« 返回题库列表CISSP全英文考试真题免费测试|最新真题答案+考试重点整理
问题 #1
Which of the following is currently the most recommended water system for a computer room?
A. pre-action
B. wet pipe
C. dry pipe
D. deluge
问题 #2
According to the ISC2, what should be the fire rating for the walls of an information processing facility?
A. All walls must have a one-hour minimum fire rating
B. All walls must have a one-hour minimum fire rating, except for walls to adjacent rooms where records such as paper and media are stored, which should have a two-hour minimum fire rating
C. All walls must have a two-hour minimum fire rating
D. All walls must have a two-hour minimum fire rating, except for walls to adjacent rooms where records such as paper and media are stored, which should have a three-hour minimum fire rating.
问题 #3
Which of the following suppresses the fuel supply of the fire?
A. soda acid
B. Co2
C. Halon
D. water
问题 #4
Which of the following is true about a "dry pipe" sprinkler system?
A. It is a substitute for carbon dioxide systems
B. It maximizes chances of accidental discharge of water
C. It minimizes chances of accidental discharge of water
D. It uses less water than "wet pipe" systems
问题 #5
The most prevalent cause of computer center fires is which of the following?
A. AC equipment
B. electrical distribution systems
C. heating systems
D. natural causes
问题 #6
What fire suppression system can be used in computer rooms that will not damage computers and is safe for humans?
A. Water
B. FM200
C. Halon
D. CO2
问题 #7
The following are fire detector types EXCEPT:
A. smoke activated
B. flame actuated
C. acoustical-seismic detection system
D. heat activated
问题 #8
Which fire class can water be most appropriate for?
A. Class A fires
B. Class B fires
C. Class C fires
D. Class D fires
问题 #9
Which one of the following actions should be taken FIRST after a fire has been detected?
A. Turn off power to the computers
B. Call the fire department
C. Notify management
D. Evacuate all personnel
问题 #10
Which of the following provides coordinated procedures for minimizing loss of life or injury and protecting property damage in response to a physical threat?
A. Business continuity plan
B. Incident response plan
C. Disaster recovery plan
D. Occupant emergency plan
问题 #11
Disaster Recovery Plan emergency produces is a plan of action that commences immediately to prevent or minimize property damage and to:
A. Prevent interruption of service.
B. Minimize embarrassment.
C. Prevent loss of life.
D. Evacuate the facility.
问题 #12
What is the PRIMARY concern during a disaster?
A. Recover of the critical functions.
B. Availability of a hot site.
C. Acceptable outage duration.
D. Personnel safety.
问题 #13
Which of the following elements is not included in a Public Key Infrastructure (PKI)?
A. Timestamping
B. Lightweight Directory Access Protocol (LDAP)
C. Certificate revocation
D. Internet Key Exchange (IKE)
问题 #14
In a Public Key Infrastructure (PKI) context, which of the following is a primary concern with LDAP servers?
A. Availability
B. Accountability
C. Confidentiality
D. Flexibility
问题 #15
What is NOT true with pre shared key authentication within IKE/IPsec protocol:
A. pre shared key authentication is normally based on simple passwords
B. needs a PKI to work
C. Only one preshared key for all VPN connections is needed
D. Costly key management on large user groups
问题 #16
What is the role of IKE within the IPsec protocol:
A. peer authentication and key exchange
B. data encryption
C. data signature
D. enforcing quality of service
问题 #17
In a Public Key Infrastructure, how are public keys published?
A. They are sent via e-mail
B. Through digital certificates
C. They are sent by owners
D. They are not published
问题 #18
Which of the following is defined as a key establishment protocol based on the Diffie-Hellman algorithm proposed for IPsec but superseded by IKE?
A. Diffie-Hellman Key Exchange Protocol
B. Internet Security Association and Key Management Protocol (ISAKMP)
C. Simple Key-management for Internet Protocols (SKIP)
D. OAKLEY
问题 #19
Which of the following defines the key exchange for Internet Protocol Security (IPSEC)?
A. Internet Security Association Key Management Protocol (ISAKMP)
B. Internet Key Exchange (IKE)
C. Security Key Exchange (SKE)
D. Internet Communication Messaging Protocol (ICMP)
问题 #20
A network of five nodes is using symmetrical keys to securely transmit data. How many new keys are required to re-establish secure communications to all nodes in the event there is a key compromise?
问题 #21
What is the effective key size of DES?
A. 56 bits
B. 64 bits
C. 128 bits
D. 1024 bits
问题 #22
Matches between which of the following are important because they represent references from one relation to another and establish the connection among these relations?
A. foreign key to primary key
B. foreign key to candidate key
C. candidate key to primary key
D. primary key to secondary key
问题 #23
Which of the following can best be defined as a key distribution protocol that uses hybrid encryption to convey session keys that are used to encrypt data in IP packets?
A. Internet Security Association and Key Management Protocol (ISKAMP)
B. Simple Key-Management for Internet Protocols (SKIP)
C. Diffie-Hellman Key Distribution Protocol
D. IPsec Key Exchange (IKE)
问题 #24
What is the PRIMARY advantage of secret key encryption systems as compared with public key systems?
A. Faster speed encryption
B. Longer key lengths
C. Easier key management
D. Can be implemented in software
问题 #25
In a cryptographic key distribution system, the master key is used to exchange?
A. Session keys
B. Public keys
C. Secret keys
D. Private keys
问题 #26
Which Application Layer security protocol requires two pair of asymmetric keys and two digital certificates?
A. PEM
B. S/HTTP
C. SET
D. SSL
问题 #27
Which of the following can be defined as an attribute in one relation that has values matching the primary key in another relation?
A. foreign key
B. candidate key
C. Primary key
D. Secondary key
问题 #28
What key size is used by the Clipper Chip?
A. 40 bits
B. 56 bits
C. 64 bits
D. 80 bits
问题 #29
What uses a key of the same length as the message?
A. Running key cipher
B. One-time pad
C. Steganography
D. Cipher block chaining
问题 #30
Which of the following statements related to a private key cryptosystem is FALSE?
A. The encryption key should be secure
B. Data Encryption Standard (DES) is a typical private key cryptosystem
C. The key used for decryption is known to the sender
D. Two different keys are used for the encryption and decryption
问题 #31
Simple Key Management for Internet Protocols (SKIP) is similar to Secure Sockets Layer (SSL), except that it requires no prior communication in order to establish or exchange keys on a:
A. Secure Private keyring basis
B. response-by-session basis
C. Remote Server basis
D. session-by-session basis
问题 #32
A weak key of an encryption algorithm has which of the following properties?
A. It is too short, and thus easily crackable
B. It facilitates attacks against the algorithm
C. It has much more zeroes than ones
D. It can only be used as a public key
问题 #33
Security measures that protect message traffic independently on each communication path are called:
A. Link oriented
B. Procedure oriented
C. Pass-through oriented
D. End-to-end oriented
问题 #34
Who is responsible for the security and privacy of data during a transmission on a public communications link?
A. The carrier
B. The sending
C. The receiving party
D. The local service provider
问题 #35
Which of the following best provides e-mail message authenticity and confidentiality?
问题 #36
Cryptography does not help in:
A. Detecting fraudulent insertion
B. Detecting fraudulent deletion
C. Detecting fraudulent modifications
D. Detecting fraudulent disclosure
问题 #37
Which of the following is NOT a property of a one-way hash function?
A. It converts a message of a fixed length into a message digest of arbitrary length
B. It is computationally infeasible to construct two different messages with the same digest
C. It converts a message of arbitrary length into a message digest of a fixed length
D. Given a digest value, it is computationally infeasible to find the corresponding message
问题 #38
How much more secure is 56 bit encryption opposed to 40 bit encryption?
A. 16 times
B. 256 times
C. 32768 times
D. 65,536 times
问题 #39
Which of the following statements is true about data encryption as a method of protecting data?
A. It should sometimes be used for password files
B. It is usually easily administered
C. It makes few demands on system resources
D. It requires careful key Management
问题 #40
The primary purpose for using one-way encryption of user passwords within a system is which of the following?
A. It prevents an unauthorized person from trying multiple passwords in one logon attempt
B. It prevents an unauthorized person from reading or modifying the password list
C. It minimizes the amount of storage required for user passwords
D. It minimizes the amount of processing time used for encrypting password
问题 #41
Which of the following is not a known type of Message Authentication Code (MAC)?
A. Hash function-based MAC
B. Block cipher-based MAC
C. Signature-based MAC
D. Stream cipher-based MAC
问题 #42
Which of the following was developed in order to protect against fraud in electronic fund transfers (EFT)?
A. Secure Electronic Transaction (SET)
B. Message Authentication Code (MAC)
C. Cyclic Redundency Check (CRC)
D. Secure Hash Standard (SHS)
问题 #43
Where parties do not have a shared secret and large quantities of sensitive information must be passed, the most efficient means of transferring information is to use a hybrid encryption technique. What does this mean?
A. Use of public key encryption to secure a secret key, and message encryption using the secret key
B': ") Use of the recipient's public key for encryption and decryption based on the recipient's private key", 'C. Use of software encryption assisted by a hardware encryption accelerator
D. Use of elliptic curve encryption
问题 #44
One-way hash provides:
A. Confidentiality
B. Availability
C. Integrity
D. Authentication
问题 #45
What size is an MD5 message digest (hash)?
A. 128 bits
B. 160 bits
C. 256 bits
D. 128 bytes
问题 #46
Which of the following is NOT a property of a one-way hash function?
A. It converts a message of a fixed length into a message digest of arbitrary length.
B. It is computationally infeasible to construct two different messages with the same digest
C. It converts a message of arbitrary length into a message digest of a fixed length
D. Given a digest value, it is computationally infeasible to find the corresponding message
问题 #47
Which of the following would best describe a Concealment cipher?
A. Permutation is used, meaning that letters are scrambled
B. Every X number of words within a text, is a part of the real message
C. Replaces bits, characters, or blocks of characters with different bits, characters, or blocks.
D. Hiding data in another message so that the very existence of the data is concealed.
问题 #48
Which of the following ciphers is a subset of the Vignere polyalphabetic cipher?
A. Caesar
B. Jefferson
C. Alberti
D. SIGABA
问题 #49
Which of the following is not a property of the Rijndael block cipher algorithm?
A. Resistance against all known attacks
B. Design simplicity
C. 512 bits maximum key size
D. Code compactness on a wide variety of platforms
问题 #50
What are two types of ciphers?
A. Transposition and Permutation
B. Transposition and Shift
C. Transposition and Substitution
D. Substitution and Replacement
问题 #51
Which one of the following, if embedded within the ciphertext, will decrease the likelihood of a message being replayed?
A. Stop bit
B. Checksum
C. Timestamp
D. Digital signature
问题 #52
Which of the following statements pertaining to block ciphers is incorrect?
A. it operates on fixed-size blocks of plaintext
B. it is more suitable for software than hardware implementation
C. Plain text is encrypted with a public key and decrypted with a private key
D. Block ciphers can be operated as a stream
问题 #53
The repeated use of the algorithm to encipher a message consisting of many blocks is called
A. Cipher feedback
B. Elliptical curve
C. Cipher block chaining
D. Triple DES
问题 #54
When block chaining cryptography is used, what type of code is calculated and appended to the data to ensure authenticity?
A. Message authentication code.
B. Ciphertext authentication code
C. Cyclic redundancy check
D. Electronic digital signature
问题 #55
Which of the following statements pertaining to block ciphers is incorrect?
A. It operates on fixed-size blocks of plaintext
B. It is more suitable for software than hardware implementations
C. Plain text is encrypted with a public key and decrypted with a private key
D. Block ciphers can be operated as a stream
问题 #56
Which of the following is a symmetric encryption algorithm?
A. RSA
B. Elliptic Curve
C. RC5
D. El Gamal
问题 #57
How many bits is the effective length of the key of the Data Encryption Standard Algorithm?
问题 #58
Compared to RSA, which of the following is true of elliptic curse cryptography?
A. It has been mathematically proved to be the more secure
B. It has been mathematically proved to be less secure
C. It is believed to require longer keys for equivalent security
D. It is believed to require shorter keys for equivalent security
问题 #59
Which of the following is not a one-way algorithm?
A. MD2
B. RC2
C. SHA-1
D. DSA
问题 #60
A public key algorithm that does both encryption and digital signature is which of the following?
A. RSA
B. DES
C. IDEA
D. DSS
问题 #61
Which of the following encryption algorithms does not deal with discrete logarithms?
A. El Gamal
B. Diffie-Hellman
C. RSA
D. Elliptic Curve
问题 #62
The RSA algorithm is an example of what type of cryptography?
A. Asymmetric key
B. Symmetric key
C. Secret Key
D. Private Key
问题 #63
How many rounds are used by DES?
问题 #64
Which of the following is the most secure form of triple-DES encryption?
A. DES-EDE3
B. DES-EDE1
C. DES-EEE4
D. DES-EDE2
问题 #65
Which of the following algorithms does *NOT* provide hashing?
A. SHA-1
B. MD2
C. RC4
D. MD5
问题 #66
Which of the following is unlike the other three?
A. El Gamal
B. Teardrop
C. Buffer Overflow
D. Smurf
问题 #67
Which of the following is not an encryption algorithm?
A. Skipjack
B. SHA-1
C. Twofish
D. DEA
问题 #68
Which one of the following is an asymmetric algorithm?
A. Data Encryption Algorithm.
B. Data Encryption Standard
C. Enigma
D. Knapsack
问题 #69
Which of the following is *NOT* a symmetric key algorithm?
A. Blowfish
B. Digital Signature Standard (DSS)
C. Triple DES (3DES)
D. RC5
问题 #70
Which of the following layers is not used by the Rijndael algorithm?
A. Non-linear layer
B. Transposition layer
C. Key addition layer
D. The linear mixing layer
问题 #71
What is the basis for the Rivest-Shamir-Adelman (RSA) algorithm scheme?
A. Permutations
B. Work factor
C. Factorability
D. Reversivibility
问题 #72
Which of the following encryption algorithms does not deal with discrete logarithms?
A. El Gamal
B. Diffie-Hellman
C. RSA
D. Elliptic Curve
问题 #73
The RSA Algorithm uses which mathematical concept as the basis of its encryption?
A. Geometry
B. Irrational numbers
C. PI (3.14159...)
D. Large prime numbers
问题 #74
PGP uses which of the following to encrypt data?
A. An asymmetric scheme
B. A symmetric scheme
C. a symmetric key distribution system
D. An asymmetric key distribution
问题 #75
Which of the following mail standards relies on a "Web of Trust"?
A. Secure Multipurpose Internet Mail extensions (S/MIME)
B. Pretty Good Privacy (PGP)
C. MIME Object Security Services (MOSS)
D. Privacy Enhanced Mail (PEM)
问题 #76
Which of the following offers confidentiality to an e-mail message?
问题 #77
Which of the following items should not be retained in an E-mail directory?
A. drafts of documents
B. copies of documents
C. permanent records
D. temporary documents
问题 #78
In a Secure Electronic Transaction (SET), how many certificates are required for a payment gateway to support multiple acquires?
A. Two certificates for the gateway only.
B. Two certificates for the gateway and two for the acquirers.
C. Two certificates for each acquirer.
D. Two certificates for the gateway and two for each acquirer.
问题 #79
Which protocol makes use of an electronic wallet on a customer's PC and sends encrypted credit card information to merchant's Web server, which digitally signs it and sends it on to its processing bank?
A. SSH
B. S/MIME
C. SET
D. SSL
问题 #80
Which of the following best describes the Secure Electronic Transaction (SET) protocol?
A. Originated by VISA and MasterCard as an Internet credit card protocol
B. Originated by VISA and MasterCard as an Internet credit card protocol using digital signatures
C. Originated by VISA and MasterCard as an Internet credit card protocol using the transport layer
D. Originated by VISA and MasterCard as an Internet credit card protocol using SSL
问题 #81
Which of the following would best define the "Wap Gap" security issue?
A': ") The processing capability gap between wireless devices and PC's", 'B': ") The fact that WTLS transmissions have to be decrypted at the carrier's WAP gateway to be re-encrypted with SSL for use over wired networks. ", 'C.The fact that Wireless communications are far easier to intercept than wired communications
D. The inability of wireless devices to implement strong encryption
问题 #82
What encryption algorithm is best suited for communication with handheld wireless devices?
问题 #83
Which security measure BEST provides non-repudiation in electronic mail?
A. Digital signature
B. Double length Key Encrypting Key (KEK)
C. Message authentication
D. Triple Data Encryption Standard (DES)
问题 #84
Which of the following services is not provided by the digital signature standard (DSS)?
A. Encryption
B. Integrity
C. Digital signature
D. Authentication
问题 #85
Public key cryptography provides integrity verification through the use of public key signature and?
A. Secure hashes
B. Zero knowledge
C. Private key signature
D. Session key
问题 #86
Electronic signatures can prevent messages from being:
A. Erased
B. Disclosed
C. Repudiated
D. Forwarded
问题 #87
Why do vendors publish MD5 hash values when they provide software patches for their customers to download from the Internet?
A': "Recipients can verify the software's integrity after downloading. ", 'B. Recipients can confirm the authenticity of the site from which they are downloading the patch.
C. Recipients can request future updates to the software by using the assigned hash value.
D. Recipients need the hash value to successfully activate the new software.
问题 #88
What attribute is included in a X.509-certificate?
A. Distinguished name of subject
B. Telephone number of the department
C. secret key of the issuing CA
D. the key pair of the certificate holder
问题 #89
What is used to bind a document to it's creation at a particular time?
A. Network Time Protocol (NTP)
B. Digital Signature
C. Digital Timestamp
D. Certification Authority (CA)
问题 #90
What attribute is included in a X-509-certificate?
A. Distinguished name of the subject
B. Telephone number of the department
C. Secret key of the issuing CA
D. The key pair of the certificate holder
问题 #91
Which of the following standards concerns digital certificates?
A. X.400
B. X.25
C. X.509
D. X.75
问题 #92
What level of assurance for a digital certificate only requires an e-mail address?
A. Level 0
B. Level 1
C. Level 2
D. Level 3
问题 #93
The "revocation request grace period" is defined as:
A. The period for to the user within he must make a revocation request upon a revocation reason
B. Minimum response time for performing a revocation by the CA
C. Maximum response time for performing a revocation by the CA
D. Time period between the arrival of a revocation reason and the publication of the revocation information
问题 #94
What enables users to validate each other's certificate when they are certified under different certification hierarchies?
A. Cross-certification
B. Multiple certificates
C. Redundant certificate authorities
D. Root certification authorities
问题 #95
Digital signature users register their public keys with a certification authority, which distributes a certificate containing the user's public key and digital signature of the certification authority. In creating the certificate, the user's public key an
A. Certificate issuer and the Digital Signature Algorithm identifier
B': "User's private key and the identifier of the master key code", 'C. Name of secure channel and the identifier of the protocol type
D. Key authorization and identifier of key distribution center
问题 #96
What level of assurance for digital certificate verifies a user's name, address, social security number, and other information against a credit bureau database?
A. Level 1
B. Level 2
C. Level 3
D. Level 4
问题 #97
Which one of the following security technologies provides safeguards for authentication before securely sending information to a web server?
A. Secure/Multipurpose Internet Mail Extension (S/MIME)
B. Common Gateway Interface (CGI) scripts
C. Applets
D. Certificates
问题 #98
The primary role of cross certification is:
A. Creating trust between different PKIs
B. Build an overall PKI hierarchy
C. set up direct trust to a second root CA
D. Prevent the nullification of user certifications by CA certificate revocation
问题 #99
Windows 98 includes the ability to check the digitally signed hardware drivers. Which of the following are true?
A. Drivers are the only files supplied with W98 that can checked for digital signatures and all drivers included with W98 have been digitally signed
B. If a file on a windows W98 has been digitally signed it means that the file has passed quality testing by Microsoft.
C. The level to which signature checking is implemented could only be changed by editing the registry
D. All of the statements are true
问题 #100
What is the purpose of certification path validation?
A. Checks the legitimacy of the certificates in the certification path.
B. Checks that all certificates in the certification path refer to same certification practice statement.
C. Checks that no revoked certificates exist outside the certification path.
D. Checks that the names in the certification path are the same.
闽公网安备 35012102500533号
|
闽ICP备18010967号-7