100% Updated ISC2 ISSAP Dumps and it's actual ISSAP exam questions answers which are verified ISC2 Experts. ISC2 ISSAP Exam Dumps PDF is a recommended way to pass your ISSAP Exam with High Marks. Visit AuthenticD to Get more information about ISSAP exam.
Buy Full Product Here
https://authenticdumps.com/dumps/issap/
, s@lm@n
ISC
Exam ISSAP
ISSAP Information Systems Security Architecture Professional
Verson: Demo
[ Total Questions: 10 ]
, ISC ISSAP : Practice Test
Topic break down
Topic No. of Questions
Topic 1: Volume A 5
Topic 2: Volume B 5
Pass Your Certification With Marks4sure Guarantee 2
, ISC ISSAP : Practice Test
Topic 1, Volume A
Question No : 1 - (Topic 1)
Which of the following are the initial steps required to perform a risk analysis process?
Each correct answer represents a part of the solution. Choose three.
A. Estimate the potential losses to assets by determining their value.
B. Establish the threats likelihood and regularity.
C. Valuations of the critical assets in hard costs.
D. Evaluate potential threats to the assets.
Answer: A,B,D
Question No : 2 - (Topic 1)
Which of the following encryption modes can make protocols without integrity protection
even more susceptible to replay attacks, since each block gets decrypted in exactly the
same way?
A. Cipher feedback mode
B. Cipher block chaining mode
C. Output feedback mode
D. Electronic codebook mode
Answer: D
Question No : 3 - (Topic 1)
Which of the following protocols is used to compare two values calculated using the
Message Digest (MD5) hashing function?
A. CHAP
B. PEAP
C. EAP
D. EAP-TLS
Answer: A
Pass Your Certification With Marks4sure Guarantee 3
, ISC ISSAP : Practice Test
Question No : 4 - (Topic 1)
Kerberos is a computer network authentication protocol that allows individuals
communicating over a non-secure network to prove their identity to one another in a secure
manner. Which of the following statements are true about the Kerberos authentication
scheme? Each correct answer represents a complete solution. Choose all that apply.
A. Kerberos requires continuous availability of a central server.
B. Dictionary and brute force attacks on the initial TGS response to a client may reveal the
subject's passwords.
C. Kerberos builds on Asymmetric key cryptography and requires a trusted third party.
D. Kerberos requires the clocks of the involved hosts to be synchronized.
Answer: A,B,D
Question No : 5 - (Topic 1)
Peter works as a Network Administrator for Net World Inc. The company wants to allow
remote users to connect and access its private network through a dial-up connection via
the Internet. All the data will be sent across a public network. For security reasons, the
management wants the data sent through the Internet to be encrypted. The company plans
to use a Layer 2 Tunneling Protocol (L2TP) connection. Which communication protocol will
Peter use to accomplish the task?
A. IP Security (IPSec)
B. Microsoft Point-to-Point Encryption (MPPE)
C. Pretty Good Privacy (PGP)
D. Data Encryption Standard (DES)
Answer: A
Topic 2, Volume B
Question No : 6 - (Topic 2)
Which of the following encryption algorithms are based on block ciphers?
Pass Your Certification With Marks4sure Guarantee 4
, ISC ISSAP : Practice Test
A. RC4
B. Twofish
C. Rijndael
D. RC5
Answer: B,C,D
Question No : 7 - (Topic 2)
In which of the following phases of the SDLC does the software and other components of
the system faithfully incorporate the design specifications and provide proper
documentation and training?
A. Initiation
B. Programming and training
C. Design
D. Evaluation and acceptance
Answer: B
Question No : 8 - (Topic 2)
Your company is covered under a liability insurance policy, which provides various liability
coverage for information security risks, including any physical damage of assets, hacking
attacks, etc. Which of the following risk management techniques is your company using?
A. Risk acceptance
B. Risk avoidance
C. Risk transfer
D. Risk mitigation
Answer: C
Question No : 9 - (Topic 2)
Which of the following are the phases of the Certification and Accreditation (C&A) process?
Each correct answer represents a complete solution. Choose two.
Pass Your Certification With Marks4sure Guarantee 5
, ISC ISSAP : Practice Test
A. Detection
B. Continuous Monitoring
C. Initiation
D. Auditing
Answer: B,C
Question No : 10 - (Topic 2)
In which of the following Person-to-Person social engineering attacks does an attacker
pretend to be an outside contractor, delivery person, etc., in order to gain physical access
to the organization?
A. In person attack
B. Third-party authorization attack
C. Impersonation attack
D. Important user posing attack
Answer: C
Pass Your Certification With Marks4sure Guarantee 6
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller robertcharl. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for $0.00. You're not tied to anything after your purchase.
