CISSP(Certified Information Systems Security Professional) Interview Questions & Answers

Question 1. When You Want To Filter Packets That Traverse The Network, What Should You Do?

Answer :

You can use packet filtering to block certain packets from entering and traveling over a network. This is usually done on a firewall that has a public-facing IP on the Internet to protect internal users.

Question 2. What Could You Use To Encrypt Email Transmissions?

Answer :

Email is not a secure transmission, so some companies choose to encrypt communication. You can use PGP, which is software that lets you encrypt email messages with a public-private key combination.

Question 3. You Want To Allow Users To Connect Remotely, What Would You Use To Allow Them To Connect To The Internal Network From The Internet?

Answer :

VPN. A Virtual Private Network allows users to “tunnel” from the Internet to the private network. You would still have a firewall and security in place, but the VPN protects user information and hides data sent from the user’s home computer to the private network.

Question 4. What Protocol Broadcasts Messages Across All Devices?

Answer :

IGMP is Internet Group Management Protocol. It’s a communication protocol that lets adjacent routers and communication devices send packets across the network as a whole instead of direct to another host. It’s used mostly for streaming such as videos and gaming.

Question 5. What Is Used In Cryptography To Hide A Message?

Answer :

A cipher is a way to mask a plain text message into another message. It’s used in cryptography to jumble text so that the sender and receiver are the only two people who can decipher the message and read its content.

Question 6. What Type Of Access Control Lets Groups Of Users Access A Resource?

Answer :

Role based access control puts users into buckets. These buckets or roles are then assigned to specific areas of the network. This makes it much easier to keep track of users who have access to resources.

Question 7. What Can You Use To Authenticate Asymmetric Keys?

Answer :

Digital signatures are used to decipher asymmetric keys. Asymmetric keys are used to send and receive messages. The sender and receiver decipher messages using a public and private key.

Question 8. What Is A Denial Of Service Attack?

Answer :

A denial of service attack sends a massive amount of packets to another network in an effort to saturate the resources, crash them, and force the resources to become unavailable.

Question 9. What Is A Distributed Denial Of Service Attack?

Answer :

since routers can detect and block denial of service attacks, hackers use distributed denial of service attacks using other computers that have some kind of Trojan horse or virus that allows the attacker to use the machine for a denial of service attack.

Question 10. What Type Of Attack Uses Conversations And “salesmanship?”

Answer :

A social engineering attack is when the attacker tries to get the user to tell him a password through telephone, email, or other type of conversation.