CISSP · topic practice

Communication and Network Security practice questions

Practise Certified Information Systems Security Professional CISSP Communication and Network Security practice questions — original exam-style scenarios with answer choices, explanations, and analysis of common mistakes.

Courseiva uses original exam-style practice questions designed for learning and revision. The goal is to understand the concepts, recognise exam patterns, and improve through explanations — not memorise copied exam dumps.

Reviewed byJohnson Ajibi· MSc IT Security
20 questionsDomain: Communication and Network Security

What the exam tests

What to know about Communication and Network Security

Communication and Network Security questions test whether you can apply the concept in context, not just recognise a definition.

How the topic appears in realistic exam-style scenarios.

Which detail in the question changes the correct answer.

How to eliminate plausible but wrong options.

How to connect the question back to the wider exam objective.

Watch out for

Common Communication and Network Security exam traps

  • Answering from memory before reading the full scenario.
  • Missing a constraint such as cost, availability, security, scope or command context.
  • Choosing a broad answer when the question asks for the most specific fix.
  • Ignoring why the wrong options are tempting.

Practice set

Communication and Network Security questions

20 questions · select your answer, then reveal the explanation

A security analyst observes a network attack where an attacker sends forged ARP messages to associate the attacker's MAC address with the IP address of the default gateway. This attack occurs at which layer of the OSI model?

Question 2hardmultiple choice
Read the full VPN explanation →

An organization is deploying a VPN solution for remote employees. The security team requires a modern protocol with perfect forward secrecy, uses elliptic curve cryptography, and is known for its efficient, minimal codebase. Which VPN protocol should they choose?

A security engineer is configuring a firewall that makes decisions based on source/destination IP addresses and port numbers without tracking the state of connections. Which type of firewall is this?

During a security assessment, a penetration tester sends TCP SYN packets to various ports on a target server. Based on the responses, the tester determines which ports are open. This technique is commonly used at which OSI layer?

An organization wants to secure email communications by providing encryption and digital signatures. They require a solution that uses a web of trust model rather than a hierarchical PKI. Which protocol should they implement?

A network administrator is configuring SNMPv3 for monitoring network devices. The organization requires both authentication and encryption of SNMP traffic. Which combination of protocols should be used to meet this requirement?

Question 7easymultiple choice
Read the full wireless explanation →

Which wireless security protocol replaces the pre-shared key (PSK) authentication with Simultaneous Authentication of Equals (SAE) to provide stronger security and forward secrecy?

Question 8mediummultiple choice
Read the full wireless explanation →

A security analyst discovers an attack where an attacker sets up a rogue wireless access point with a legitimate SSID to trick users into connecting. Once connected, the attacker captures credentials. This type of attack is known as:

An organization is implementing network segmentation. They need to place publicly accessible servers (e.g., web and email) in a separate network that is isolated from the internal LAN but still allows controlled access from the internet. Which architecture should they use?

Question 10hardmultiple choice
Read the full DNS explanation →

A company deploys DNSSEC to protect its DNS infrastructure. Which cryptographic operation does DNSSEC primarily use to ensure the authenticity and integrity of DNS data?

Which of the following is a key feature of TLS 1.3 that enhances security compared to earlier versions?

A security architect is designing a zero-trust network. Which principle is fundamental to a zero-trust architecture (ZTA) such as BeyondCorp?

Question 13hardmultiple choice
Read the full VPN explanation →

A network engineer is configuring an IPsec VPN in tunnel mode. Which IPsec protocol provides both authentication and encryption of the entire IP packet?

Which type of firewall is capable of inspecting application-layer data, performing SSL decryption, and integrating intrusion prevention capabilities?

A company uses SSH for remote administration. To enhance security, they want to implement public-key authentication. Which statement about SSH public-key authentication is true?

Question 16mediummulti select
Open the full VLAN trunking answer →

A security team is reviewing network segmentation strategies. Which TWO of the following are benefits of using VLANs? (Select TWO.)

Question 17hardmulti select
Read the full wireless explanation →

An organization is deploying a wireless network with WPA3-Enterprise. Which THREE of the following are features or improvements of WPA3 compared to WPA2? (Select THREE.)

A security administrator is evaluating secure file transfer protocols. Which THREE of the following protocols provide encryption for data in transit? (Select THREE.)

After a recent security audit, a network administrator discovers that an attacker has been intercepting traffic by associating with a legitimate access point's MAC address and broadcasting a stronger signal. Which type of attack has occurred?

An organization is implementing network segmentation to enhance security. They create a DMZ to host public-facing servers and want to ensure that if a server is compromised, the attacker cannot pivot to the internal network. Which firewall placement best achieves this?

Free account

Track your progress over time

Create a free account to save your results and see which topics improve across sessions.

Focused Communication and Network Security sessions

Start a Communication and Network Security only practice session

Every question in these sessions is drawn from the Communication and Network Security domain — nothing else.

Related practice questions

Related CISSP topic practice pages

Move into related areas when this topic feels solid.

Frequently asked questions

What does the CISSP exam test about Communication and Network Security?
Communication and Network Security questions test whether you can apply the concept in context, not just recognise a definition.
How should I use these practice questions?
Select your answer before revealing the explanation. Then read why each option is right or wrong — this active recall approach builds retention far faster than re-reading notes.
Can I practise just Communication and Network Security questions in a focused session?
Yes — the session launcher on this page draws every question from the Communication and Network Security domain. Use a 10-question session first to gauge your baseline, then move to 20 or 30 once the weak spots are clear.
Where can I practise other CISSP topics?
Use the topic links above to move to related areas, or go back to the CISSP question bank to see all topics.
Are these real exam questions or dumps?
These are original practice questions written to test the same concepts the CISSP exam covers. They are not copied from any real exam or dump site.