- (Topic 6)
Which of the following was designed as a more fault-tolerant topology than Ethernet, and very resilient when properly implemented?

1. A. Token Link.
2. B. Token system.
3. C. Token Ring.
4. D. Duplicate ring.

Correct Answer: C
Token Ring was designed to be a more fault-tolerant topology than Ethernet, and can be a very resilient topology when properly implemented.
Source: KRUTZ, Ronald L. & VINES, Russel D., The CISSP Prep Guide: Mastering the Ten Domains of Computer Security, 2001, John Wiley & Sons, Page 72.

- (Topic 3)
If an organization were to monitor their employees' e-mail, it should not:

1. A. Monitor only a limited number of employees.
2. B. Inform all employees that e-mail is being monitored.
3. C. Explain who can read the e-mail and how long it is backed up.
4. D. Explain what is considered an acceptable use of the e-mail system.

Correct Answer: A
Monitoring has to be conducted is a lawful manner and applied in a consistent fashion; thus should be applied uniformly to all employees, not only to a small number.
Source: KRUTZ, Ronald L. & VINES, Russel D., The CISSP Prep Guide: Mastering the Ten Domains of Computer Security, John Wiley & Sons, 2001, Chapter 9: Law, Investigation, and Ethics (page 304).

- (Topic 4)
Which of the following backup method must be made regardless of whether Differential or Incremental methods are used?

1. A. Full Backup Method.
2. B. Incremental backup method.
3. C. Supplemental backup method.
4. D. Tape backup method.

Correct Answer: A
A Full Backup must be made regardless of whether Differential or Incremental methods are used.
Source: KRUTZ, Ronald L. & VINES, Russel D., The CISSP Prep Guide: Mastering the Ten Domains of Computer Security, 2001, John Wiley & Sons, Page 69.
And: HARRIS, Shon, All-In-One CISSP Certification Exam Guide, McGraw-Hill/Osborne, 2002, chapter 9: Disaster Recovery and Business continuity (pages 617-619).

- (Topic 4)
Which of the following backup methods is most appropriate for off-site archiving?

1. A. Incremental backup method
2. B. Off-site backup method
3. C. Full backup method
4. D. Differential backup method

Correct Answer: C
The full backup makes a complete backup of every file on the system every time it is run. Since a single backup set is needed to perform a full restore, it is appropriate for off-site archiving.
Source: KRUTZ, Ronald L. & VINES, Russel D., The CISSP Prep Guide: Mastering the Ten Domains of Computer Security, John Wiley & Sons, 2001, Chapter 3: Telecommunications and Network Security (page 69).

- (Topic 5)
Which of the following is not an encryption algorithm?

1. A. Skipjack
2. B. SHA-1
3. C. Twofish
4. D. DEA

Correct Answer: B
The SHA-1 is a hashing algorithm producing a 160-bit hash result from any data. It does not perform encryption.
In cryptography, SHA-1 is a cryptographic hash function designed by the United States National Security Agency and published by the United States NIST as a U.S. Federal Information Processing Standard.
SHA stands for "secure hash algorithm". The four SHA algorithms are structured differently
and are distinguished as SHA-0, SHA-1, SHA-2, and SHA-3. SHA-1 is very similar to SHA- 0, but corrects an error in the original SHA hash specification that led to significant weaknesses. The SHA-0 algorithm was not adopted by many applications. SHA-2 on the other hand significantly differs from the SHA-1 hash function.
SHA-1 is the most widely used of the existing SHA hash functions, and is employed in several widely used applications and protocols.
In 2005, cryptanalysts found attacks on SHA-1 suggesting that the algorithm might not be secure enough for ongoing use. NIST required many applications in federal agencies to move to SHA-2 after 2010 because of the weakness. Although no successful attacks have yet been reported on SHA-2, they are algorithmically similar to SHA-1.
In 2012, following a long-running competition, NIST selected an additional algorithm, Keccak, for standardization as SHA-3
NOTE:
A Cryptographic Hash Function is not the same as an Encryption Algorithm even thou both are Algorithms. An algorithm is defined as a step-by-step procedure for calculations. Hashing Algorithm do not encrypt the data. People sometimes will say they encrypted a password with SHA-1 but really they simply created a Message Digest of the password using SHA-1, putting the input through a series of steps to come out with the message digest or hash value.
A cryptographic hash function is a hash function; that is, an algorithm that takes an arbitrary block of data and returns a fixed-size bit string, the (cryptographic) hash value, such that any (accidental or intentional) change to the data will (with very high probability) change the hash value. The data to be encoded are often called the "message," and the hash value is sometimes called the message digest or simply digest.
Encryption Algorithms are reversible but Hashing Algorithms are not meant to be reversible if the input is large enough.
The following are incorrect answers:
The Skipjack algorithm is a Type II block cipher with a block size of 64 bits and a key size of 80 bits that was developed by NSA and formerly classified at the U.S. Department of Defense "Secret" level.
Twofish is a freely available 128-bit block cipher designed by Counterpane Systems (Bruce
Schneier et al.).
DEA is a symmetric block cipher, defined as part of the U.S. Government's Data Encryption Standard (DES). DEA uses a 64-bit key, of which 56 bits are independently chosen and 8 are parity bits, and maps a 64-bit block into another 64-bit block.
Reference(s) used for this question: http://en.wikipedia.org/wiki/SHA-1
and
SHIREY, Robert W., RFC2828: Internet Security Glossary, may 2000. and
Counterpane Labs, at http://www.counterpane.com/twofish.html.