CISSP Security Engineering Certification Practice Exam Set 8

Which of the following fire-extinguishing system incorporating the detection system is currently the most recommended water system for a computer class?


Options are :

  • the wet pipe type
  • Overwhelm
  • None
  • dry pipe
  • Preaction (Correct)

Answer : Preaction

Which of the following would be used to implement Mandatory Access Control (MAC)?


Options are :

  • The grid-based access control (Correct)
  • Role-based access control
  • Clark-Wilson Access Control
  • User dictated by the access control
  • None

Answer : The grid-based access control

Every Orange Book security rating introduce security labels?


Options are :

  • B1 (Correct)
  • None
  • B3
  • C2
  • B2

Answer : B1

CISSP Security and Risk Management Certified Practice Exam Set 4

Which of the following was developed by the National Computer Security Center (NCSC) for the US Department of Defense?


Options are :

  • TCSEC (Correct)
  • ITSEC
  • NIACAP
  • DIACAP
  • None

Answer : TCSEC

Which of the following is NOT a precautionary measure to reduce the static electricity?


Options are :

  • power cords (Correct)
  • None
  • Anti-static floor
  • to maintain humidity levels
  • anti-static spray

Answer : power cords

What are the four basic elements of Fire?


Options are :

  • None
  • Heat, fuel, CO2, and Chain Reaction
  • The flame, fuel, oxygen, and Chain Reaction
  • Heat, wood, oxygen, and Chain Reaction
  • The heat, fuel, oxygen and Chain Reaction (Correct)

Answer : The heat, fuel, oxygen and Chain Reaction

Which of the following is not EPA-certified replacement for Halon?


Options are :

  • Inergen
  • MA-200
  • FE-13
  • Bromine (Correct)
  • None

Answer : Bromine

Which developed one of the first mathematical models for multi-level security information system?


Options are :

  • None
  • Diffie and Hellman.
  • Gasser and Lipner.
  • Bell and LaPadula. (Correct)
  • Clark and Wilson.

Answer : Bell and LaPadula.

Which of the following is not classified as "security and audit frameworks and methods"?


Options are :

  • IT Infrastructure Library (ITIL)
  • The control objectives information and related technology (COBIT)
  • Bell LaPadula (Correct)
  • None
  • The Committee of Sponsoring Organizations the Treadway Commission (COSO)

Answer : Bell LaPadula

CISSP-ISSEP Information Systems Security Engineering Exam Set 7

Which of the following organizations to produce and publish a Federal Information Processing Standards (FIPS)?


Options are :

  • American National Standards Institute (ANSI)
  • National Computer Security Center (NCSC)
  • National Institute of Standards and Technology (NIST) (Correct)
  • None
  • National Security Agency (NSA)

Answer : National Institute of Standards and Technology (NIST)

Which of the following is currently the most recommended water system for a computer class?


Options are :

  • the wet pipe type
  • preaction (Correct)
  • overwhelm
  • dry pipe
  • None

Answer : preaction

In order to ensure the safety of the design, what kind of fence is the most efficient and cost-effective way (Foot has been used for the unit of measurement below)?


Options are :

  • None
  • double fences
  • 6 'and 7' high.
  • 8 'high, and the strands of barbed wire (Correct)
  • 3 ', 4' high.

Answer : 8 'high, and the strands of barbed wire

What * (star) refer to the property Bell-LaPadula model?


Options are :

  • Unread down
  • No write-down (Correct)
  • No write up
  • None
  • Well read

Answer : No write-down

Which of the following is a Class A fire?


Options are :

  • a common piece of (Correct)
  • None
  • liquid
  • electric
  • halon

Answer : a common piece of

Every security model will ensure that it takes place in a higher security level will not affect the actions that take place at a lower level?


Options are :

  • harassing model (Correct)
  • Bell-LaPadula model
  • Clark-Wilson model
  • None
  • Information flow model

Answer : harassing model

CISSP Security Engineering Certification Practice Exam Set 10

What can be defined as follows: It confirms that the user is satisfied with the solution supplied?


Options are :

  • Accreditation
  • None
  • certification
  • Adoption (Correct)
  • certainty

Answer : Adoption

Risk reduction system development life cycle should be applied:


Options are :

  • Mostly stage of development.
  • None
  • Equally in all stages. (Correct)
  • Mostly caring phase.
  • Mainly in the initial phase.

Answer : Equally in all stages.

Which of the following services are not supplied digital signature standard (DSS)?


Options are :

  • encryption (Correct)
  • integrity
  • None
  • Authentication
  • Digital signature

Answer : encryption

Where's PKI infrastructure is a list of revoked certificates stored?


Options are :

  • recovery agent
  • key escrow
  • None
  • CRL (Correct)
  • Registration Authority

Answer : CRL

Physical security is successful right facility construction, fire and water protection, anti-theft mechanisms, intrusion detection systems and security procedures that complied with and monitored. Which of the following is not a component that achieves this kind of security?


Options are :

  • None
  • Physical control mechanisms
  • administrative control systems
  • Technical surveillance systems
  • Integrity monitoring (Correct)

Answer : Integrity monitoring

What kind of key you will find a list inside the browser's trusted root CAs?


Options are :

  • the public key (Correct)
  • private key
  • symmetric key
  • None
  • recovery key

Answer : the public key

CISSP-ISSEP Information Systems Security Engineering Exam Set 7

Which of the following asymmetric encryption algorithms based on the difficulty of factoring large numbers?


Options are :

  • None
  • RSA (Correct)
  • International Data Encryption Algorithm (IDEA)
  • el Gamal
  • Elliptic Curve Cryptosystems (ECC)

Answer : RSA

You are information systems security officer at medium-sized enterprises and invited to examine the threat transported to an email from one employee to another. You collect evidence, as well as e-mail server event logs from computers and two individuals involved in the incident and prepare Executive summary.You find that the threat was sent from one user to another, a digitally signed e-mail. a threat to the sender says he did not send the email in question. What does the concept of PKI - Public Key Infrastructure accusation to the sender?


Options are :

  • The digital signature of the recipient
  • Non-repudiation (Correct)
  • integrity
  • None
  • Authentication

Answer : Non-repudiation

S / MIME standard for encryption What has been implemented?


Options are :

  • Public-key-based, hybrid encryption method (Correct)
  • None
  • Password-based encryption method
  • Elliptic curve cryptography
  • Asymmetric encryption method

Answer : Public-key-based, hybrid encryption method

Let's say that you're COMSEC - Communications Security custodian bank for a large, multinational company. Susie, Finance approaching you break room saying that he lost the Smart ID card that he uses to digitally sign and encrypt e-mails PKI.What happens after the certificates contained in smart card security officer will take appropriate action?


Options are :

  • They re-released to the user
  • They are added to CRL (Correct)
  • New certificates will be issued to the user
  • The user may no longer certifications
  • None

Answer : They are added to CRL

Which of the following is NOT a feature of the Rijndael block cipher algorithm?


Options are :

  • The key to the whole do not have to answer the block size
  • The maximum key size of 512 bits (Correct)
  • The maximum block size of 256 bits
  • None
  • The key size is 32 bits have a number of

Answer : The maximum key size of 512 bits

Which of the following Kerberos components contains all the encryption keys of users and services?


Options are :

  • Key Distribution Center (Correct)
  • The key to the granting of service
  • None
  • authentication service
  • Key Distribution Service

Answer : Key Distribution Center

CISSP Security Engineering Certification Practice Exam Set 6

What kind of encryption technology, SSL is not used?


Options are :

  • A hybrid (both balanced and unbalanced) (Correct)
  • private key
  • the public key
  • Secret or symmetric key
  • None

Answer : A hybrid (both balanced and unbalanced)

Which of the following choices is a valid public key encryption Standard (PKCS) deals with RSA?


Options are :

  • None
  • PKCS-RSA
  • PKCS # 17799
  • PKCS # 1 (Correct)
  • PKCS # 11

Answer : PKCS # 1

What used to key the same length as the message, where each bit or sign the plaintext has been encrypted by the addition of modular?


Options are :

  • Running key cipher
  • steganography
  • Single-key (Correct)
  • None
  • Cipher Block Chaining

Answer : Single-key

Comment / Suggestion Section
Point our Mistakes and Post Your Suggestions