Dear Readers, Welcome to CISSP Objective Questions and Answers have been designed specially to get you acquainted with the nature of questions you may encounter during your Job interview for the subject of CISSP Multiple choice Questions. These Objective type CISSP are very important for campus placement test and job interviews. As per my experience good interviewers hardly plan to ask any particular question during your Job interview and these model questions are asked in the online technical test and interview of many IT & Non IT Industry.
A. Spoofing
B. Spamming
C. Crackers
D. Sniffers
Ans: B
A. Attempting to hack a system through backdoors to an operating system or application
B. Pretending to be an authorized user
C. Always done through IP spoofing
D. Applying a subnet mask to an internal IP range
Ans: B
A. Unauthorized changes
B. Accidental changes
C. Data analysis
D. Intentional manipulation
Ans: C
A. Accuracy of information
B. Change control
C. User expectations
D. Prevention of fraud
Ans: A
A. Physical security
B. Logical security
C. Confidentiality
D. Access controls
Ans: D
A. Has all the necessary paperwork to substantiate the transaction.
B. Is based on clear business objectives.
C. Ensures that data can be manipulated only by a specific set of programs.
D. Is subject to duplicate processing.
Ans: C
A. Segregation of duties
B. Rotation of duties
C. Need-to-know
D. Collusion
Ans: A
A. Analyzing and assessing risk
B. Identifying risk
C. Accepting or mitigation of risk
D. Likelihood of a risk occurring
Ans: D
A. Exposure Factor (EF)
B. Annualized Rate of Occurrence (ARO)
C. Vulnerability
D. Likelihood
Ans: A
A. Exposure
B. Threat
C. Vulnerability
D. Risk
Ans: C
A. Implementation of effective countermeasures
B. Ensuring that risk is managed
C. Analysis of the current state of security in the target environment
D. Strategic analysis of risk
Ans: A
A. Automated tools
B. Adoption of qualitative risk assessment processes
C. Increased reliance on internal experts for risk assessment
D. Recalculation of the work factor
Ans: A
A. Eliminating regulatory mandates
B. Lowering accountability of data classifiers
C. Reducing costs for protecting data
D. Normalization of databases
Ans: C
A. Information technology group
B. Users
C. Data custodians
D. Business units
Ans: D
A. Authority for information security department
B. Guidelines for how to implement policy
C. Basis for data classification
D. Recognition of information as an asset of the organization
Ans: B
A. Restoration of lost or corrupted data
B. Regular backups of data
C. Establishing retention periods for data
D. Ensuring the availability of data
Ans: C
A. Provide understanding of responsibilities
B. Entertaining the users through creative programs
C. Overcoming all resistance to security procedures
D. To be repetitive to ensure accountability
Ans: A
A. An individual
B. A policy
C. Government agencies
D. An information system
Ans: A
A. Dumpster diving
B. Coercion or intimidation
C. Sympathy
D. Eavesdropping
Ans: D
A. Meeting regulatory requirements
B. Creating customer loyalty
C. Reducing the impact of an adverse event on the organization
D. Ensuring management makes the correct decisions in a crisis
Ans: C
A. DMZ (Demilitarized Zone)
B. A honey pot
C. A firewall
D. A new subnet
Ans: B
A. STP
B. UTP
C. Coaxial
D. Fiber-optic
Ans: D
A. Private Key
B. Public Key
C. Password
D. Kerberos Key
Ans: B
A. Piggybacking
B. Masquerading
C. Man-in-da-middle attack
D. Social Engineering
Ans: D
A. If the window is repaired, the likelihood of the threat occurring will increase.
B. If the window is repaired, the likelihood of the threat occurring will remain constant.
C. If the window is not repaired the, the likelihood of the threat occurring will decrease.
D. If the window is not repaired, the likelihood of the threat occurring will increase.
Ans: A
A. Centralize servers and other vital components in a single room of the main building, and add security measures to this room so that they are well protected.
B. Centralize most servers and other vital components in a single room of the main building, and place servers at each of the branch offices. Add security measures to areas where the servers and other components are located.
C. Decentralize servers and other vital components, and add security measures to areas where the servers and other components are located.
D. main building. Because the building prevents unauthorized access to visitors and other persons, there is no need to implement physical security in the server room.
Ans: A
A. Five
B. Six
C. Seven
D. Eight
Ans: B
A. DDos
B. Trojan Horse
C. Logic Bomb
D. Man-in-the-middle
Ans: D
A. Electrostatic discharge
B. Power outages
C. Chip creep
D. Poor air quality
Ans: C
A. 25
B. 110
C. 143
D. 389
Ans: B
A. Encryption of data
B. Access control
C. Nonrepudiation
D. Steganography
Ans: D
A. Diffie–Hellman
B. Rijndael
C. Blowfish
D. SHA-256
Ans: A
A. A symmetric algorithm provides better access control.
B. A symmetric algorithm is a faster process.
C. A symmetric algorithm provides nonrepudiation of delivery.
D. A symmetric algorithm is more difficult to implement.
Ans: B
A. Send a digital signature of the message to the recipient
B. Encrypt the message with a symmetric algorithm and send it
C. Encrypt the message with a private key so the recipient can decrypt with the corresponding public key
D. Create a checksum, append it to the message, encrypt the message, then send to recipient.
Ans: D
A. Protection of public keys of all users
B. History of symmetric keys
C. Proof of nonrepudiation of origin
D. Validation that a public key is associated with a particular user
Ans: D
A. 160 bits
B. 150 bits
C. 128 bits
D. 104 bits
Ans: A
A. Protection and secrecy of keys
B. Financial records and retention of encrypted data
C. Formalizing a key hierarchy
D. The lifespan of key-encrypting keys (KKMs)
Ans: A
A. Setting new key expiry dates
B. Updating the certificate revocation list
C. Removal of the private key from all directories
D. Notification to all employees of revoked keys
Ans: B
A. Link encryption encrypts routing information.
B. Link encryption is often used for Frame Relay or satellite links.
C. Link encryption is suitable for high-risk environments.
D. Link encryption provides better traffic flow confidentiality.
Ans: C
A. Encoder
B. Decoder wheel
C. Cryptovariable
D. Cryptographic routine
Ans: C
A. Diffusion
B. Confusion
C. Step function
D. SP-network
Ans: D
A. Substitution and transposition
B. Block and stream
C. Symmetric and asymmetric
D. DES and AES
Ans: C
A. Availability
B. Confidentiality
C. Integrity
D. Authenticity
Ans: D
A. Substitution ciphers
B. Transposition ciphers
C. Polyalphabetic ciphers
D. Inversion ciphers
Ans: C
A. Modular arithmetic
B. XOR mathematics
C. Factoring
D. Exponentiation
Ans: A
A. AES
B. DES
C. One-time pad
D. Triple DES
Ans: C
A. Picture files
B. Music files
C. Video files
D. All of the above
Ans: D
A. Violations of security policy.
B. Attempted violations of security policy.
C. Non-violations of security policy.
D. Attempted violations of allowed actions.
Ans: D
A. Standards
B. Guidelines
C. Procedures
D. Baselines
Ans: C
A. definition of overall steps of information security and the importance of security
B. statement of management intend, supporting the goals and principles of information security
C. definition of general and specific responsibilities for information security management
D. .description of specific technologies used in the field of information security
Ans: D