Summer Special Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: suredis

ISC CISSP-ISSAP ISSAP Information Systems Security Architecture Professional Exam Practice Test

Page: 1 / 24
Total 237 questions

ISSAP Information Systems Security Architecture Professional Questions and Answers

Testing Engine

  • Product Type: Testing Engine
$42  $119.99

PDF Study Guide

  • Product Type: PDF Study Guide
$36.75  $104.99
Question 1

Which of the following types of attacks is often performed by looking surreptitiously at the keyboard or monitor of an employee's computer?

Options:

A.

Buffer-overflow attack

B.

Man-in-the-middle attack

C.

Shoulder surfing attack

D.

Denial-of-Service (DoS) attack

Question 2

Mark has been hired by a company to work as a Network Assistant. He is assigned the task to configure a dial-up connection. He is configuring a laptop. Which of the following protocols should he disable to ensure that the password is encrypted during remote access?

Options:

A.

SPAP

B.

MSCHAP

C.

PAP

D.

MSCHAP V2

Question 3

Mark works as a Network Administrator for NetTech Inc. He wants users to access only those resources that are required for them. Which of the following access control models will he use?

Options:

A.

Policy Access Control

B.

Mandatory Access Control

C.

Discretionary Access Control

D.

Role-Based Access Control

Question 4

The network you administer allows owners of objects to manage the access to those objects via access control lists. This is an example of what type of access control?

Options:

A.

RBAC

B.

MAC

C.

CIA

D.

DAC

Question 5

Kerberos is a computer network authentication protocol that allows individuals communicating over a non-secure network to prove their identity to one another in a secure manner. Which of the following statements are true about the Kerberos authentication scheme? Each correct answer represents a complete solution. Choose all that apply.

Options:

A.

Kerberos requires continuous availability of a central server.

B.

Dictionary and brute force attacks on the initial TGS response to a client may reveal the subject's passwords.

C.

Kerberos builds on Asymmetric key cryptography and requires a trusted third party.

D.

Kerberos requires the clocks of the involved hosts to be synchronized.

Question 6

Which of the following statements about Public Key Infrastructure (PKI) are true? Each correct answer represents a complete solution. Choose two.

Options:

A.

It uses symmetric key pairs.

B.

It provides security using data encryption and digital signature.

C.

It uses asymmetric key pairs.

D.

It is a digital representation of information that identifies users.

Question 7

Which of the following two components does Kerberos Key Distribution Center (KDC) consist of? Each correct answer represents a complete solution. Choose two.

Options:

A.

Data service

B.

Ticket-granting service

C.

Account service

D.

Authentication service

Question 8

IPsec VPN provides a high degree of data privacy by establishing trust points between communicating devices and data encryption. Which of the following encryption methods does IPsec VPN use? Each correct answer represents a complete solution. Choose two.

Options:

A.

MD5

B.

LEAP

C.

AES

D.

3DES

Question 9

Which of the following attacks can be overcome by applying cryptography?

Options:

A.

Web ripping

B.

DoS

C.

Sniffing

D.

Buffer overflow

Question 10

Which of the following cryptographic system services ensures that information will not be disclosed to any unauthorized person on a local network?

Options:

A.

Authentication

B.

Non-repudiation

C.

Integrity

D.

Confidentiality

Question 11

In which of the following network topologies does the data travel around a loop in a single direction and pass through each device?

Options:

A.

Ring topology

B.

Tree topology

C.

Star topology

D.

Mesh topology

Question 12

Which of the following is an electrical event shows that there is enough power on the grid to prevent from a total power loss but there is no enough power to meet the current electrical demand?

Options:

A.

Power Surge

B.

Power Spike

C.

Blackout

D.

Brownout

Question 13

Which of the following encryption modes can make protocols without integrity protection even more susceptible to replay attacks, since each block gets decrypted in exactly the same way?

Options:

A.

Cipher feedback mode

B.

Cipher block chaining mode

C.

Output feedback mode

D.

Electronic codebook mode

Question 14

Which of the following is an input device that is used for controlling machines such as cranes, trucks, underwater unmanned vehicles, wheelchairs, surveillance cameras, and zero turning radius lawn mowers?

Options:

A.

PS/2

B.

Joystick

C.

Microphone

D.

AGP

Question 15

Which of the following layers of the OSI model corresponds to the Host-to-Host layer of the TCP/IP model?

Options:

A.

The transport layer

B.

The presentation layer

C.

The session layer

D.

The application layer

Question 16

Which of the following statements about a stream cipher are true? Each correct answer represents a complete solution. Choose three.

Options:

A.

It typically executes at a higher speed than a block cipher.

B.

It divides a message into blocks for processing.

C.

It typically executes at a slower speed than a block cipher.

D.

It divides a message into bits for processing.

E.

It is a symmetric key cipher.

Question 17

Adam works as a Security Analyst for Umbrella Inc. CEO of the company ordered him to implement two-factor authentication for the employees to access their networks. He has told him that he would like to use some type of hardware device in tandem with a security or identifying pin number. Adam decides to implement smart cards but they are not cost effective. Which of the following types of hardware devices will Adam use to implement two-factor authentication?

Options:

A.

Biometric device

B.

One Time Password

C.

Proximity cards

D.

Security token

Question 18

You work as an Incident handler in Mariotrixt.Inc. You have followed the Incident handling process to handle the events and incidents. You identify Denial of Service attack (DOS) from a network linked to your internal enterprise network. Which of the following phases of the Incident handling process should you follow next to handle this incident?

Options:

A.

Containment

B.

Preparation

C.

Recovery

D.

Identification

Question 19

You work as a Network Administrator for McRoberts Inc. You are expanding your company's network. After you have implemented the network, you test the connectivity to a remote host by using the PING command. You get the ICMP echo reply message from the remote host. Which of the following layers of the OSI model are tested through this process? Each correct answer represents a complete solution. Choose all that apply.

Options:

A.

Layer 3

B.

Layer 2

C.

Layer 4

D.

Layer 1

Question 20

Your company is covered under a liability insurance policy, which provides various liability coverage for information security risks, including any physical damage of assets, hacking attacks, etc. Which of the following risk management techniques is your company using?

Options:

A.

Risk acceptance

B.

Risk avoidance

C.

Risk transfer

D.

Risk mitigation

Question 21

Which of the following authentication methods support mutual authentication? Each correct answer represents a complete solution. Choose two.

Options:

A.

MS-CHAP v2

B.

NTLM

C.

EAP-MD5

D.

EAP-TLS

Question 22

Which of the following LAN protocols use token passing for exchanging signals among various stations on the network? Each correct answer represents a complete solution. Choose two.

Options:

A.

Ethernet (IEEE 802.3)

B.

Token ring (IEEE 802.5)

C.

Fiber Distributed Data Interface (FDDI)

D.

Wireless LAN (IEEE 802.11b)

Question 23

Sonya, a user, reports that she works in an electrically unstable environment where brownouts are a regular occurrence. Which of the following will you tell her to use to protect her computer?

Options:

A.

UPS

B.

Multimeter

C.

SMPS

D.

CMOS battery

Question 24

In which of the following cryptographic attacking techniques does an attacker obtain encrypted messages that have been encrypted using the same encryption algorithm?

Options:

A.

Chosen plaintext attack

B.

Ciphertext only attack

C.

Chosen ciphertext attack

D.

Known plaintext attack

Question 25

You work as an administrator for Techraft Inc. Employees of your company create 'products', which are supposed to be given different levels of access. You need to configure a security policy in such a way that an employee (producer of the product) grants accessing privileges (such as read, write, or alter) for his product. Which of the following access control models will you use to accomplish this task?

Options:

A.

Discretionary access control (DAC)

B.

Role-based access control (RBAC)

C.

Mandatory access control (MAC)

D.

Access control list (ACL)

Question 26

Which of the following authentication methods is based on physical appearance of a user?

Options:

A.

Key fob

B.

Biometrics

C.

ID/password combination

D.

Smart card

Question 27

Which of the following algorithms can be used to check the integrity of a file?

158

Each correct answer represents a complete solution. Choose two.

Options:

A.

md5

B.

rsa

C.

blowfish

D.

sha

Question 28

Which of the following are man-made threats that an organization faces? Each correct answer represents a complete solution. Choose three.

Options:

A.

Theft

B.

Employee errors

C.

Strikes

D.

Frauds

Question 29

Adam works as a Network Administrator. He discovers that the wireless AP transmits 128 bytes of plaintext, and the station responds by encrypting the plaintext. It then transmits the resulting ciphertext using the same key and cipher that are used by WEP to encrypt subsequent network traffic. Which of the following types of authentication mechanism is used here?

Options:

A.

Pre-shared key authentication

B.

Open system authentication

C.

Shared key authentication

D.

Single key authentication

Question 30

Which of the following protocols work at the Network layer of the OSI model?

Options:

A.

Routing Information Protocol (RIP)

B.

File Transfer Protocol (FTP)

C.

Simple Network Management Protocol (SNMP)

D.

Internet Group Management Protocol (IGMP)

Question 31

Which of the following SDLC phases consists of the given security controls: Misuse Case Modeling Security Design and Architecture Review Threat and Risk Modeling Security Requirements and Test Cases Generation

Options:

A.

Design

B.

Maintenance

C.

Deployment

D.

Requirements Gathering

Question 32

Which of the following protocols provides certificate-based authentication for virtual private networks (VPNs)?

Options:

A.

PPTP

B.

SMTP

C.

HTTPS

D.

L2TP

Question 33

Which of the following is the most secure method of authentication?

Options:

A.

Smart card

B.

Anonymous

C.

Username and password

D.

Biometrics

Question 34

You work as a Chief Security Officer for Tech Perfect Inc. The company has a TCP/IP based network. You want to use a firewall that can track the state of active connections of the network and then determine which network packets are allowed to enter through the firewall. Which of the following firewalls has this feature?

Options:

A.

Stateful packet inspection firewall

B.

Proxy-based firewall

C.

Dynamic packet-filtering firewall

D.

Application gateway firewall

Question 35

Which of the following password authentication schemes enables a user with a domain account to log on to a network once, using a password or smart card, and to gain access to multiple computers in the domain without being prompted to log in again?

Options:

A.

Single Sign-On

B.

One-time password

C.

Dynamic

D.

Kerberos

Page: 1 / 24
Total 237 questions