March Sale Special Limited Time Flat 70% Discount offer - Ends in 0d 00h 00m 00s - Coupon code: 70spcl

ISC ISSAP ISSAP Information Systems Security Architecture Professional Exam Practice Test

Page: 1 / 24
Total 237 questions

ISSAP Information Systems Security Architecture Professional Questions and Answers

Question 1

In which of the following Person-to-Person social engineering attacks does an attacker pretend to be an outside contractor, delivery person, etc., in order to gain physical access to the organization?

Options:

A.

In person attack

B.

Third-party authorization attack

C.

Impersonation attack

D.

Important user posing attack

Question 2

Which of the following is a network service that stores and organizes information about a network users and network resources and that allows administrators to manage users' access to the resources?

Options:

A.

SMTP service

B.

Terminal service

C.

Directory service

D.

DFS service

Question 3

Which of the following are natural environmental threats that an organization faces? Each correct answer represents a complete solution. Choose two.

Options:

A.

Strikes

B.

Floods

C.

Accidents

D.

Storms

Question 4

Which of the following algorithms is found to be suitable for both digital signature and encryption?

Options:

A.

SHA-1

B.

MD5

C.

AES

D.

RSA

Question 5

You work as a Network Administrator for NetTech Inc. When you enter http://66.111.64.227 in the browser 's address bar, you are able to access the site. But, you are unable to access the site when you enter http://www.company.com. What is the most likely cause?

Options:

A.

The site's Web server is offline.

B.

The site's Web server has heavy traffic.

C.

WINS server has no NetBIOS name entry for the server.

D.

DNS entry is not available for the host name.

Question 6

In which of the following cryptographic attacking techniques does an attacker obtain encrypted messages that have been encrypted using the same encryption algorithm?

Options:

A.

Chosen plaintext attack

B.

Ciphertext only attack

C.

Chosen ciphertext attack

D.

Known plaintext attack

Question 7

You are implementing some security services in an organization, such as smart cards, biometrics, access control lists, firewalls, intrusion detection systems, and clipping levels. Which of the following categories of implementation of the access control includes all these security services?

Options:

A.

Administrative access control

B.

Logical access control

C.

Physical access control

D.

Preventive access control

Question 8

Which of the following encryption algorithms is used by the Clipper chip, which supports the escrowed encryption standard?

Options:

A.

Skipjack

B.

Blowfish

C.

AES

D.

IDEA

Question 9

John works as a security manager for SoftTech Inc. He is working with his team on the disaster recovery management plan. One of his team members has a doubt related to the most cost effective DRP testing plan. According to you, which of the following disaster recovery testing plans is the most cost-effective and efficient way to identify areas of overlap in the plan before conducting more demanding training exercises?

Options:

A.

Evacuation drill

B.

Walk-through drill

C.

Structured walk-through test

D.

Full-scale exercise

Question 10

You are the Security Administrator for a consulting firm. One of your clients needs to encrypt traffic. However, he has specific requirements for the encryption algorithm. It must be a symmetric key block cipher. Which of the following should you choose for this client?

Options:

A.

PGP

B.

SSH

C.

DES

D.

RC4

Question 11

You work as a Security Manager for Tech Perfect Inc. A number of people are involved with you in the DRP efforts. You have maintained several different types of plan documents, intended for different audiences. Which of the following documents will be useful for you as well as public relations personnel who require a non-technical perspective on the entire organization's disaster recovery efforts?

Options:

A.

Technical guide

B.

Executive summary

C.

Checklist

D.

Department-specific plan

Question 12

Which of the following encryption modes has the property to allow many error correcting codes to function normally even when applied before encryption?

Options:

A.

OFB mode

B.

CFB mode

C.

CBC mode

D.

PCBC mode

Question 13

What are the benefits of using AAA security service in a network? Each correct answer represents a part of the solution. Choose all that apply.

Options:

A.

It provides scalability.

B.

It supports a single backup system.

C.

It increases flexibility and control of access configuration.

D.

It supports RADIUS, TACACS+, and Kerberos authentication methods.

Question 14

You work as a Network Consultant. A company named Tech Perfect Inc. hires you for security reasons. The manager of the company tells you to establish connectivity between clients and servers of the network which prevents eavesdropping and tampering of data on the Internet. Which of the following will you configure on the network to perform the given task?

Options:

A.

WEP

B.

IPsec

C.

VPN

D.

SSL

Question 15

Which of the following keys are included in a certificate revocation list (CRL) of a public key infrastructure (PKI)? Each correct answer represents a complete solution. Choose two.

Options:

A.

A foreign key

B.

A private key

C.

A public key

D.

A primary key

Question 16

Fill in the blank with the appropriate encryption system. The ______ encryption system is an asymmetric key encryption algorithm for the public-key cryptography, which is based on the Diffie- Hellman key agreement.

Options:

A.

ElGamal

Question 17

Which of the following life cycle modeling activities establishes service relationships and message exchange paths?

Options:

A.

Service-oriented logical design modeling

B.

Service-oriented conceptual architecture modeling

C.

Service-oriented discovery and analysis modeling

D.

Service-oriented business integration modeling

Question 18

Adam works as a Network Administrator. He discovers that the wireless AP transmits 128 bytes of plaintext, and the station responds by encrypting the plaintext. It then transmits the resulting ciphertext using the same key and cipher that are used by WEP to encrypt subsequent network traffic. Which of the following types of authentication mechanism is used here?

Options:

A.

Pre-shared key authentication

B.

Open system authentication

C.

Shared key authentication

D.

Single key authentication

Question 19

You have decided to implement video surveillance in your company in order to enhance network security. Which of the following locations must have a camera in order to provide the minimum level of security for the network resources? Each correct answer represents a complete solution. Choose two.

Options:

A.

Parking lot

B.

All hallways

C.

Server Rooms

D.

All offices

E.

All entrance doors

Question 20

A user is sending a large number of protocol packets to a network in order to saturate its resources and to disrupt connections to prevent communications between services. Which type of attack is this?

Options:

A.

Denial-of-Service attack

B.

Vulnerability attack

C.

Social Engineering attack

D.

Impersonation attack

Question 21

Which of the following is a method for transforming a message into a masked form, together with a way of undoing the transformation to recover the message?

Options:

A.

Cipher

B.

CrypTool

C.

Steganography

D.

MIME

Question 22

A digital signature is a type of public key cryptography. Which of the following statements are true about digital signatures? Each correct answer represents a complete solution. Choose all that apply.

Options:

A.

In order to digitally sign an electronic record, a person must use his/her public key.

B.

In order to verify a digital signature, the signer's private key must be used.

C.

In order to digitally sign an electronic record, a person must use his/her private key.

D.

In order to verify a digital signature, the signer's public key must be used.

Question 23

In your office, you are building a new wireless network that contains Windows 2003 servers. To establish a network for secure communication, you have to implement IPSec security policy on the servers. What authentication methods can you use for this implementation? Each correct answer represents a complete solution. Choose all that apply.

Options:

A.

Public-key cryptography

B.

Kerberos

C.

Preshared keys

D.

Digital certificates

Question 24

Which of the following encryption methods does the SSL protocol use in order to provide communication privacy, authentication, and message integrity? Each correct answer represents a part of the solution. Choose two.

Options:

A.

Public key

B.

IPsec

C.

MS-CHAP

D.

Symmetric

Question 25

You work as a Network Administrator for NetTech Inc. You want to have secure communication on the company's intranet. You decide to use public key and private key pairs. What will you implement to accomplish this?

Options:

A.

Microsoft Internet Information Server (IIS)

B.

VPN

C.

FTP server

D.

Certificate server

Question 26

Maria works as a Network Security Officer for Gentech Inc. She wants to encrypt her network traffic. The specific requirement for the encryption algorithm is that it must be a symmetric key block cipher. Which of the following techniques will she use to fulfill this requirement?

Options:

A.

IDEA

B.

PGP

C.

DES

D.

AES

Question 27

An authentication method uses smart cards as well as usernames and passwords for authentication. Which of the following authentication methods is being referred to?

Options:

A.

Mutual

B.

Anonymous

C.

Multi-factor

D.

Biometrics

Question 28

You have been assigned the task of selecting a hash algorithm. The algorithm will be specifically used to ensure the integrity of certain sensitive files. It must use a 128 bit hash value. Which of the following should you use?

Options:

A.

AES

B.

SHA

C.

MD5

D.

DES

Question 29

Which of the following processes is used to identify relationships between mission critical applications, processes, and operations and all supporting elements?

Options:

A.

Critical path analysis

B.

Functional analysis

C.

Risk analysis

D.

Business impact analysis

Question 30

You work as a Project Manager for Tech Perfect Inc. You are creating a document which emphasizes the formal study of what your organization is doing currently and where it will be in the future. Which of the following analysis will help you in accomplishing the task?

Options:

A.

Cost-benefit analysis

B.

Gap analysis

C.

Requirement analysis

D.

Vulnerability analysis

Question 31

Which of the following firewalls inspects the actual contents of packets?

Options:

A.

Packet filtering firewall

B.

Stateful inspection firewall

C.

Application-level firewall

D.

Circuit-level firewall

Question 32

You are the Security Consultant advising a company on security methods. This is a highly secure location that deals with sensitive national defense related data. They are very concerned about physical security as they had a breach last month. In that breach an individual had simply grabbed a laptop and ran out of the building. Which one of the following would have been most effective in preventing this?

Options:

A.

Not using laptops.

B.

Keeping all doors locked with a guard.

C.

Using a man-trap.

D.

A sign in log.

Question 33

Which of the following disaster recovery tests includes the operations that shut down at the primary site, and are shifted to the recovery site according to the disaster recovery plan?

Options:

A.

Structured walk-through test

B.

Simulation test

C.

Full-interruption test

D.

Parallel test

Question 34

SSH is a network protocol that allows data to be exchanged between two networks using a secure channel. Which of the following encryption algorithms can be used by the SSH protocol? Each correct answer represents a complete solution. Choose all that apply.

Options:

A.

Blowfish

B.

DES

C.

IDEA

D.

RC4

Question 35

An organization is seeking to implement a hot site and wants to maintain a live database server at the backup site. Which of the following solutions will be the best for the organization?

Options:

A.

Electronic vaulting

B.

Remote journaling

C.

Remote mirroring

D.

Transaction logging

Page: 1 / 24
Total 237 questions