Effective CISSP Questions

Which of the following statements about cryptographic hash is least correct? (Source: Wentz QOTD)
A. A hash function always produces the same hash if given the same message
B. A hash function might produce the same hash if given distinct messages
C. The time of computing hash typically increases exponentially with the message size
D. Implementation of the digital signature can be as simple as encrypting a message digest by the sender’s private key

Continue reading


Effective CISSP Questions

You are actively engaging in the open-source community of cryptography and reviewing the source code of a stream cipher to implement on mobile apps. Which of the following is the best justification for selecting the open-source cipher instead of AES? (Source: Wentz QOTD)
A. Shorter key length
B. Lower requirement for hardware capacity
C. Stronger work factor
D. Open design

Continue reading

To which layer do OSPF and BGP belong?

According to RFC 1812, to which layer do OSPF and BGP belong, Application or Internet Layer? To your surprise, the answer is the Application layer.

TCP/IP Model

It depends on the model you are following. RFC 1812 apparently stands for the TCP/IP model. OSPF and BGP belong to the Application Layer.

BGP and OSP belong to Application Layer

Routing Protocols in Application Laye

ISO Model

From the perspective of ISO 7498-1, the OSI Basic Reference Model, it is generally accepted that they belong to the Network Layer. Any relay functions and hop-by-hop service enhancement protocols used to support the network-service between the OSI end systems are operating below the Transport Layer, i.e. within the Network Layer or below.

Source: ISO 7498-1



Effective CISSP Questions

Users report connections to the enterprise information portal (EIP) often timed out because of poor network performance. As a security analyst, you suspect it can be resulted from denial-of-service (DOS) or distributed DOS (DOS) attacks. You connect your laptop to the mirror port of the core switching hub and start capturing traffic in promiscuous mode. Which of the following attack targets is least likely to appear in the captured traffic? (Source: Wentz QOTD)

Continue reading

No 2 of the 19 Best New Security Certifications eBooks To Read In 2020

19 Best New Security Cerfifications eBooks To Read In 2020

Really pleased to know my book, The Effective CISSP: Security and Risk Management, is ranked as the No 2 of the 19 Best New Security Certifications eBooks To Read In 2020 by BookAuthority.

CISSP Exam Prep Materials


As featured on CNN, Forbes and Inc – BookAuthority identifies and rates the best books in the world, based on public mentions, recommendations, ratings and sentiment.