High Quality CISSP-ISSAP Bible 2019

we provide Free ISC2 CISSP-ISSAP exam answers which are the best for clearing CISSP-ISSAP test, and to get certified by ISC2 Information Systems Security Architecture Professional. The CISSP-ISSAP Questions & Answers covers all the knowledge points of the real CISSP-ISSAP exam. Crack your ISC2 CISSP-ISSAP Exam with latest dumps, guaranteed!

NEW QUESTION 1
Which of the following protocols is used to compare two values calculated using the Message Digest (MD5) hashing function?

  • A. CHAP
  • B. PEAP
  • C. EAP
  • D. EAP-TLS

Answer: A

NEW QUESTION 2
Which of the following methods offers a number of modeling practices and disciplines that contribute to a successful service-oriented life cycle management and modeling?

  • A. Service-oriented modeling framework (SOMF)
  • B. Service-oriented modeling and architecture (SOMA)
  • C. Sherwood Applied Business Security Architecture (SABSA)
  • D. Service-oriented architecture (SOA)

Answer: A

NEW QUESTION 3
The OSI reference model is divided into layers and each layer has a specific task to perform. At which layer of OSI model is the File and Print service performed?

  • A. Session layer
  • B. Presentation layer
  • C. Transport layer
  • D. Application layer

Answer: D

NEW QUESTION 4
In which of the following types of tests are the disaster recovery checklists distributed to the members of disaster recovery team and asked to review the assigned checklist?

  • A. Parallel test
  • B. Simulation test
  • C. Full-interruption test
  • D. Checklist test

Answer: D

NEW QUESTION 5
Which of the following firewalls inspects the actual contents of packets?

  • A. Packet filtering firewall
  • B. Stateful inspection firewall
  • C. Application-level firewall
  • D. Circuit-level firewall

Answer: C

NEW QUESTION 6
Which of the following plans is designed to protect critical business processes from natural or man-made failures or disasters and the resultant loss of capital due to the unavailability of normal business processes?

  • A. Disaster recovery plan
  • B. Contingency plan
  • C. Business continuity plan
  • D. Crisis communication plan

Answer: C

NEW QUESTION 7
You are responsible for security at a hospital. Since many computers are accessed by multiple employees 24 hours a day, 7 days a week, controlling physical access to computers is very difficult. This is compounded by a high number of non employees moving through the building. You are concerned about unauthorized access to patient records. What would best solve this problem?

  • A. The use of CHA
  • B. Time of day restriction
  • C. The use of smart card
  • D. Video surveillance of all computer

Answer: C

NEW QUESTION 8
Which of the following protocols uses public-key cryptography to authenticate the remote computer?

  • A. SSH
  • B. Telnet
  • C. SCP
  • D. SSL

Answer: A

NEW QUESTION 9
Kerberos is a computer network authentication protocol that allows individuals communicating over a non-secure network to prove their identity to one another in a secure manner. Which of the following statements are true about the Kerberos authentication scheme? Each correct answer represents a complete solution. Choose all that apply.

  • A. Kerberos requires continuous availability of a central serve
  • B. Dictionary and brute force attacks on the initial TGS response to a client may reveal the subject's password
  • C. Kerberos builds on Asymmetric key cryptography and requires a trusted third part
  • D. Kerberos requires the clocks of the involved hosts to be synchronize

Answer: ABD

NEW QUESTION 10
Which of the following protocols provides certificate-based authentication for virtual private networks (VPNs)?

  • A. PPTP
  • B. SMTP
  • C. HTTPS
  • D. L2TP

Answer: D

NEW QUESTION 11
Which of the following authentication methods prevents unauthorized execution of code on remote systems?

  • A. TACACS
  • B. S-RPC
  • C. RADIUS
  • D. CHAP

Answer: B

NEW QUESTION 12
You work as an administrator for Techraft Inc. Employees of your company create 'products', which are supposed to be given different levels of access. You need to configure a security policy in such a way that an employee (producer of the product) grants accessing privileges (such as read, write, or alter) for his product. Which of the following access control models will you use to accomplish this task?

  • A. Discretionary access control (DAC)
  • B. Role-based access control (RBAC)
  • C. Mandatory access control (MAC)
  • D. Access control list (ACL)

Answer: A

NEW QUESTION 13
Which of the following types of ciphers operates on a group of bits rather than an individual character or bit of a message?

  • A. Block cipher
  • B. Classical cipher
  • C. Substitution cipher
  • D. Stream cipher

Answer: A

NEW QUESTION 14
You work as a Network Administrator for company Inc. The company has deployed an ASA at the network perimeter. Which of the following types of firewall will you use to create two different communications, one between the client and the firewall, and the other between the firewall and the end server?

  • A. Stateful firewall
  • B. Endian firewall
  • C. Packet filter firewall
  • D. Proxy-based firewall

Answer: D

NEW QUESTION 15
You are the Network Administrator for a bank. In addition to the usual security issues, you are concerned that your customers could be the victim of phishing attacks that use fake bank Web sites. Which of the following would protect against this?

  • A. MAC
  • B. Mutual authentication
  • C. Three factor authentication
  • D. Two factor authentication

Answer: B

NEW QUESTION 16
In which of the following SDLC phases are the software and other components of the system faithfully incorporated into the design specifications?

  • A. Programming and training
  • B. Evaluation and acceptance
  • C. Definition
  • D. Initiation

Answer: A

NEW QUESTION 17
Which of the following statements are true about Public-key cryptography? Each correct answer represents a complete solution. Choose two.

  • A. Data encrypted with the secret key can only be decrypted by another secret ke
  • B. The secret key can encrypt a message, and anyone with the public key can decrypt i
  • C. The distinguishing technique used in public key-private key cryptography is the use of symmetric key algorithm
  • D. Data encrypted by the public key can only be decrypted by the secret ke

Answer: BD

NEW QUESTION 18
The OSI model is the most common networking model used in the industry. Applications, network functions, and protocols are typically referenced using one or more of the seven OSI layers. Of the following, choose the two best statements that describe the OSI layer functions. Each correct answer represents a complete solution. Choose two.

  • A. Layers 1 and 2 deal with application functionality and data formattin
  • B. These layers reside at the top of the mode
  • C. Layers 4 through 7 define the functionality of IP Addressing, Physical Standards, and Data Link protocol
  • D. Layers 5, 6, and 7 focus on the Network Application, which includes data formatting and session contro
  • E. Layers 1, 2, 3, and 4 deal with physical connectivity, encapsulation, IP Addressing, and Error Recover
  • F. These layers define the end-to-end functions of data deliver

Answer: CD

NEW QUESTION 19
Which of the following two cryptography methods are used by NTFS Encrypting File System (EFS) to encrypt the data stored on a disk on a file-by-file basis?

  • A. Twofish
  • B. Digital certificates
  • C. Public key
  • D. RSA

Answer: BC

NEW QUESTION 20
You are the Security Consultant and have been contacted by a client regarding their encryption and hashing algorithms. Their in-house network administrator tells you that their current hashing algorithm is an older one with known weaknesses and is not collision resistant.Which algorithm are they most likely using for hashing?

  • A. PKI
  • B. SHA
  • C. Kerberos
  • D. MD5

Answer: D

NEW QUESTION 21
Which of the following is an electrical event shows that there is enough power on the grid to prevent from a total power loss but there is no enough power to meet the current electrical demand?

  • A. Power Surge
  • B. Power Spike
  • C. Blackout
  • D. Brownout

Answer: D

NEW QUESTION 22
Which of the following are the centralized administration technologies? Each correct answer represents a complete solution. Choose all that apply.

  • A. RADIUS
  • B. TACACS+
  • C. Media Access control
  • D. Peer-to-Peer

Answer: AB

NEW QUESTION 23
Which of the following authentication protocols sends a user certificate inside an encrypted tunnel?

  • A. PEAP
  • B. EAP-TLS
  • C. WEP
  • D. EAP-FAST

Answer: B

NEW QUESTION 24
Which of the following are man-made threats that an organization faces? Each correct answer represents a complete solution. Choose three.

  • A. Theft
  • B. Employee errors
  • C. Strikes
  • D. Frauds

Answer: ABD

NEW QUESTION 25
Which of the following are the examples of technical controls? Each correct answer represents a complete solution. Choose three.

  • A. Auditing
  • B. Network acchitecture
  • C. System access
  • D. Data backups

Answer: ABC

NEW QUESTION 26
Which of the following encryption methods comes under symmetric encryption algorithm? Each correct answer represents a complete solution. Choose three.

  • A. DES
  • B. Blowfish
  • C. RC5
  • D. Diffie-Hellman

Answer: ABC

NEW QUESTION 27
IPsec VPN provides a high degree of data privacy by establishing trust points between communicating devices and data encryption. Which of the following encryption methods does IPsec VPN use? Each correct answer represents a complete solution. Choose two.

  • A. MD5
  • B. LEAP
  • C. AES
  • D. 3DES

Answer: CD

NEW QUESTION 28
Which of the following encryption methods does the SSL protocol use in order to provide communication privacy, authentication, and message integrity? Each correct answer represents a part of the solution. Choose two.

  • A. Public key
  • B. IPsec
  • C. MS-CHAP
  • D. Symmetric

Answer: AD

NEW QUESTION 29
Maria works as a Network Security Officer for Gentech Inc. She wants to encrypt her network traffic. The specific requirement for the encryption algorithm is that it must be a symmetric key block cipher. Which of the following techniques will she use to fulfill this requirement?

  • A. IDEA
  • B. PGP
  • C. DES
  • D. AES

Answer: C

NEW QUESTION 30
Which of the following LAN protocols use token passing for exchanging signals among various stations on the network? Each correct answer represents a complete solution. Choose two.

  • A. Ethernet (IEEE 802.3)
  • B. Token ring (IEEE 802.5)
  • C. Fiber Distributed Data Interface (FDDI)
  • D. Wireless LAN (IEEE 802.11b)

Answer: BC

NEW QUESTION 31
......

P.S. Easily pass CISSP-ISSAP Exam with 237 Q&As Certifytools Dumps & pdf Version, Welcome to Download the Newest Certifytools CISSP-ISSAP Dumps: https://www.certifytools.com/CISSP-ISSAP-exam.html (237 New Questions)