You are applying for a certificate to support HTTPS on a webserver for E-Commerce. Which of the following should you submit to the registration authority? (Wentz QOTD)
A. The openssl utility and 3072 bits key.
B. The key pair and government-issued ID.
C. The certificate signing request only.
D. The certificate signing request and the private key.
Monthly Archives: June 2021
Free ZeroSSL for 3 Months
CISSP PRACTICE QUESTIONS – 20210629
You are evaluating cryptographic functions to encrypt data transmitted on networks. Which of the following is incorrect? (Wentz QOTD)
A. Triple DES3-EEE means three keys are involved.
B. AES uses a larger block size than DES.
C. AES may not involve an initiation vector.
D. AES specifies block and key sizes that may be any multiple of 32 bits.
CISSP PRACTICE QUESTIONS – 20210628
You are encrypting data using a well-known block cipher in CBC mode with a randomly generated symmetric key, yHj7rXtKd/Q4EdIIEDifQFrid2w=, to communicate with a peer host on an 802.3 Ethernet. A middle man captured the traffic and happened to decrypt the ciphertext using another key, zycATbEloWRKFo5C9MfgrjXeCTk=, during the cryptanalysis process. Which of the following best describes the phenomenon? (Wentz QOTD)
A. Collision detection
B. Server pharming
C. Key clustering
D. Hash collision
CISSP PRACTICE QUESTIONS – 20210627
You are collecting and eliciting stakeholders’ security needs and requirements in a software development project. Which of the following is the least likely tool or technique used? (Wentz QOTD)
A. Fuzzer
B. Misuse case
C. Data flow diagram
D. Requirement traceability matrix
CISSP PRACTICE QUESTIONS – 20210626
You are developing a server that collects data from branches. To ensure data in transit is not tampered with and the identity of data origin is authentic, which of the following is the best cryptographic function that meets the security requirement? (Wentz QOTD)
A. SHA
B. 802.1X
C. Skipjack
D. CBC-MAC
WUSON Practice Field POC Completed!
A simple test engine is about to support my QOTDs:)Technologies used:
- Cloud Services (API, Docker, SQL) on Azure
- Web API and Auth0 (OIDC/OAuth2)
- Microservices-based design
- Microsoft .NET 5.0
- Legacy Windows Forms App
CISSP考試心得 – Lorenzo Yang
CISSP PRACTICE QUESTIONS – 20210625
Which of the following is the least reasonable pairing relationship in terms of network access control? (Wentz QOTD)
A. Supplicants and the Authentication Server per 802.1X
B. Network Access Servers and the Authentication Server per RADIUS
C. VPN clients and the Network Access Server per L2TP
D. Wireless devices and the Access Point per PEAP