ISSAP Information Systems Security Architecture Professional v6.0 (ISSAP)

Page:    1 / 16   
Total 237 questions

You have been assigned the task of selecting a hash algorithm. The algorithm will be specifically used to ensure the integrity of certain sensitive files. It must use a 128 bit hash value. Which of the following should you use?

  • A. AES
  • B. SHA
  • C. MD5
  • D. DES


Answer : C

Which of the following are the countermeasures against a man-in-the-middle attack? Each correct answer represents a complete solution. Choose all that apply.

  • A. Using public key infrastructure authentication.
  • B. Using basic authentication.
  • C. Using Secret keys for authentication.
  • D. Using Off-channel verification.


Answer : A,C,D

Which of the following is an electrical event shows that there is enough power on the grid to prevent from a total power loss but there is no enough power to meet the current electrical demand?

  • A. Power Surge
  • B. Power Spike
  • C. Blackout
  • D. Brownout


Answer : D

Which of the following protocols is designed to efficiently handle high-speed data over wide area networks (WANs)?

  • A. PPP
  • B. X.25
  • C. Frame relay
  • D. SLIP


Answer : C

Which of the following statements best describes a certification authority?

  • A. A certification authority is a technique to authenticate digital documents by using computer cryptography.
  • B. A certification authority is a type of encryption that uses a public key and a private key pair for data encryption.
  • C. A certification authority is an entity that issues digital certificates for use by other parties.
  • D. A certification authority is a type of encryption that uses a single key to encrypt and decrypt data.


Answer : C

In which of the following alternative processing sites is the backup facility maintained in a constant order, with a full complement of servers, workstations, and communication links



Answer : A

Which of the following should the administrator ensure during the test of a disaster recovery plan?

  • A. Ensure that the plan works properly
  • B. Ensure that all the servers in the organization are shut down.
  • C. Ensure that each member of the disaster recovery team is aware of their responsibility.
  • D. Ensure that all client computers in the organization are shut down.


Answer : A,C

The service-oriented modeling framework (SOMF) provides a common modeling notation to address alignment between business and IT organizations. Which of the following principles does the SOMF concentrate on? Each correct answer represents a part of the solution. Choose all that apply.

  • A. Disaster recovery planning
  • B. SOA value proposition
  • C. Software assets reuse
  • D. Architectural components abstraction
  • E. Business traceability


Answer : B,C,D,E

You want to connect a twisted pair cable segment to a fiber-optic cable segment. Which of the following networking devices will you use to accomplish the task?

  • A. Hub
  • B. Switch
  • C. Repeater
  • D. Router


Answer : C

In your office, you are building a new wireless network that contains Windows 2003 servers. To establish a network for secure communication, you have to implement IPSec security policy on the servers. What authentication methods can you use for this implementation? Each correct answer represents a complete solution. Choose all that apply.

  • A. Public-key cryptography
  • B. Kerberos
  • C. Preshared keys
  • D. Digital certificates


Answer : B,C,D

Which of the following two components does Kerberos Key Distribution Center (KDC) consist of? Each correct answer represents a complete solution. Choose two.

  • A. Data service
  • B. Ticket-granting service
  • C. Account service
  • D. Authentication service


Answer : B,D

Kerberos is a computer network authentication protocol that allows individuals communicating over a non-secure network to prove their identity to one another in a secure manner. Which of the following statements are true about the Kerberos authentication scheme? Each correct answer represents a complete solution. Choose all that apply.

  • A. Kerberos requires continuous availability of a central server.
  • B. Dictionary and brute force attacks on the initial TGS response to a client may reveal the subject's passwords.
  • C. Kerberos builds on Asymmetric key cryptography and requires a trusted third party.
  • D. Kerberos requires the clocks of the involved hosts to be synchronized.


Answer : A,B,D

An organization is seeking to implement a hot site and wants to maintain a live database server at the backup site. Which of the following solutions will be the best for the organization?

  • A. Electronic vaulting
  • B. Remote journaling
  • C. Remote mirroring
  • D. Transaction logging


Answer : C

A helpdesk technician received a phone call from an administrator at a remote branch office. The administrator claimed to have forgotten the password for the root account on
UNIX servers and asked for it. Although the technician didn't know any administrator at the branch office, the guy sounded really friendly and since he knew the root password himself, he supplied the caller with the password. What type of attack has just occurred?

  • A. Social Engineering attack
  • B. Brute Force attack
  • C. War dialing attack
  • D. Replay attack


Answer : A

You work as a Network Administrator of a TCP/IP network. You are having DNS resolution problem. Which of the following utilities will you use to diagnose the problem?

  • A. TRACERT
  • B. PING
  • C. IPCONFIG
  • D. NSLOOKUP


Answer : D

Page:    1 / 16   
Total 237 questions