam Set 6
What kind of encryption technology, SSL is not used?
Options are :
- A hybrid (both balanced and unbalanced)
(Correct)
- private key
- the public key
- Secret or symmetric key
- None
Answer : A hybrid (both balanced and unbalanced)
Which of the following choices is a valid public key encryption Standard (PKCS) deals with RSA?
Options are :
- None
- PKCS-RSA
- PKCS # 17799
- PKCS # 1
(Correct)
- PKCS # 11
Answer : PKCS # 1
What
used to key the same length as the message, where each bit or sign the
plaintext has been encrypted by the addition of modular?
Options are :
- Running key cipher
- steganography
- Single-key
(Correct)
- None
- Cipher Block Chaining
Answer : Single-key