New Year Special Sale - Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: mxmas70

Home > ISC > ISC certification > ISSAP

ISSAP ISSAP Information Systems Security Architecture Professional Question and Answers

Question # 4

Which of the following terms related to risk management represents the estimated frequency at which a threat is expected to occur?

A.

Safeguard

B.

Annualized Rate of Occurrence (ARO)

C.

Single Loss Expectancy (SLE)

D.

Exposure Factor (EF)

Full Access
Question # 5

A company named Money Builders Inc., hires you to provide consultancy for setting up their Windows network. The company's server room will be in a highly secured environment. You are required to suggest an authentication method for it. The CFO of the company wants the server to use thumb impressions for authentication. Which of the following authentication methods will you suggest?

A.

Certificate

B.

Smart card

C.

Two-factor

D.

Biometrics

Full Access
Question # 6

You work as a Network Administrator for McNeil Inc. The company has a TCP/IP-based network. Performance of the network is slow because of heavy traffic. A hub is used as a central connecting device in the network. Which of the following devices can be used in place of a hub to control the network traffic efficiently?

A.

Repeater

B.

Bridge

C.

Switch

D.

Router

Full Access
Question # 7

Which of the following keys are included in a certificate revocation list (CRL) of a public key infrastructure (PKI)? Each correct answer represents a complete solution. Choose two.

A.

A foreign key

B.

A private key

C.

A public key

D.

A primary key

Full Access
Question # 8

Which of the following user authentications are supported by the SSH-1 protocol but not by the SSH-2 protocol? Each correct answer represents a complete solution. Choose all that apply.

A.

TIS authentication

B.

Rhosts (rsh-style) authentication

C.

Kerberos authentication

D.

Password-based authentication

Full Access
Question # 9

Which of the following are the phases of the Certification and Accreditation (C&A) process? Each correct answer represents a complete solution. Choose two.

A.

Detection

B.

Continuous Monitoring

C.

Initiation

D.

Auditing

Full Access
Question # 10

Which of the following is a network service that stores and organizes information about a network users and network resources and that allows administrators to manage users' access to the resources?

A.

SMTP service

B.

Terminal service

C.

Directory service

D.

DFS service

Full Access
Question # 11

Which of the following types of ciphers operates on a group of bits rather than an individual character or bit of a message?

A.

Block cipher

B.

Classical cipher

C.

Substitution cipher

D.

Stream cipher

Full Access
Question # 12

Which of the following decides access control on an object in the mandatory access control (MAC) environment?

A.

Sensitivity label

B.

Event log

C.

System Access Control List (SACL)

D.

Security log

Full Access
Question # 13

Which of the following components come under the network layer of the OSI model? Each correct answer represents a complete solution. Choose two.

A.

Routers

B.

MAC addresses

C.

Firewalls

D.

Hub

Full Access
Question # 14

Which of the following authentication methods prevents unauthorized execution of code on remote systems?

A.

TACACS

B.

S-RPC

C.

RADIUS

D.

CHAP

Full Access
Question # 15

Which of the following tenets does the CIA triad provide for which security practices are measured? Each correct answer represents a part of the solution. Choose all that apply.

A.

Integrity

B.

Accountability

C.

Availability

D.

Confidentiality

Full Access
Question # 16

Which of the following types of firewall functions at the Session layer of OSI model?

A.

Circuit-level firewall

B.

Application-level firewall

C.

Packet filtering firewall

D.

Switch-level firewall

Full Access
Question # 17

Which of the following is an entry in an object's discretionary access control list (DACL) that grants permissions to a user or group?

A.

Access control entry (ACE)

B.

Discretionary access control entry (DACE)

C.

Access control list (ACL)

D.

Security Identifier (SID)

Full Access
Question # 18

Which of the following attacks allows the bypassing of access control lists on servers or routers, and helps an attacker to hide? Each correct answer represents a complete solution. Choose two.

A.

DNS cache poisoning

B.

MAC spoofing

C.

IP spoofing attack

D.

DDoS attack

Full Access
Question # 19

Which of the following are the centralized administration technologies? Each correct answer represents a complete solution. Choose all that apply.

A.

RADIUS

B.

TACACS+

C.

Media Access control

D.

Peer-to-Peer

Full Access
Question # 20

Your company is covered under a liability insurance policy, which provides various liability coverage for information security risks, including any physical damage of assets, hacking attacks, etc. Which of the following risk management techniques is your company using?

A.

Risk acceptance

B.

Risk avoidance

C.

Risk transfer

D.

Risk mitigation

Full Access
Question # 21

A network is configured on a Bus topology. Which of the following conditions could cause a network failure? Each correct answer represents a complete solution. Choose all that apply.

A.

A break in a network cable

B.

75 ohm terminators at open ends

C.

A powered off workstation

D.

An open-ended cable without terminators

Full Access
Question # 22

Which of the following is the duration of time and a service level within which a business process must be restored after a disaster in order to avoid unacceptable consequences associated with a break in business continuity?

A.

RCO

B.

RTO

C.

RPO

D.

RTA

Full Access
Question # 23

You have decided to implement video surveillance in your company in order to enhance network security. Which of the following locations must have a camera in order to provide the minimum level of security for the network resources? Each correct answer represents a complete solution. Choose two.

A.

Parking lot

B.

All hallways

C.

Server Rooms

D.

All offices

E.

All entrance doors

Full Access
Question # 24

In which of the following network topologies does the data travel around a loop in a single direction and pass through each device?

A.

Ring topology

B.

Tree topology

C.

Star topology

D.

Mesh topology

Full Access
Question # 25

Which of the following statements best describes a certification authority?

A.

A certification authority is a technique to authenticate digital documents by using computer cryptography.

B.

A certification authority is a type of encryption that uses a public key and a private key pair for data encryption.

C.

A certification authority is an entity that issues digital certificates for use by other parties.

D.

A certification authority is a type of encryption that uses a single key to encrypt and decrypt data.

Full Access
Question # 26

Which of the following is a technique used for modifying messages, providing Information and Cyber security, and reducing the risk of hacking attacks during communications and message passing over the Internet?

A.

Risk analysis

B.

OODA loop

C.

Cryptography

D.

Firewall security

Full Access
Question # 27

Which of the following is a method for transforming a message into a masked form, together with a way of undoing the transformation to recover the message?

A.

Cipher

B.

CrypTool

C.

Steganography

D.

MIME

Full Access
Question # 28

Adam works as a Security Analyst for Umbrella Inc. CEO of the company ordered him to implement two-factor authentication for the employees to access their networks. He has told him that he would like to use some type of hardware device in tandem with a security or identifying pin number. Adam decides to implement smart cards but they are not cost effective. Which of the following types of hardware devices will Adam use to implement two-factor authentication?

A.

Biometric device

B.

One Time Password

C.

Proximity cards

D.

Security token

Full Access
Question # 29

Which of the following encryption modes can make protocols without integrity protection even more susceptible to replay attacks, since each block gets decrypted in exactly the same way?

A.

Cipher feedback mode

B.

Cipher block chaining mode

C.

Output feedback mode

D.

Electronic codebook mode

Full Access
Question # 30

Which of the following intrusion detection systems (IDS) monitors network traffic and compares it against an established baseline?

A.

Network-based

B.

Anomaly-based

C.

File-based

D.

Signature-based

Full Access
Question # 31

You are the Network Administrator for a college. You watch a large number of people (some not even students) going in and out of areas with campus computers (libraries, computer labs, etc.). You have had a problem with laptops being stolen. What is the most cost effective method to prevent this?

A.

Smart card access to all areas with computers.

B.

Use laptop locks.

C.

Video surveillance on all areas with computers.

D.

Appoint a security guard.

Full Access
Question # 32

You want to implement a network topology that provides the best balance for regional topologies in terms of the number of virtual circuits, redundancy, and performance while establishing a WAN network. Which of the following network topologies will you use to accomplish the task?

A.

Bus topology

B.

Fully meshed topology

C.

Star topology

D.

Partially meshed topology

Full Access
Question # 33

Which of the following is used to authenticate asymmetric keys?

A.

Digital signature

B.

MAC Address

C.

Demilitarized zone (DMZ)

D.

Password

Full Access
Question # 34

Which of the following is an input device that is used for controlling machines such as cranes, trucks, underwater unmanned vehicles, wheelchairs, surveillance cameras, and zero turning radius lawn mowers?

A.

PS/2

B.

Joystick

C.

Microphone

D.

AGP

Full Access
Question # 35

Which of the following disaster recovery tests includes the operations that shut down at the primary site, and are shifted to the recovery site according to the disaster recovery plan?

A.

Structured walk-through test

B.

Simulation test

C.

Full-interruption test

D.

Parallel test

Full Access