New Year Special 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: save70

Free and Premium ISC ISSAP Dumps Questions Answers

Page: 1 / 9
Total 237 questions

ISSAP Information Systems Security Architecture Professional Questions and Answers

Question 1

Which of the following life cycle modeling activities establishes service relationships and message exchange paths?

Options:

A.

Service-oriented logical design modeling

B.

Service-oriented conceptual architecture modeling

C.

Service-oriented discovery and analysis modeling

D.

Service-oriented business integration modeling

Buy Now
Question 2

Which of the following layers of the OSI model provides non-repudiation services?

Options:

A.

The application layer

B.

The data-link layer

C.

The presentation layer

D.

The physical layer

Question 3

Which of the following attacks allows the bypassing of access control lists on servers or routers, and helps an attacker to hide? Each correct answer represents a complete solution. Choose two.

Options:

A.

DNS cache poisoning

B.

MAC spoofing

C.

IP spoofing attack

D.

DDoS attack

Question 4

You work as a Network Administrator for NetTech Inc. When you enter in the browser 's address bar, you are able to access the site. But, you are unable to access the site when you enter What is the most likely cause?

Options:

A.

The site's Web server is offline.

B.

The site's Web server has heavy traffic.

C.

WINS server has no NetBIOS name entry for the server.

D.

DNS entry is not available for the host name.

Question 5

In which of the following phases of the SDLC does the software and other components of the system faithfully incorporate the design specifications and provide proper documentation and training?

Options:

A.

Initiation

B.

Programming and training

C.

Design

D.

Evaluation and acceptance

Question 6

Which of the following statements are true about Public-key cryptography? Each correct answer represents a complete solution. Choose two.

Options:

A.

Data encrypted with the secret key can only be decrypted by another secret key.

B.

The secret key can encrypt a message, and anyone with the public key can decrypt it.

C.

The distinguishing technique used in public key-private key cryptography is the use of symmetric key algorithms.

D.

Data encrypted by the public key can only be decrypted by the secret key.

Question 7

Which of the following processes identifies the threats that can impact the business continuity of operations?

Options:

A.

Function analysis

B.

Risk analysis

C.

Business impact analysis

D.

Requirement analysis

Question 8

You work as an Incident handling manager for a company. The public relations process of the company includes an event that responds to the e-mails queries. But since few days, it is identified that this process is providing a way to spammers to perform different types of e-mail attacks. Which of the following phases of the Incident handling process will now be involved in resolving this process and find a solution? Each correct answer represents a part of the solution. Choose all that apply.

Options:

A.

Identification

B.

Eradication

C.

Recovery

D.

Contamination

E.

Preparation

Question 9

Adam works as a Network Administrator. He discovers that the wireless AP transmits 128 bytes of plaintext, and the station responds by encrypting the plaintext. It then transmits the resulting ciphertext using the same key and cipher that are used by WEP to encrypt subsequent network traffic. Which of the following types of authentication mechanism is used here?

Options:

A.

Pre-shared key authentication

B.

Open system authentication

C.

Shared key authentication

D.

Single key authentication

Question 10

You work as a Network Administrator for Net Perfect Inc. The company has a Linux-based network. You need to configure a firewall for the company. The firewall should be able to keep track of the state of network connections traveling across the network. Which of the following types of firewalls will you configure to accomplish the task?

Options:

A.

Stateful firewall

B.

Host-based application firewall

C.

A network-based application layer firewall

D.

An application firewall

Question 11

You are advising a school district on disaster recovery plans. In case a disaster affects the main IT centers for the district they will need to be able to work from an alternate location. However, budget is an issue. Which of the following is most appropriate for this client?

Options:

A.

Warm site

B.

Cold site

C.

Off site

D.

Hot site

Question 12

You are the Security Administrator for a consulting firm. One of your clients needs to encrypt traffic. However, he has specific requirements for the encryption algorithm. It must be a symmetric key block cipher. Which of the following should you choose for this client?

Options:

A.

PGP

B.

SSH

C.

DES

D.

RC4

Question 13

At which of the following layers of the Open System Interconnection (OSI) model the Internet Control Message Protocol (ICMP) and the Internet Group Management Protocol (IGMP) work?

Options:

A.

The Physical layer

B.

The Data-Link layer

C.

The Network layer

D.

The Presentation layer

Question 14

In which of the following cryptographic attacking techniques does the attacker pick up the information to be encrypted and take a copy of it with the encrypted data?

Options:

A.

Chosen ciphertext attack

B.

Known plaintext attack

C.

Chosen plaintext attack

D.

Ciphertext only attack

Question 15

Which of the following methods offers a number of modeling practices and disciplines that contribute to a successful service-oriented life cycle management and modeling?

Options:

A.

Service-oriented modeling framework (SOMF)

B.

Service-oriented modeling and architecture (SOMA)

C.

Sherwood Applied Business Security Architecture (SABSA)

D.

Service-oriented architecture (SOA)

Question 16

Jasmine is creating a presentation. She wants to ensure the integrity and authenticity of the presentation. Which of the following will she use to accomplish the task?

Options:

A.

Mark as final

B.

Digital Signature

C.

Restrict Permission

D.

Encrypt Document

Question 17

Which of the following password authentication schemes enables a user with a domain account to log on to a network once, using a password or smart card, and to gain access to multiple computers in the domain without being prompted to log in again?

Options:

A.

Single Sign-On

B.

One-time password

C.

Dynamic

D.

Kerberos

Question 18

The OSI reference model is divided into layers and each layer has a specific task to perform. At which layer of OSI model is the File and Print service performed?

Options:

A.

Session layer

B.

Presentation layer

C.

Transport layer

D.

Application layer

Question 19

Which of the following protocols provides connectionless integrity and data origin authentication of IP packets?

Options:

A.

ESP

B.

AH

C.

IKE

D.

ISAKMP

Question 20

Which of the following is used to authenticate asymmetric keys?

Options:

A.

Digital signature

B.

MAC Address

C.

Demilitarized zone (DMZ)

D.

Password

Question 21

Andrew works as a Network Administrator for Infonet Inc. The company's network has a Web server that hosts the company's Web site. Andrew wants to increase the security of the Web site by implementing Secure Sockets Layer (SSL). Which of the following types of encryption does SSL use? Each correct answer represents a complete solution. Choose two.

Options:

A.

Synchronous

B.

Secret

C.

Asymmetric

D.

Symmetric

Question 22

Which of the following statements about incremental backup are true? Each correct answer represents a complete solution. Choose two.

Options:

A.

It is the fastest method of backing up data.

B.

It is the slowest method for taking a data backup.

C.

It backs up the entire database, including the transaction log.

D.

It backs up only the files changed since the most recent backup and clears the archive bit.

Question 23

Maria works as a Network Security Officer for Gentech Inc. She wants to encrypt her network traffic. The specific requirement for the encryption algorithm is that it must be a symmetric key block cipher. Which of the following techniques will she use to fulfill this requirement?

Options:

A.

IDEA

B.

PGP

C.

DES

D.

AES

Question 24

John used to work as a Network Administrator for We-are-secure Inc. Now he has resigned from the company for personal reasons. He wants to send out some secret information of the company. To do so, he takes an image file and simply uses a tool image hide and embeds the secret file within an image file of the famous actress, Jennifer Lopez, and sends it to his Yahoo mail id. Since he is using the image file to send the data, the mail server of his company is unable to filter this mail. Which of the following techniques is he performing to accomplish his task?

Options:

A.

Email spoofing

B.

Social engineering

C.

Web ripping

D.

Steganography

Question 25

Which of the following should the administrator ensure during the test of a disaster recovery plan?

Options:

A.

Ensure that the plan works properly

B.

Ensure that all the servers in the organization are shut down.

C.

Ensure that each member of the disaster recovery team is aware of their responsibility.

D.

Ensure that all client computers in the organization are shut down.

Question 26

You work as an Incident handling manager for Orangesect Inc. You detect a virus attack incident in the network of your company. You develop a signature based on the characteristics of the detected virus. Which of the following phases in the Incident handling process will utilize the signature to resolve this incident?

Options:

A.

Eradication

B.

Identification

C.

Recovery

D.

Containment

Question 27

Which of the following protocols uses the Internet key Exchange (IKE) protocol to set up security associations (SA)?

Options:

A.

IPSec

B.

L2TP

C.

LEAP

D.

ISAKMP

Question 28

Which of the following protocols multicasts messages and information among all member devices in an IP multicast group?

Options:

A.

ARP

B.

ICMP

C.

TCP

D.

IGMP

Question 29

Which of the following protocols uses public-key cryptography to authenticate the remote computer?

Options:

A.

SSH

B.

Telnet

C.

SCP

D.

SSL

Question 30

Which of the following protocols is used to compare two values calculated using the Message Digest (MD5) hashing function?

Options:

A.

CHAP

B.

PEAP

C.

EAP

D.

EAP-TLS

Question 31

A network is configured on a Bus topology. Which of the following conditions could cause a network failure? Each correct answer represents a complete solution. Choose all that apply.

Options:

A.

A break in a network cable

B.

75 ohm terminators at open ends

C.

A powered off workstation

D.

An open-ended cable without terminators

Question 32

Which of the following are the primary components of a discretionary access control (DAC) model? Each correct answer represents a complete solution. Choose two.

Options:

A.

User's group

B.

File and data ownership

C.

Smart card

D.

Access rights and permissions

Question 33

Which of the following encryption modes can make protocols without integrity protection even more susceptible to replay attacks, since each block gets decrypted in exactly the same way?

Options:

A.

Cipher feedback mode

B.

Cipher block chaining mode

C.

Output feedback mode

D.

Electronic codebook mode

Question 34

Which of the following devices is a least expensive power protection device for filtering the electrical stream to control power surges, noise, power sags, and power spikes?

Options:

A.

Line Conditioner

B.

Surge Suppressor

C.

Uninterrupted Power Supply (UPS)

D.

Expansion Bus

Question 35

Which of the following protocols is designed to efficiently handle high-speed data over wide area networks (WANs)?

Options:

A.

PPP

B.

X.25

C.

Frame relay

D.

SLIP

Page: 1 / 9
Total 237 questions