ISC2 CISSP-ISSAP Paper 2021

Testking offers free demo for CISSP-ISSAP exam. "Information Systems Security Architecture Professional", also known as CISSP-ISSAP exam, is a ISC2 Certification. This set of posts, Passing the ISC2 CISSP-ISSAP exam, will help you answer those questions. The CISSP-ISSAP Questions & Answers covers all the knowledge points of the real exam. 100% real ISC2 CISSP-ISSAP exams and revised by experts!

NEW QUESTION 1
You are the Security Consultant advising a company on security methods. This is a highly secure location that deals with sensitive national defense related data. They are very concerned about physical security as they had a breach last month. In that breach an individual had simply grabbed a laptop and ran out of the building. Which one of the following would have been most effective in preventing this?

  • A. Not using laptop
  • B. Keeping all doors locked with a guar
  • C. Using a man-tra
  • D. A sign in lo

Answer: C

NEW QUESTION 2
Which of the following protocols multicasts messages and information among all member devices in an IP multicast group?

  • A. ARP
  • B. ICMP
  • C. TCP
  • D. IGMP

Answer: D

NEW QUESTION 3
CORRECT TEXT
In which of the following alternative processing sites is the backup facility maintained in a constant order, with a full complement of servers, workstations, and communication links ready to assume the primary operations responsibility?

  • A. Hot Site
  • B. Mobile Site
  • C. Warm Site
  • D. Cold Site

Answer: A

NEW QUESTION 4
Which of the following terms refers to a mechanism which proves that the sender really sent a particular message?

  • A. Integrity
  • B. Confidentiality
  • C. Authentication
  • D. Non-repudiation

Answer: D

NEW QUESTION 5
Which of the following protocols work at the Network layer of the OSI model?

  • A. Routing Information Protocol (RIP)
  • B. File Transfer Protocol (FTP)
  • C. Simple Network Management Protocol (SNMP)
  • D. Internet Group Management Protocol (IGMP)

Answer: AD

NEW QUESTION 6
Which of the following are the centralized administration technologies? Each correct answer represents a complete solution. Choose all that apply.

  • A. RADIUS
  • B. TACACS+
  • C. Media Access control
  • D. Peer-to-Peer

Answer: AB

NEW QUESTION 7
Maria works as a Network Security Officer for Gentech Inc. She wants to encrypt her network traffic. The specific requirement for the encryption algorithm is that it must be a symmetric key block cipher. Which of the following techniques will she use to fulfill this requirement?

  • A. IDEA
  • B. PGP
  • C. DES
  • D. AES

Answer: C

NEW QUESTION 8
You work as a Network Administrator for McNeil Inc. The company has a TCP/IP-based network. Performance of the network is slow because of heavy traffic. A hub is used as a central connecting device in the network. Which of the following devices can be used in place of a hub to control the network traffic efficiently?

  • A. Repeater
  • B. Bridge
  • C. Switch
  • D. Router

Answer: C

NEW QUESTION 9
You work as a Network Administrator of a TCP/IP network. You are having DNS resolution problem. Which of the following utilities will you use to diagnose the problem?

  • A. TRACERT
  • B. PING
  • C. IPCONFIG
  • D. NSLOOKUP

Answer: D

NEW QUESTION 10
Adam works as a Network Administrator. He discovers that the wireless AP transmits 128 bytes of plaintext, and the station responds by encrypting the plaintext. It then transmits the resulting ciphertext using the same key and cipher that are used by WEP to encrypt subsequent network traffic. Which of the following types of authentication mechanism is used here?

  • A. Pre-shared key authentication
  • B. Open system authentication
  • C. Shared key authentication
  • D. Single key authentication

Answer: C

NEW QUESTION 11
You work as a Network Administrator for Blue Bell Inc. The company has a TCP-based network. The company has two offices in different cities. The company wants to connect the two offices by using a public network. You decide to configure a virtual private network (VPN) between the offices. Which of the following protocols is used by VPN for tunneling?

  • A. L2TP
  • B. HTTPS
  • C. SSL
  • D. IPSec

Answer: A

NEW QUESTION 12
You work as a Network Administrator for NetTech Inc. The company wants to encrypt its e-mails. Which of the following will you use to accomplish this?

  • A. PGP
  • B. PPTP
  • C. IPSec
  • D. NTFS

Answer: A

NEW QUESTION 13
The Public Key Infrastructure (PKI) is a set of hardware, software, people, policies, and procedures needed to create, manage, distribute, use, store, and revoke digital certificates. Which of the following components does the PKI use to list those certificates that have been revoked or are no longer valid?

  • A. Certification Practice Statement
  • B. Certificate Policy
  • C. Certificate Revocation List
  • D. Certification Authority

Answer: C

NEW QUESTION 14
Which of the following schemes is used by the Kerberos authentication?

  • A. Public key cryptography
  • B. One time password
  • C. Private key cryptography
  • D. OPIE

Answer: C

NEW QUESTION 15
You work as an Incident handling manager for Orangesect Inc. You detect a virus attack incident in the network of your company. You develop a signature based on the characteristics of the detected virus. Which of the following phases in the Incident handling process will utilize the signature to resolve this incident?

  • A. Eradication
  • B. Identification
  • C. Recovery
  • D. Containment

Answer: A

NEW QUESTION 16
John used to work as a Network Administrator for We-are-secure Inc. Now he has resigned from the company for personal reasons. He wants to send out some secret information of the company. To do so, he takes an image file and simply uses a tool image hide and embeds the secret file within an image file of the famous actress, Jennifer Lopez, and sends it to his Yahoo mail id. Since he is using the image file to send the data, the mail server of his company is unable to filter this mail. Which of the following techniques is he performing to accomplish his task?

  • A. Email spoofing
  • B. Social engineering
  • C. Web ripping
  • D. Steganography

Answer: D

NEW QUESTION 17
Which of the following protocols should a Chief Security Officer configure in the network of his company to protect sessionless datagram protocols?

  • A. SWIPE
  • B. S/MIME
  • C. SKIP
  • D. SLIP

Answer: C

NEW QUESTION 18
You work as a Network Administrator for Net Soft Inc. You are designing a data backup plan for your company's network. The backup policy of the company requires high security and easy recovery of data. Which of the following options will you choose to accomplish this?

  • A. Take a full backup daily and use six-tape rotatio
  • B. Take a full backup on Monday and a differential backup on each of the following weekday
  • C. Keep Monday's backup offsit
  • D. Take a full backup daily with the previous night's tape taken offsit
  • E. Take a full backup on alternate days and keep rotating the tape
  • F. Take a full backup on Monday and an incremental backup on each of the following weekday
  • G. Keep Monday's backup offsit
  • H. Take a full backup daily with one tape taken offsite weekl

Answer: C

NEW QUESTION 19
Which of the following statements about Public Key Infrastructure (PKI) are true? Each correct answer represents a complete solution. Choose two.

  • A. It uses symmetric key pair
  • B. It provides security using data encryption and digital signatur
  • C. It uses asymmetric key pair
  • D. It is a digital representation of information that identifies user

Answer: BC

NEW QUESTION 20
You work as a Network Consultant. A company named Tech Perfect Inc. hires you for security reasons. The manager of the company tells you to establish connectivity between clients and servers of the network which prevents eavesdropping and tampering of data on the Internet. Which of the following will you configure on the network to perform the given task?

  • A. WEP
  • B. IPsec
  • C. VPN
  • D. SSL

Answer: D

NEW QUESTION 21
You work as a Chief Security Officer for Tech Perfect Inc. The company has an internal room without any window and is totally in darkness. For security reasons, you want to place a device in the room. Which of the following devices is best for that room?

  • A. Photoelectric motion detector
  • B. Badge
  • C. Closed-circuit television
  • D. Alarm

Answer: A

NEW QUESTION 22
You want to connect a twisted pair cable segment to a fiber-optic cable segment. Which of the following networking devices will you use to accomplish the task?

  • A. Hub
  • B. Switch
  • C. Repeater
  • D. Router

Answer: C

NEW QUESTION 23
You work as a Network Administrator for NetTech Inc. The company's network is connected to the Internet. For security, you want to restrict unauthorized access to the network with minimum administrative effort. You want to implement a hardware-based solution. What will you do to accomplish this?

  • A. Connect a brouter to the networ
  • B. Implement a proxy server on the networ
  • C. Connect a router to the networ
  • D. Implement firewall on the networ

Answer: D

NEW QUESTION 24
Which of the following are types of access control attacks? Each correct answer represents a complete solution. Choose all that apply.

  • A. Dictionary attack
  • B. Mail bombing
  • C. Spoofing
  • D. Brute force attack

Answer: BCD

NEW QUESTION 25
Which of the following are used to suppress paper or wood fires? Each correct answer represents a complete solution. Choose two.

  • A. Soda acid
  • B. Kerosene
  • C. Water
  • D. CO2

Answer: AC

NEW QUESTION 26
Your company is covered under a liability insurance policy, which provides various liability coverage for information security risks, including any physical damage of assets, hacking attacks, etc. Which of the following risk management techniques is your company using?

  • A. Risk acceptance
  • B. Risk avoidance
  • C. Risk transfer
  • D. Risk mitigation

Answer: C

NEW QUESTION 27
Which of the following statements are true about Public-key cryptography? Each correct answer represents a complete solution. Choose two.

  • A. Data encrypted with the secret key can only be decrypted by another secret ke
  • B. The secret key can encrypt a message, and anyone with the public key can decrypt i
  • C. The distinguishing technique used in public key-private key cryptography is the use of symmetric key algorithm
  • D. Data encrypted by the public key can only be decrypted by the secret ke

Answer: BD

NEW QUESTION 28
You are the Security Consultant and have been contacted by a client regarding their encryption and hashing algorithms. Their in-house network administrator tells you that their current hashing algorithm is an older one with known weaknesses and is not collision resistant.Which algorithm are they most likely using for hashing?

  • A. PKI
  • B. SHA
  • C. Kerberos
  • D. MD5

Answer: D

NEW QUESTION 29
......

P.S. Easily pass CISSP-ISSAP Exam with 237 Q&As 2passeasy Dumps & pdf Version, Welcome to Download the Newest 2passeasy CISSP-ISSAP Dumps: https://www.2passeasy.com/dumps/CISSP-ISSAP/ (237 New Questions)