CISSP PRACTICE QUESTIONS – 20210725

Effective CISSP Questions

You generated a key pair and created a certificate signing request to apply for a certificate to support HTTPS on your web server. Which of the following is least likely to appear in the certificate signing request? (Wentz QOTD)
A. Your public key
B. A digital signature signed by your private key
C. Subject name in the format of X.500
D. A timestamp by the registry authority

Continue reading

CISSP PRACTICE QUESTIONS – 20210723

Effective CISSP Questions

Your company implemented a biometric system that matches fingerprints against the model database to control access to the computer room. An IT engineer is authorized to enter the computer room by the management but rejected by the system. Which of the following best describes the error? (Wentz QOTD)
A. False negative
B. False positive
C. Type I error
D. Type II error

Continue reading

CISSP PRACTICE QUESTIONS – 20210718

Effective CISSP Questions

Your organization’s top management requires data classified at a higher security level shall not flow to a subject with a lower level clearance, and classified data shall not be sent to anyone who doesn’t need to know in terms of their duty. Which of the following should be considered first to meet the policy requirements? (Wentz QOTD)
A. A management system aligned with the policy
B. A system based on state machine and information flow
C. An information system that supports the access control matrix
D. A lattice-based model that enforces mandatory access control

Continue reading

CISSP PRACTICE QUESTIONS – 20210717

Effective CISSP Questions

Your company implements a website and sells products online. A frequent customer is logging into the system. Which of the following authentication schemes is least likely to be implemented to validate the username and password against the directory that encrypts and stores all customer’s passwords? (Wentz QOTD)
A. Claim-based
B. Cleartext-based
C. Ciphertext-based
D. Checksum-based

Continue reading