This article offers you a solid foundation for the Certified Information Systems Security Professional (CISSP) exam. This article is designed for readers and students who want to study for the CISSP certification exam.
The CISSP exam is governed by the International Information Systems Security Certification Consortium, Inc. (ISC)2 organization.
- CISSP – MCQ – Security Management Practices
- CISSP – MCQ – Access Control Systems
- CISSP – MCQ – Telecommunications and Network Security
- CISSP – MCQ – Cryptography
- CISSP – MCQ – Security Architecture and models
- CISSP – MCQ – Operations Security
- CISSP – MCQ – Applications and Systems Development
- CISSP – MCQ – Business Continuity Planning and Disaster Recovery Planning
- CISSP – MCQ – Law, Investigation and Ethics
- CISSP – MCQ – Physical Security
- CISSP – MCQ – Systems Security Engineering
- CISSP – MCQ – Certification and Accreditation
- CISSP – MCQ – Technical Management
- CISSP – MCQ – U.S. Government Information Assurance (IA) Regulations
(ISC)2 is a global not-for-profit organization. It has four primary mission goals:
- Maintain the Common Body of Knowledge for the field of information systems security
- Provide certification for information systems security professionals and practitioners
- Conduct certification training and administer the certification exams
- Oversee the ongoing accreditation of qualified certification candidates through continued education
In this article, all the questions are related to “U.S. Government Information Assurance (IA) Regulations” and are as follows:
1) Which choice below is NOT an element of fiber optic cable?
2) Which backup method listed below will probably require the backup operator to use the most number of tapes for a complete system restoration if a different tape is used every night in a five-day rotation?
- Ad Hoc
3) To what does 10Base-5 refer?
- 10 Mbps thinnest coax cabling rated to 185 meters maximum length
- 10 Mbps thickest coax cabling rated to 500 meters maximum length
- 10 Mbps baseband optical fiber
- 100 Mbps unshielded twisted pair cabling
4) Which LAN transmission method below describes a packet sent from a single source to multiple specific destinations?
5) Which part of the 48-bit, 12 digit hexadecimal number known as the Media Access Control (MAC) address identifies the manufacturer of the network device?
- The first three bytes
- The first two bytes
- The second half of the MAC address
- The last three bytes
6) Which choice below BEST describes coaxial cable?
- Coax consists of two insulated wires wrapped around each other in a regular spiral pattern.
- Coax consists of a hollow outer cylindrical conductor surrounding a single, inner conductor.
- Coax does not require the fixed spacing between connections that UTP requires.
- Coax carries signals as light waves.
7) Which choice below is NOT one of the legal IP address ranges specified by RFC1976 and reserved by the Internet Assigned Numbers Authority (IANA) for non-routable private addresses?
8) Which statement below about the difference between analog and digital signals is incorrect?
- An analog signal produces an infinite waveform.
- Analog signals cannot be used for data communications.
- An analog signal can be varied by amplification.
- A digital signal produces a saw-tooth waveform.
9) Which choice below most accurately describes SSL?
- It’s a widely used standard of securing email at the Application level.
- It gives a user remote access to a command prompt across a secure, encrypted session.
- It uses two protocols, the Authentication Header and the Encapsulating Security Payload.
- It allows an application to have authenticated, encrypted communications across a network.
10) Which IEEE protocol defines wireless transmission in the 5 GHz band with data rates up to 54 Mbps?
- IEEE 802.11a
- IEEE 802.11b
- IEEE 802.11g
- IEEE 802.15
11) Which protocol is used to resolve a known IP address to an unknown MAC address?
12) Which TCP/IP protocol operates at the OSI Network Layer?
13) Which statement accurately describes the difference between 802.11b WLAN ad hoc and infrastructure modes?
- The ad hoc mode requires an Access point to communicate to the wired network.
- Wireless nodes can communicate peer-to-peer in the infrastructure mode.
- Wireless nodes can communicate peer-to-peer in the ad hoc mode.
- Access points are rarely used in 802.11b WLANs.
14) Which answer below is true about the difference between TCP and UDP?
- UDP is considered a connectionless protocol and TCP is connection-oriented.
- TCP is considered a connectionless protocol, and UDP is connection-oriented.
- UDP acknowledges the receipt of packets, and TCP does not.
- TCP is sometimes referred to as an unreliable protocol.
15) Which choice below denotes a packet-switched connectionless wide area network (WAN) technology?
- Frame Relay
16) Which answer below is true about the difference between FTP and TFTP?
- FTP does not have a directory-browsing capability, whereas TFTP does.
- FTP enables print job spooling, whereas TFTP does not.
- TFTP is less secure because session authentication does not occur.
- FTP is less secure because session authentication does not occur.
17) Which statement below is correct regarding VLANs?
- A VLAN restricts flooding to only those ports included in the VLAN.
- A VLAN is a network segmented physically, not logically.
- A VLAN is less secure when implemented in conjunction with private port switching.
- A closed VLAN configuration is the least secure VLAN configuration.
18) Which statement about a VPN tunnel below is incorrect?
- It can be created by implementing only IPSec devices.
- It can be created by installing software or hardware agents on the client or network.
- It can be created by implementing key and certificate exchange systems.
- It can be created by implementing node authentication systems.
19) Which utility below can create a server-spoofing attack?
- DNS poisoning
20) What is a server cluster?
- A primary server that mirrors its data to a secondary server
- A group of independent servers that are managed as a single system
- A tape array backup implementation
- A group of WORM optical jukeboxes
21) Which attack type below does NOT exploit TCP vulnerabilities?
- Sequence Number attack
- SYN attack
- Ping of Death
- Land attack
22) What is probing used for?
- To induce a user into taking an incorrect action
- To give an attacker a road map of the network
- To use up all of a target’s resources
- To covertly listen to transmissions
23) Which firewall type below uses a dynamic state table to inspect the content of packets?
- A packet-filtering firewall
- An application-level firewall
- A circuit-level firewall
- A stateful-inspection firewall
24) To what does logon abuse refer?
- Breaking into a network primarily from an external source
- Legitimate users accessing networked services that would normally be restricted to them
- Nonbusiness or personal use of the Internet
- Intrusions via dial-up or asynchronous external network connections
25) What type of firewall architecture employs two network cards and a single screening router?
- A screened-host firewall
- A dual-homed host firewall
- A screened-subnet firewall
- An application-level proxy server
26) To what does covert channel eavesdropping refer?
- Using a hidden, unauthorized network connection to communicate unauthorized information
- Nonbusiness or personal use of the Internet
- Socially engineering passwords from an ISP
- The use of two-factor passwords
27) What is one of the most common drawbacks to using a dual-homed host firewall?
- The examination of the packet at the Network Layer introduces latency.
- The examination of the packet at the Application Layer introduces latency.
- The ACLs must be manually maintained on the host.
- Internal routing may accidentally become enabled.
28) Which is NOT a property of a bridge?
- Forwards the data to all other segments if the destination is not on the local segment
- Operates at Layer 2, the Data Link Layer
- Operates at Layer 3, the Network Layer
- Can create a broadcast storm
29) Which IEEE protocol defines the Spanning Tree protocol?
- IEEE 802.5
- IEEE 802.3
- IEEE 802.11
- IEEE 802.1D
30) What does the Data Encapsulation in the OSI model do?
- Creates seven distinct layers
- Wraps data from one layer around a data packet from an adjoining layer
- Provides best-effort delivery of a data packet
- Makes the network transmission deterministic.
31) Which choice below is NOT an element of IPSec?
- Authentication Header
- Layer Two Tunneling Protocol
- Security Association
- Encapsulating Security Payload
32) Which network attack below would NOT be considered a Denial of Service attack?
- Ping of Death
- Brute Force
- TCP SYN
33) Which statement is NOT true about the SOCKS protocol?
- It is sometimes referred to as an application-level proxy.
- It uses an ESP for authentication and encryption.
- It operates in the Transport Layer of the OSI model.
- Network applications need to be SOCKS-ified to operate.
34) Which choice below is NOT a way to get Windows NT passwords?
- Obtain the backup SAM from the repair directory.
- Boot the NT server with a floppy containing an alternate operating system.
- Obtain root access to the /etc/passwd file.
- Use pwdump2 to dump the password hashes directly from the registry.
35) Which type of routing below commonly broadcasts its routing table information to all other routers every minute?
- Distance Vector
- Link State
- Dynamic Control Protocol
36) A back door into a network refers to what?
- Socially engineering passwords from a subject
- Mechanisms created by hackers to gain network access at a later time
- Undocumented in used by programmers to debug applications
- Monitoring programs implemented on dummy applications to lure intruders
37) What is the protocol that supports sending and receiving email?
38) Which protocol below does NOT pertain to email?
39) Which choice below does NOT relate to analog dial-up hacking?
- War dialing
- War walking
- Demon dialing
40) Which level of RAID is commonly referred to as disk mirroring?
- RAID 0
- RAID 1
- RAID 3
- RAID 5
41) Which choice below is the earliest and the most commonly found Interior Gateway Protocol?
42) What is the Network Layer of the OSI reference model primarily responsible for?
- Internetwork packet routing
- LAN bridging
- SMTP Gateway services
- Signal regeneration and repeating
43) Which of the following is NOT a true statement about Network Address Translation (NAT)?
- NAT is used when corporations want to use private addressing ranges for internal networks.
- NAT is designed to mask the true IP addresses of internal systems.
- Private addresses can easily be routed globally.
- NAT translates private IP addresses to registered “real” IP addresses.
44) In the DoD reference model, which layer conforms to the OSI Transport Layer?
- Process/Application Layer
- Host-to-Host Layer
- Internet Layer
- Network Access Layer
45) The IP address, 22.214.171.124, is considered to be in which class of address?
- Class A
- Class B
- Class C
- Class D
46) What does TFTP stand for?
- Trivial File Transport Protocol
- Transport for TCP/IP
- Trivial File Transfer Protocol
- Transport File Transfer Protocol