New Year Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: cramtick70

ISSAP ISSAP Information Systems Security Architecture Professional Questions and Answers

Questions 4

Which of the following ports must be opened on the firewall for the VPN connection using Point-to-Point Tunneling Protocol (PPTP)?

Options:

A.

TCP port 110

B.

TCP port 443

C.

TCP port 5060

D.

TCP port 1723

Buy Now
Questions 5

Which of the following encryption modes has the property to allow many error correcting codes to function normally even when applied before encryption?

Options:

A.

OFB mode

B.

CFB mode

C.

CBC mode

D.

PCBC mode

Buy Now
Questions 6

You work as a Network Administrator for NetTech Inc. The company's network is connected to the Internet. For security, you want to restrict unauthorized access to the network with minimum administrative effort. You want to implement a hardware-based solution. What will you do to accomplish this?

Options:

A.

Connect a brouter to the network.

B.

Implement a proxy server on the network.

C.

Connect a router to the network.

D.

Implement firewall on the network.

Buy Now
Questions 7

Which of the following categories of access controls is deployed in the organization to prevent all direct contacts with systems?

Options:

A.

Detective access control

B.

Physical access control

C.

Technical access control

D.

Administrative access control

Buy Now
Questions 8

Your customer is concerned about security. He wants to make certain no one in the outside world can see the IP addresses inside his network. What feature of a router would accomplish this?

Options:

A.

Port forwarding

B.

NAT

C.

MAC filtering

D.

Firewall

Buy Now
Questions 9

Which of the following statements about Discretionary Access Control List (DACL) is true?

Options:

A.

It specifies whether an audit activity should be performed when an object attempts to access a resource.

B.

It is a unique number that identifies a user, group, and computer account.

C.

It is a list containing user accounts, groups, and computers that are allowed (or denied) access to the object.

D.

It is a rule list containing access control entries.

Buy Now
Questions 10

Which of the following are the countermeasures against a man-in-the-middle attack? Each correct answer represents a complete solution. Choose all that apply.

Options:

A.

Using public key infrastructure authentication.

B.

Using basic authentication.

C.

Using Secret keys for authentication.

D.

Using Off-channel verification.

Buy Now
Questions 11

Computer networks and the Internet are the prime mode of Information transfer today. Which of the following is a technique used for modifying messages, providing Information and Cyber security, and reducing the risk of hacking attacks during communications and message passing over the Internet?

Options:

A.

Risk analysis

B.

Firewall security

C.

Cryptography

D.

OODA loop

Buy Now
Questions 12

Which of the following types of halon is found in portable extinguishers and is stored as a liquid?

Options:

A.

Halon-f

B.

Halon 1301

C.

Halon 11

D.

Halon 1211

Buy Now
Questions 13

Which of the following does PEAP use to authenticate the user inside an encrypted tunnel? Each correct answer represents a complete solution. Choose two.

Options:

A.

GTC

B.

MS-CHAP v2

C.

AES

D.

RC4

Buy Now
Questions 14

Which of the following firewalls inspects the actual contents of packets?

Options:

A.

Packet filtering firewall

B.

Stateful inspection firewall

C.

Application-level firewall

D.

Circuit-level firewall

Buy Now
Questions 15

Which of the following methods of encryption uses a single key to encrypt and decrypt data?

Options:

A.

Asymmetric

B.

Symmetric

C.

S/MIME

D.

PGP

Buy Now
Questions 16

In which of the following Person-to-Person social engineering attacks does an attacker pretend to be an outside contractor, delivery person, etc., in order to gain physical access to the organization?

Options:

A.

In person attack

B.

Third-party authorization attack

C.

Impersonation attack

D.

Important user posing attack

Buy Now
Questions 17

You are the Security Administrator for a consulting firm. One of your clients needs to encrypt traffic. However, he has specific requirements for the encryption algorithm. It must be a symmetric key block cipher. Which of the following should you choose for this client?

Options:

A.

PGP

B.

SSH

C.

DES

D.

RC4

Buy Now
Questions 18

Jasmine is creating a presentation. She wants to ensure the integrity and authenticity of the presentation. Which of the following will she use to accomplish the task?

Options:

A.

Mark as final

B.

Digital Signature

C.

Restrict Permission

D.

Encrypt Document

Buy Now
Questions 19

You work as a Network Administrator for McNeil Inc. The company has a TCP/IP-based network. Performance of the network is slow because of heavy traffic. A hub is used as a central connecting device in the network. Which of the following devices can be used in place of a hub to control the network traffic efficiently?

Options:

A.

Repeater

B.

Bridge

C.

Switch

D.

Router

Buy Now
Questions 20

The service-oriented modeling framework (SOMF) provides a common modeling notation to address alignment between business and IT organizations. Which of the following principles does the SOMF concentrate on? Each correct answer represents a part of the solution. Choose all that apply.

Options:

A.

Disaster recovery planning

B.

SOA value proposition

C.

Software assets reuse

D.

Architectural components abstraction

E.

Business traceability

Buy Now
Questions 21

Which of the following refers to a location away from the computer center where document copies and backup media are kept?

Options:

A.

Storage Area network

B.

Off-site storage

C.

On-site storage

D.

Network attached storage

Buy Now
Questions 22

Which of the following elements of planning gap measures the gap between the total potential for the market and the actual current usage by all the consumers in the market?

Options:

A.

Project gap

B.

Product gap

C.

Competitive gap

D.

Usage gap

Buy Now
Questions 23

You work as a Network Administrator for NetTech Inc. You want to have secure communication on the company's intranet. You decide to use public key and private key pairs. What will you implement to accomplish this?

Options:

A.

Microsoft Internet Information Server (IIS)

B.

VPN

C.

FTP server

D.

Certificate server

Buy Now
Questions 24

Which of the following tenets does the CIA triad provide for which security practices are measured? Each correct answer represents a part of the solution. Choose all that apply.

Options:

A.

Integrity

B.

Accountability

C.

Availability

D.

Confidentiality

Buy Now
Questions 25

Which of the following attacks can be overcome by applying cryptography?

Options:

A.

Web ripping

B.

DoS

C.

Sniffing

D.

Buffer overflow

Buy Now
Questions 26

Which of the following authentication methods prevents unauthorized execution of code on remote systems?

Options:

A.

TACACS

B.

S-RPC

C.

RADIUS

D.

CHAP

Buy Now
Questions 27

You work as a Network Administrator of a TCP/IP network. You are having DNS resolution problem. Which of the following utilities will you use to diagnose the problem?

Options:

A.

TRACERT

B.

PING

C.

IPCONFIG

D.

NSLOOKUP

Buy Now
Questions 28

Which of the following protocols provides the highest level of VPN security with a VPN connection that uses the L2TP protocol?

Options:

A.

IPSec

B.

PPPoE

C.

PPP

D.

TFTP

Buy Now
Questions 29

A user is sending a large number of protocol packets to a network in order to saturate its resources and to disrupt connections to prevent communications between services. Which type of attack is this?

Options:

A.

Denial-of-Service attack

B.

Vulnerability attack

C.

Social Engineering attack

D.

Impersonation attack

Buy Now
Questions 30

Which of the following layers of the OSI model corresponds to the Host-to-Host layer of the TCP/IP model?

Options:

A.

The transport layer

B.

The presentation layer

C.

The session layer

D.

The application layer

Buy Now
Questions 31

Which of the following protocols uses the Internet key Exchange (IKE) protocol to set up security associations (SA)?

Options:

A.

IPSec

B.

L2TP

C.

LEAP

D.

ISAKMP

Buy Now
Questions 32

You work as an Incident handling manager for a company. The public relations process of the company includes an event that responds to the e-mails queries. But since few days, it is identified that this process is providing a way to spammers to perform different types of e-mail attacks. Which of the following phases of the Incident handling process will now be involved in resolving this process and find a solution? Each correct answer represents a part of the solution. Choose all that apply.

Options:

A.

Identification

B.

Eradication

C.

Recovery

D.

Contamination

E.

Preparation

Buy Now
Questions 33

You work as a Network Administrator for Net Soft Inc. You are designing a data backup plan for your company's network. The backup policy of the company requires high security and easy recovery of data. Which of the following options will you choose to accomplish this?

Options:

A.

Take a full backup daily and use six-tape rotation.

B.

Take a full backup on Monday and a differential backup on each of the following weekdays. Keep Monday's backup offsite.

C.

Take a full backup daily with the previous night's tape taken offsite.

D.

Take a full backup on alternate days and keep rotating the tapes.

E.

Take a full backup on Monday and an incremental backup on each of the following weekdays. Keep Monday's backup offsite.

F.

Take a full backup daily with one tape taken offsite weekly.

Buy Now
Questions 34

Which of the following is the process of finding weaknesses in cryptographic algorithms and obtaining the plaintext or key from the ciphertext?

Options:

A.

Kerberos

B.

Cryptography

C.

Cryptographer

D.

Cryptanalysis

Buy Now
Questions 35

You work as a Security Manager for Tech Perfect Inc. A number of people are involved with you in the DRP efforts. You have maintained several different types of plan documents, intended for different audiences. Which of the following documents will be useful for you as well as public relations personnel who require a non-technical perspective on the entire organization's disaster recovery efforts?

Options:

A.

Technical guide

B.

Executive summary

C.

Checklist

D.

Department-specific plan

Buy Now
Exam Code: ISSAP
Exam Name: ISSAP Information Systems Security Architecture Professional
Last Update: Dec 26, 2024
Questions: 237
ISSAP pdf

ISSAP PDF

$25.5  $84.99
ISSAP Engine

ISSAP Testing Engine

$30  $99.99
ISSAP PDF + Engine

ISSAP PDF + Testing Engine

$40.5  $134.99