ISSAP Practice Exam Questions with Answers ISSAP Information Systems Security Architecture Professional Certification

Which of the following processes is used by remote users to make a secure connection to internal resources after establishing an Internet connection?

Which of the following tenets does the CIA triad provide for which security practices are measured? Each correct answer represents a part of the solution. Choose all that apply.

A network is configured on a Bus topology. Which of the following conditions could cause a network failure? Each correct answer represents a complete solution. Choose all that apply.

A helpdesk technician received a phone call from an administrator at a remote branch office. The administrator claimed to have forgotten the password for the root account on UNIX servers and asked for it. Although the technician didn't know any administrator at the branch office, the guy sounded really friendly and since he knew the root password himself, he supplied the caller with the password. What type of attack has just occurred?

You are the Network Administrator for a small business. You need a widely used, but highly secure hashing algorithm. Which of the following should you choose?

Which of the following is a method for transforming a message into a masked form, together with a way of undoing the transformation to recover the message?

The service-oriented modeling framework (SOMF) provides a common modeling notation to address alignment between business and IT organizations. Which of the following principles does the SOMF concentrate on? Each correct answer represents a part of the solution. Choose all that apply.

Which of the following devices is a least expensive power protection device for filtering the electrical stream to control power surges, noise, power sags, and power spikes?

Which of the following does PEAP use to authenticate the user inside an encrypted tunnel? Each correct answer represents a complete solution. Choose two.

John works as a Network Administrator for NetPerfect Inc. The company has a Windows-based network. John has been assigned a project to build a network for the sales department of the company. It is important for the LAN to continue working even if there is a break in the cabling. Which of the following topologies should John use to accomplish the task?

You work as a technician for Trade Well Inc. The company is in the business of share trading. To enhance security, the company wants users to provide a third key (apart from ID and password) to access the company's Web site. Which of the following technologies will you implement to accomplish the task?

Which of the following are the phases of the Certification and Accreditation (C&A) process? Each correct answer represents a complete solution. Choose two.

The security controls that are implemented to manage physical security are divided in various groups. Which of the following services are offered by the administrative physical security control group? Each correct answer represents a part of the solution. Choose all that apply.

Which of the following encryption modes can make protocols without integrity protection even more susceptible to replay attacks, since each block gets decrypted in exactly the same way?

Kerberos is a computer network authentication protocol that allows individuals communicating over a non-secure network to prove their identity to one another in a secure manner. Which of the following statements are true about the Kerberos authentication scheme? Each correct answer represents a complete solution. Choose all that apply.

Which of the following electrical events shows a sudden drop of power source that can cause a wide variety of problems on a PC or a network?

Which of the following user authentications are supported by the SSH-1 protocol but not by the SSH-2 protocol? Each correct answer represents a complete solution. Choose all that apply.

Which of the following uses a Key Distribution Center (KDC) to authenticate a principle?

Which of the following are man-made threats that an organization faces? Each correct answer represents a complete solution. Choose three.

Which of the following types of ciphers are included in the historical ciphers? Each correct answer represents a complete solution. Choose two.

The service-oriented modeling framework (SOMF) introduces five major life cycle modeling activities that drive a service evolution during design-time and run-time. Which of the following activities integrates SOA software assets and establishes SOA logical environment dependencies?

The Public Key Infrastructure (PKI) is a set of hardware, software, people, policies, and procedures needed to create, manage, distribute, use, store, and revoke digital certificates. Which of the following components does the PKI use to list those certificates that have been revoked or are no longer valid?

In which of the following access control models, owner of an object decides who is allowed to access the object and what privileges they have?

Which of the following statements about Network Address Translation (NAT) are true? Each correct answer represents a complete solution. Choose three.

What are the benefits of using AAA security service in a network? Each correct answer represents a part of the solution. Choose all that apply.

An access control secures the confidentiality, integrity, and availability of the information and data of an organization. In which of the following categories can you deploy the access control? Each correct answer represents a part of the solution. Choose all that apply.

Which of the following statements are true about Public-key cryptography? Each correct answer represents a complete solution. Choose two.

Which of the following is responsible for maintaining certificates in a public key infrastructure (PKI)?

You work as a Security Manager for Tech Perfect Inc. The management tells you to implement a hashing method in the organization that can resist forgery and is not open to the man-in-the-middle attack. Which of the following methods will you use to accomplish the task?

You work as a Network Administrator for McNeil Inc. The company has a TCP/IP-based network. Performance of the network is slow because of heavy traffic. A hub is used as a central connecting device in the network. Which of the following devices can be used in place of a hub to control the network traffic efficiently?