The Actual Exam Version included actual exam questions verified by IT Experts. We verified questions and updated frequently each month and also based on members’ feedback to keep updating with the real exam. We are offering money back immediately if questions in our Actual Exam Version do not appear in your exam. Highly recommend you take the Actual Exam Version then go to the exam as soon as possible.

CISSP-ISSAP Information Systems Security Architecture Professional Actual Exam

QUESTION NO: 1
Which of the following elements of the planning gap measures the gap between the total potential for the market and the actual current usage by all the consumers in the market?

A. Project gap
B. Product gap
C. Competitive gap
D. Usage gap

QUESTION NO: 2
Which of the following terms refers to the method that allows or restricts specific types of packets from crossing over the firewall?

A. Hacking
B. Packet filtering
C. Web caching
D. Spoofing

QUESTION NO: 3
You work as a Network Administrator for NetTech Inc. The company wants to encrypt its emails. Which of the following will you use to accomplish this?

A. PGP
B. PPTP
C. IPSec
D. NTFS

QUESTION NO: 4
Peter works as a Network Administrator for Net World Inc. The company wants to allow remote users to connect and access its private network through a dial-up connection via the Internet. All the data will be sent across a public network. For security reasons, the management wants the data sent through the Internet to be encrypted. The company plans to use a Layer 2 Tunneling
Protocol (L2TP) connection. Which communication protocol will Peter use to accomplish the task?

A. IP Security (IPSec)
B. Microsoft Point-to-Point Encryption (MPPE)
C. Pretty Good Privacy (PGP)
D. Data Encryption Standard (DES)

QUESTION NO: 5
Which of the following protocols multicasts messages and information among all member devices in an IP multicast group?

A. ARP
B. ICMP
C. TCP
D. IGMP

QUESTION NO: 6
Which of the following security devices is presented to indicate some feat of service, a special accomplishment, a symbol of authority granted by taking an oath, a sign of legitimate employment or student status, or as a simple means of identification?

A. Sensor
B. Alarm
C. Motion detector
D. Badge

QUESTION NO: 7
Which of the following is a method for transforming a message into a masked form, together with a way of undoing the transformation to recover the message?

A. Cipher
B. CrypTool
C. Steganography
D. MIME

QUESTION NO: 8
Mark works as a Network Administrator for NetTech Inc. He wants users to access only those resources that are required for them. Which of the following access control models will he use?

A. Policy Access Control
B. Mandatory Access Control
C. Discretionary Access Control
D. Role-Based Access Control

QUESTION NO: 9
Which of the following is used to authenticate asymmetric keys?

A. Digital signature
B. MAC Address
C. Demilitarized zone (DMZ)
D. Password

QUESTION NO: 10
IPsec VPN provides a high degree of data privacy by establishing trust points between communicating devices and data encryption. Which of the following encryption methods does
IPsec VPN use? Each correct answer represents a complete solution. Choose two.

A. MD5
B. LEAP
C. AES
D. 3DES

QUESTION NO: 11
A user is sending a large number of protocol packets to a network in order to saturate its resources and to disrupt connections to prevent communications between services. Which type of attack is this?

A. Denial-of-Service attack
B. Vulnerability attack
C. Social Engineering attack
D. Impersonation attack

QUESTION NO: 12
Which of the following types of firewall functions at the Session layer of OSI model?

A. Circuit-level firewall
B. Application-level firewall
C. Packet filtering firewall
D. Switch-level firewall

QUESTION NO: 13
Which of the following statements about a stream cipher are true? Each correct answer represents a complete solution. Choose three.

A. It typically executes at a higher speed than a block cipher.
B. It divides a message into blocks for processing.C. It typically executes at a slower speed than a block cipher.
D. It divides a message into bits for processing.
E. It is a symmetric key cipher.

QUESTION NO: 14
Which of the following types of attack can be used to break the best physical and logical security mechanism to gain access to a system?

A. Social engineering attack
B. Cross site scripting attack
C. Mail bombing
D. Password guessing attack

QUESTION NO: 15
You are the Security Consultant advising a company on security methods. This is a highly secure location that deals with sensitive national defense related data. They are very concerned about physical security as they had a breach last month. In that breach an individual had simply grabbed a laptop and ran out of the building. Which one of the following would have been most effective in preventing this?

A. Not using laptops.
B. Keeping all doors locked with a guard.
C. Using a man-trap.
D. A sign in log.

QUESTION NO: 16
You want to implement a network topology that provides the best balance for regional topologies in terms of the number of virtual circuits, redundancy, and performance while establishing a WAN network. Which of the following network topologies will you use to accomplish the task?

A. Bus topology
B. Fully meshed topology
C. Star topology
D. Partially meshed topology

QUESTION NO: 17
Which of the following protocols is an alternative to certificate revocation lists (CRL) and allows the authenticity of a certificate to be immediately verified?

A. RSTP
B. SKIPC. OCSP
D. HTTP

QUESTION NO: 18
Which of the following does PEAP use to authenticate the user inside an encrypted tunnel? Each correct answer represents a complete solution. Choose two.

A. GTC
B. MS-CHAP v2
C. AES
D. RC4

QUESTION NO: 19
Which of the following terms refers to a mechanism which proves that the sender really sent a particular message?

A. Integrity
B. Confidentiality
C. Authentication
D. Non-repudiation

QUESTION NO: 20
Adam works as a Security Analyst for Umbrella Inc. CEO of the company ordered him to implement two-factor authentication for the employees to access their networks. He has told him that he would like to use some type of hardware device in tandem with a security or identifying pin number. Adam decides to implement smart cards but they are not cost effective. Which of the following types of hardware devices will Adam use to implement two-factor authentication?

A. Biometric device
B. One Time Password
C. Proximity cards
D. Security token

QUESTION NO: 21
Maria works as a Network Security Officer for Gentech Inc. She wants to encrypt her network traffic. The specific requirement for the encryption algorithm is that it must be a symmetric key block cipher. Which of the following techniques will she use to fulfill this requirement?

A. IDEA
B. PGP
C. DES
D. AES

QUESTION NO: 22
Which of the following protocols uses public-key cryptography to authenticate the remote computer?

A. SSH
B. Telnet
C. SCP
D. SSL

QUESTION NO: 23
Which of the following cryptographic system services ensures that information will not be disclosed to any unauthorized person on a local network?

A. Authentication
B. Non-repudiation
C. Integrity
D. Confidentiality

QUESTION NO: 24
Which of the following are the examples of technical controls? Each correct answer represents a complete solution. Choose three.

A. Auditing
B. Network architecture
C. System access
D. Data backups

QUESTION NO: 25
Which of the following tenets does the CIA triad provide for which security practices are measured? Each correct answer represents a part of the solution. Choose all that apply.

A. Integrity
B. Accountability
C. Availability
D. Confidentiality

QUESTION NO: 26
Which of the following types of attacks cannot be prevented by technical measures only?

A. Social engineering
B. Brute force
C. Smurf DoS
D. Ping flood attack

QUESTION NO: 27
Which of the following attacks can be overcome by applying cryptography?

A. Web ripping
B. DoS
C. Sniffing
D. Buffer overflow

QUESTION NO: 28
Which of the following authentication methods prevents unauthorized execution of code on remote systems?

A. TACACS
B. S-RPC
C. RADIUS
D. CHAP

QUESTION NO: 29
The simplest form of a firewall is a packet filtering firewall. Typically a router works as a packet filtering firewall and has the capability to filter on some of the contents of packets. On which of the following layers of the OSI reference model do these routers filter information? Each correct answer represents a complete solution. Choose all that apply.

A. Transport layer
B. Physical layer
C. Data Link layer
D. Network layer

QUESTION NO: 30
Andrew works as a Network Administrator for Infonet Inc. The company’s network has a Web server that hosts the company’s Web site. Andrew wants to increase the security of the Web site by implementing Secure Sockets Layer (SSL). Which of the following types of encryption does SSL use? Each correct answer represents a complete solution. Choose two.

A. Synchronous
B. Secret
C. Asymmetric
D. Symmetric

What next?

• https://www.awslagi.com/cissp-issap-information-systems-security-architecture-professional-exam-question-part-1
• https://www.awslagi.com/cissp-issap-information-systems-security-architecture-professional-exam-question-part-2
• https://www.awslagi.com/cissp-issap-information-systems-security-architecture-professional-exam-question-part-3