The Actual Exam Version included actual exam questions verified by IT Experts. We verified questions and updated frequently each month and also based on members’ feedback to keep updating with the real exam. We are offering money back immediately if questions in our Actual Exam Version do not appear in your exam. Highly recommend you take the Actual Exam Version then go to the exam as soon as possible.
CISSP-ISSAP Information Systems Security Architecture Professional Actual Exam
QUESTION NO: 31
John works as a professional Ethical Hacker. He has been assigned the project of testing the security of www.we-are-secure.com. John notices that the We-are-secure network is vulnerable to a man-in-the-middle attack since the key exchange process of the cryptographic algorithm it is using does not thenticate participants. Which of the following cryptographic algorithms is being used by the We-are-secure server?
A. Blowfish
B. Twofish
C. RSA
D. Diffie-Hellman
QUESTION NO: 32
Which of the following electrical events shows a sudden drop of power source that can cause a wide variety of problems on a PC or a network?
A. Blackout
B. Power spike
C. Power sag
D. Power surge
QUESTION NO: 33
Which of the following is the duration of time and a service level within which a business process must be restored after a disaster in order to avoid unacceptable consequences associated with a break in business continuity?
A. RCO
B. RTO
C. RPO
D. RTA
QUESTION NO: 34
You work as an Incident handler in Mariotrixt.Inc. You have followed the Incident handling process to handle the events and incidents. You identify Denial of Service attack (DOS) from a network linked to your internal enterprise network. Which of the following phases of the Incident handling process should you follow next to handle this incident?
A. Containment
B. Preparation
C. Recovery
D. Identification
QUESTION NO: 35
You have decided to implement video surveillance in your company in order to enhance network security. Which of the following locations must have a camera in order to provide the minimum level of security for the network resources? Each correct answer represents a complete solution.
Choose two.
A. Parking lot
B. All hallways
C. Server Rooms
D. All offices
E. All entrance doors
QUESTION NO: 36
You work as a Network Administrator for NetTech Inc. You want to have secure communication on the company’s intranet. You decide to use public key and private key pairs. What will you implement to accomplish this?
A. Microsoft Internet Information Server (IIS)
B. VPN
C. FTP server
D. Certificate server
QUESTION NO: 37
Which of the following protocols is used to compare two values calculated using the Message
Digest (MD5) hashing function?
A. CHAP
B. PEAP
C. EAP
D. EAP-TLS
QUESTION NO: 38
Which of the following is a technique used for modifying messages, providing Information and Cyber security, and reducing the risk of hacking attacks during communications and message passing over the Internet?
A. Risk analysis
B. OODA loop
C. Cryptography
D. Firewall security
QUESTION NO: 39
Which of the following statements about Public Key Infrastructure (PKI) are true? Each correct answer represents a complete solution. Choose two.
A. It uses symmetric key pairs.
B. It provides security using data encryption and digital signature.
C. It uses asymmetric key pairs.
D. It is a digital representation of information that identifies users.
QUESTION NO: 40
Which of the following types of halon is found in portable extinguishers and is stored as a liquid?
A. Halon-f
B. Halon 1301
C. Halon 11
D. Halon 1211
QUESTION NO: 41
Mark has been hired by a company to work as a Network Assistant. He is assigned the task to configure a dial-up connection. He is configuring a laptop. Which of the following protocols should he disable to ensure that the password is encrypted during remote access?
A. SPAP
B. MSCHAP
C. PAP
D. MSCHAP V2
QUESTION NO: 42
Which of the following disaster recovery tests includes the operations that shut down at the primary site, and are shifted to the recovery site according to the disaster recovery plan?
A. Structured walk-through test
B. Simulation test
C. Full-interruption test
D. Parallel test
QUESTION NO: 43
In which of the following network topologies does the data travel around a loop in a single direction and pass through each device?
A. Ring topology
B. Tree topology
C. Star topology
D. Mesh topology
QUESTION NO: 44
You are the Network Administrator for a small business. You need a widely used, but highly secure hashing algorithm. Which of the following should you choose?
A. AES
B. SHA
C. EAP
D. CRC32
QUESTION NO: 45
Which of the following can be configured so that when an alarm is activated, all doors lock and the suspect or intruder is caught between the doors in the dead-space?
A. Man trap
B. Biometric device
C. Host Intrusion Detection System (HIDS)
D. Network Intrusion Detection System (NIDS)
QUESTION NO: 46
Which of the following refers to a location away from the computer center where document copies and backup media are kept?
A. Storage Area network
B. Off-site storage
C. On-site storage
D. Network attached storage
QUESTION NO: 47
Which of the following encryption methods does the SSL protocol use in order to provide communication privacy, authentication, and message integrity? Each correct answer represents a part of the solution. Choose two.
A. Public key
B. IPsec
C. MS-CHAP
D. Symmetric
QUESTION NO: 48
John used to work as a Network Administrator for We-are-secure Inc. Now he has resigned from the company for personal reasons. He wants to send out some secret information of the company. To do so, he takes an image file and simply uses a tool image hide and embeds the secret file within an image file of the famous actress, Jennifer Lopez, and sends it to his Yahoo mail id. Since he is using the image file to send the data, the mail server of his company is unable to filter this mail. Which of the following techniques is he performing to accomplish his task?
A. Email spoofing
B. Social engineering
C. Web ripping
D. Steganography
QUESTION NO: 49
Which of the following intrusion detection systems (IDS) monitors network traffic and compares it against an established baseline?
A. Network-based
B. Anomaly-based
C. File-based
D. Signature-based
QUESTION NO: 50
Which of the following are the initial steps required to perform a risk analysis process? Each correct answer represents a part of the solution. Choose three.
A. Estimate the potential losses to assets by determining their value.
B. Establish the threats likelihood and regularity.
C. Valuations of the critical assets in hard costs.
D. Evaluate potential threats to the assets.
QUESTION NO: 51
Which of the following protocols uses the Internet key Exchange (IKE) protocol to set up security associations (SA)?
A. IPSec
B. L2TP
C. LEAP
D. ISAKMP
QUESTION NO: 52
Sam is creating an e-commerce site. He wants a simple security solution that does not require each customer to have an individual key. Which of the following encryption methods will he use?
A. Asymmetric encryption
B. Symmetric encryption
C. S/MIME
D. PGP
QUESTION NO: 53
Computer networks and the Internet are the prime mode of Information transfer today. Which of the following is a technique used for modifying messages, providing Information and Cyber security, and reducing the risk of hacking attacks during communications and message passing over the Internet?
A. Risk analysis
B. Firewall security
C. Cryptography
D. OODA loop
QUESTION NO: 54
An organization wants to allow a certificate authority to gain access to the encrypted data and create digital signatures on behalf of the user. The data is encrypted using the public key from a user’s certificate. Which of the following processes fulfills the above requirements?
A. Key escrow
B. Key storage
C. Key revocation
D. Key recovery
QUESTION NO: 55
Which of the following are the primary components of a discretionary access control (DAC) model? Each correct answer represents a complete solution. Choose two.
A. User’s group
B. File and data ownership
C. Smart card
D. Access rights and permissions
QUESTION NO: 56
Which of the following encryption modes can make protocols without integrity protection even more susceptible to replay attacks, since each block gets decrypted in exactly the same way?
A. Cipher feedback mode
B. Cipher block chaining mode
C. Output feedback mode
D. Electronic codebook mode
QUESTION NO: 57
You work as a technician for Trade Well Inc. The company is in the business of share trading. To enhance security, the company wants users to provide a third key (apart from ID and password) to access the company’s Web site. Which of the following technologies will you implement to accomplish the task?
A. Smart cards
B. Key fobs
C. VPN
D. Biometrics
QUESTION NO: 58
Which of the following layers of the OSI model corresponds to the Host-to-Host layer of the
TCP/IP model?
A. The transport layer
B. The presentation layer
C. The session layerD. The application layer
QUESTION NO: 59
You are the Network Administrator for a college. You watch a large number of people (some not even students) going in and out of areas with campus computers (libraries, computer labs, etc.). You have had a problem with laptops being stolen. What is the most cost effective method to prevent this?
A. Smart card access to all areas with computers.
B. Use laptop locks.
C. Video surveillance on all areas with computers.
D. Appoint a security guard.
QUESTION NO: 60
The ATM of a bank is robbed by breaking the ATM machine. Which of the following physical security devices can now be used for verification and historical analysis of the ATM robbery?
A. Key card
B. Biometric devices
C. Intrusion detection systems
D. CCTV Cameras
What next?
- https://www.awslagi.com/cissp-issap-information-systems-security-architecture-professional-exam-question-part-1
- https://www.awslagi.com/cissp-issap-information-systems-security-architecture-professional-exam-question-part-2
- https://www.awslagi.com/cissp-issap-information-systems-security-architecture-professional-exam-question-part-3
