Summer Special Sale - Limited Time 60% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: 575363r9

Welcome To DumpsPedia

CISSP-ISSAP Sample Questions Answers

Questions 4

The service-oriented modeling framework (SOMF) provides a common modeling notation to address alignment between business and IT organizations. Which of the following principles does the SOMF concentrate on? Each correct answer represents a part of the solution. Choose all that apply.

Options:

A.

Disaster recovery planning

B.

SOA value proposition

C.

Software assets reuse

D.

Architectural components abstraction

E.

Business traceability

Buy Now
Questions 5

The IPSec protocol is configured in an organization's network in order to maintain a complete infrastructure for secured network communications. IPSec uses four components for this. Which of the following components reduces the size of data transmitted over congested network connections and increases the speed of such networks without losing data?

Options:

A.

AH

B.

ESP

C.

IPcomp

D.

IKE

Buy Now
Questions 6

Which of the following is the duration of time and a service level within which a business process must be restored after a disaster in order to avoid unacceptable consequences associated with a break in business continuity?

Options:

A.

RCO

B.

RTO

C.

RPO

D.

RTA

Buy Now
Questions 7

You work as a technician for Trade Well Inc. The company is in the business of share trading. To enhance security, the company wants users to provide a third key (apart from ID and password) to access the company's Web site. Which of the following technologies will you implement to accomplish the task?

Options:

A.

Smart cards

B.

Key fobs

C.

VPN

D.

Biometrics

Buy Now
Questions 8

You have been assigned the task of selecting a hash algorithm. The algorithm will be specifically used to ensure the integrity of certain sensitive files. It must use a 128 bit hash value. Which of the following should you use?

Options:

A.

AES

B.

SHA

C.

MD5

D.

DES

Buy Now
Questions 9

Which of the following protocols multicasts messages and information among all member devices in an IP multicast group?

Options:

A.

ARP

B.

ICMP

C.

TCP

D.

IGMP

Buy Now
Questions 10

Adam works as a Security Analyst for Umbrella Inc. CEO of the company ordered him to implement two-factor authentication for the employees to access their networks. He has told him that he would like to use some type of hardware device in tandem with a security or identifying pin number. Adam decides to implement smart cards but they are not cost effective. Which of the following types of hardware devices will Adam use to implement two-factor authentication?

Options:

A.

Biometric device

B.

One Time Password

C.

Proximity cards

D.

Security token

Buy Now
Questions 11

Which of the following types of halon is found in portable extinguishers and is stored as a liquid?

Options:

A.

Halon-f

B.

Halon 1301

C.

Halon 11

D.

Halon 1211

Buy Now
Questions 12

Which of the following tenets does the CIA triad provide for which security practices are measured? Each correct answer represents a part of the solution. Choose all that apply.

Options:

A.

Integrity

B.

Accountability

C.

Availability

D.

Confidentiality

Buy Now
Questions 13

Which of the following protocols provides connectionless integrity and data origin authentication of IP packets?

Options:

A.

ESP

B.

AH

C.

IKE

D.

ISAKMP

Buy Now
Questions 14

A network is configured on a Bus topology. Which of the following conditions could cause a network failure? Each correct answer represents a complete solution. Choose all that apply.

Options:

A.

A break in a network cable

B.

75 ohm terminators at open ends

C.

A powered off workstation

D.

An open-ended cable without terminators

Buy Now
Questions 15

John used to work as a Network Administrator for We-are-secure Inc. Now he has resigned from the company for personal reasons. He wants to send out some secret information of the company. To do so, he takes an image file and simply uses a tool image hide and embeds the secret file within an image file of the famous actress, Jennifer Lopez, and sends it to his Yahoo mail id. Since he is using the image file to send the data, the mail server of his company is unable to filter this mail. Which of the following techniques is he performing to accomplish his task?

Options:

A.

Email spoofing

B.

Social engineering

C.

Web ripping

D.

Steganography

Buy Now
Questions 16

You work as a Network Administrator for Net Soft Inc. You are designing a data backup plan for your company's network. The backup policy of the company requires high security and easy recovery of data. Which of the following options will you choose to accomplish this?

Options:

A.

Take a full backup daily and use six-tape rotation.

B.

Take a full backup on Monday and a differential backup on each of the following weekdays. Keep Monday's backup offsite.

C.

Take a full backup daily with the previous night's tape taken offsite.

D.

Take a full backup on alternate days and keep rotating the tapes.

E.

Take a full backup on Monday and an incremental backup on each of the following weekdays. Keep Monday's backup offsite.

F.

Take a full backup daily with one tape taken offsite weekly.

Buy Now
Questions 17

In which of the following access control models, owner of an object decides who is allowed to access the object and what privileges they have?

Options:

A.

Access Control List (ACL)

B.

Mandatory Access Control (MAC)

C.

Role Based Access Control (RBAC)

D.

Discretionary Access Control (DAC)

Buy Now
Questions 18

In software development, which of the following analysis is used to document the services and functions that have been accidentally left out, deliberately eliminated or still need to be developed?

Options:

A.

Gap analysis

B.

Requirement analysis

C.

Cost-benefit analysis

D.

Vulnerability analysis

Buy Now
Questions 19

Which of the following algorithms is found to be suitable for both digital signature and encryption?

Options:

A.

SHA-1

B.

MD5

C.

AES

D.

RSA

Buy Now
Questions 20

Which of the following methods for identifying appropriate BIA interviewees' includes examining the organizational chart of the enterprise to understand the functional positions?

Options:

A.

Executive management interviews

B.

Overlaying system technology

C.

Organizational chart reviews

D.

Organizational process models

Buy Now
Questions 21

The security controls that are implemented to manage physical security are divided in various groups. Which of the following services are offered by the administrative physical security control group? Each correct answer represents a part of the solution. Choose all that apply.

Options:

A.

Construction and selection

B.

Site management

C.

Awareness training

D.

Access control

E.

Intrusion detection

F.

Personnel control

Buy Now
Questions 22

Which of the following is the technology of indoor or automotive environmental comfort?

Options:

A.

HIPS

B.

HVAC

C.

NIPS

D.

CCTV

Buy Now
Questions 23

Single Loss Expectancy (SLE) represents an organization's loss from a single threat. Which of the following formulas best describes the Single Loss Expectancy (SLE)?

Options:

A.

SLE = Asset Value (AV) * Exposure Factor (EF)

B.

SLE = Asset Value (AV) * Annualized Rate of Occurrence (ARO)

C.

SLE = Annualized Loss Expectancy (ALE) * Annualized Rate of Occurrence (ARO)

D.

SLE = Annualized Loss Expectancy (ALE) * Exposure Factor (EF)

Buy Now
Questions 24

Which of the following components come under the network layer of the OSI model? Each correct answer represents a complete solution. Choose two.

Options:

A.

Routers

B.

MAC addresses

C.

Firewalls

D.

Hub

Buy Now
Questions 25

Which of the following protocols provides certificate-based authentication for virtual private networks (VPNs)?

Options:

A.

PPTP

B.

SMTP

C.

HTTPS

D.

L2TP

Buy Now
Questions 26

Which of the following is a network service that stores and organizes information about a network users and network resources and that allows administrators to manage users' access to the resources?

Options:

A.

SMTP service

B.

Terminal service

C.

Directory service

D.

DFS service

Buy Now
Questions 27

The service-oriented modeling framework (SOMF) introduces five major life cycle modeling activities that drive a service evolution during design-time and run-time. Which of the following activities integrates SOA software assets and establishes SOA logical environment dependencies?

Options:

A.

Service-oriented business integration modeling

B.

Service-oriented logical design modeling

C.

Service-oriented discovery and analysis modeling

D.

Service-oriented logical architecture modeling

Buy Now
Questions 28

You are responsible for security at a defense contracting firm. You are evaluating various possible encryption algorithms to use. One of the algorithms you are examining is not integer based, uses shorter keys, and is public key based. What type of algorithm is this?

Options:

A.

Symmetric

B.

None - all encryptions are integer based.

C.

Elliptic Curve

D.

RSA

Buy Now
Questions 29

Which of the following encryption modes has the property to allow many error correcting codes to function normally even when applied before encryption?

Options:

A.

OFB mode

B.

CFB mode

C.

CBC mode

D.

PCBC mode

Buy Now
Questions 30

Which of the following encryption methods comes under symmetric encryption algorithm? Each correct answer represents a complete solution. Choose three.

Options:

A.

DES

B.

Blowfish

C.

RC5

D.

Diffie-Hellman

Buy Now
Questions 31

Which of the following is an entry in an object's discretionary access control list (DACL) that grants permissions to a user or group?

Options:

A.

Access control entry (ACE)

B.

Discretionary access control entry (DACE)

C.

Access control list (ACL)

D.

Security Identifier (SID)

Buy Now
Questions 32

Which of the following encryption algorithms is used by the Clipper chip, which supports the escrowed encryption standard?

Options:

A.

Skipjack

B.

Blowfish

C.

AES

D.

IDEA

Buy Now
Questions 33

Perfect World Inc., provides its sales managers access to the company's network from remote locations. The sales managers use laptops to connect to the network. For security purposes, the company's management wants the sales managers to log on to the network using smart cards over a remote connection. Which of the following authentication protocols should be used to accomplish this?

Options:

A.

Challenge Handshake Authentication Protocol (CHAP)

B.

Microsoft Challenge Handshake Authentication Protocol (MS-CHAP)

C.

Open Shortest Path First (OSPF)

D.

Extensible Authentication Protocol (EAP)

Buy Now
Questions 34

Which of the following are the initial steps required to perform a risk analysis process? Each correct answer represents a part of the solution. Choose three.

Options:

A.

Estimate the potential losses to assets by determining their value.

B.

Establish the threats likelihood and regularity.

C.

Valuations of the critical assets in hard costs.

D.

Evaluate potential threats to the assets.

Buy Now
Questions 35

In which of the following alternative processing sites is the backup facility maintained in a constant order, with a full complement of servers, workstations, and communication links ready to assume the primary operations responsibility? A. Hot Site B. Mobile Site C. Warm Site D. Cold Site

Options:

Buy Now
Status:
Expired
Exam Code: CISSP-ISSAP
Exam Name: ISSAP Information Systems Security Architecture Professional
Last Update: Apr 21, 2023
Questions: 237
$64  $159.99
$48  $119.99
$40  $99.99
buy now CISSP-ISSAP