CISSP-ISSAP Practice Questions
244 real CISSP-ISSAP exam questions with expert-verified answers and explanations. Page 3 of 5.
- Question #102Identity and Access Management (IAM) Architecture
An access control secures the confidentiality, integrity, and availability of the information and data of an organization. In which of the following categories can you deploy the a...
Access Control CategoriesPreventive ControlsDetective ControlsCorrective Controls - Question #103Identity and Access Management (IAM) Architecture
You are the Network Administrator for a bank. In addition to the usual security issues, you are concerned that your customers could be the victim of phishing attacks that use fake...
Mutual authenticationPhishing protectionWeb securityIdentity verification - Question #104Infrastructure Security
You are responsible for security at a defense contracting firm. You are evaluating various possible encryption algorithms to use. One of the algorithms you are examining is not int...
Elliptic Curve CryptographyPublic Key CryptographyEncryption AlgorithmsCryptographic Characteristics - Question #105Architect for Governance, Risk, and Compliance
Single Loss Expectancy (SLE) represents an organization's loss from a single threat. Which of the following formulas best describes the Single Loss Expectancy (SLE)?
Risk ManagementQuantitative Risk AnalysisSingle Loss Expectancy (SLE)Risk Formulas - Question #106Architect for Governance, Risk, and Compliance
Which of the following are man-made threats that an organization faces? Each correct answer represents a complete solution. Choose three.
ThreatsRisk IdentificationMan-made ThreatsOperational Security - Question #107Architect for Governance, Risk, and Compliance
Which of the following methods for identifying appropriate BIA interviewees' includes examining the organizational chart of the enterprise to understand the functional positions?
Business Impact AnalysisInterviewee IdentificationOrganizational Chart ReviewRisk Management - Question #108Architect for Governance, Risk, and Compliance
Which of the following describes the acceptable amount of data loss measured in time?
RPOBusiness ContinuityDisaster RecoveryRecovery Objectives - Question #109Identity and Access Management (IAM) Architecture
In which of the following access control models, owner of an object decides who is allowed to access the object and what privileges they have?
Access Control ModelsDiscretionary Access ControlDACObject Ownership - Question #110Infrastructure Security
Which of the following is the process of finding weaknesses in cryptographic algorithms and obtaining the plaintext or key from the ciphertext?
CryptanalysisCryptographyAlgorithmic weaknessKey recovery - Question #111Infrastructure Security
Which of the following encryption algorithms is used by the Clipper chip, which supports the escrowed encryption standard?
SkipjackClipper chipEscrowed Encryption StandardEncryption algorithms - Question #112Infrastructure Security
Which of the following statements about Network Address Translation (NAT) are true? Each correct answer represents a complete solution. Choose three.
Network Address Translation (NAT)IP addressingNetwork connectivityInfrastructure security - Question #113Identity and Access Management (IAM) Architecture
An organization has implemented a hierarchical-based concept of privilege management in which administrators have full access, HR managers have less permission than the administrat...
Role-based access controlRBACPrivilege managementAccess control models - Question #114Security Operations Architecture
Which of the following Incident handling process phases is responsible for defining rules, collaborating human workforce, creating a back-up plan, and testing the plans for an ente...
Incident ResponseIncident Handling ProcessPreparation PhaseSecurity Operations - Question #115Identity and Access Management (IAM) Architecture
Which of the following is an entry in an object's discretionary access control list (DACL) that grants permissions to a user or group?
Access ControlDACLACEPermissions - Question #116Identity and Access Management (IAM) Architecture
Access control systems enable an authority to control access to areas and resources in a given physical facility or computer-based information system. Which of the following servic...
Access ControlAuthorizationIAMSecurity Services - Question #117Infrastructure Security
You work as a Security Manager for Tech Perfect Inc. The management tells you to implement a hashing method in the organization that can resist forgery and is not open to the man-i...
HashingMessage Authentication CodeData IntegrityData Authenticity - Question #118Infrastructure Security
You work as a Network Administrator for company Inc. The company has deployed an ASA at the network perimeter. Which of the following types of firewall will you use to create two d...
Firewall typesProxy firewallNetwork perimeter securityApplication layer gateway - Question #119Infrastructure Security
You are the Security Administrator for a consulting firm. One of your clients needs to encrypt traffic. However, he has specific requirements for the encryption algorithm. It must...
CryptographySymmetric EncryptionBlock CiphersEncryption Algorithms - Question #120Identity and Access Management (IAM) Architecture
You work as an administrator for Techraft Inc. Employees of your company create 'products', which are supposed to be given different levels of access. You need to configure a secur...
Access Control ModelsDiscretionary Access Control (DAC)Identity and Access ManagementResource Ownership - Question #121Identity and Access Management (IAM) Architecture
Which of the following decides access control on an object in the mandatory access control (MAC) environment?
Mandatory Access Control (MAC)Sensitivity LabelsAccess Control ModelsAccess Control - Question #122Infrastructure Security
Which of the following protocols should a Chief Security Officer configure in the network of his company to protect sessionless datagram protocols?
Network Security ProtocolsKey ManagementIPsecDatagram Security - Question #123Infrastructure Security
Which of the following protocols supports encapsulation of encrypted packets in secure wrappers that can be transmitted over a TCP/IP connection?
VPN ProtocolsEncapsulationNetwork Security - Question #124Infrastructure Security
You work as a remote support technician. A user named Rick calls you for support. Rick wants to connect his LAN connection to the Internet. Which of the following devices will you...
Network devicesInternet connectivityRouter functionalityLAN/WAN - Question #125Infrastructure Security
Which of the following user authentications are supported by the SSH-1 protocol but not by the SSH-2 protocol? Each correct answer represents a complete solution. Choose all that a...
SSH ProtocolsAuthentication MethodsProtocol EvolutionSecure Communication - Question #126Infrastructure Security
Fill in the blank with the appropriate encryption system. The ______ encryption system is an asymmetric key encryption algorithm for the public-key cryptography, which is based on...
ElGamalAsymmetric EncryptionDiffie-HellmanPublic-Key Cryptography - Question #127Security Operations Architecture
You are the Network Administrator for a large corporate network. You want to monitor all network traffic on your local network for suspicious activities and receive a notification...
Network Intrusion DetectionThreat DetectionSecurity MonitoringAttack Notification - Question #128Infrastructure Security
You work as a Network Administrator for McRoberts Inc. You are expanding your company's network. After you have implemented the network, you test the connectivity to a remote host...
OSI ModelICMPNetwork ConnectivityPacket Flow - Question #129Infrastructure Security
In which of the following Person-to-Person social engineering attacks does an attacker pretend to be an outside contractor, delivery person, etc., in order to gain physical access...
Social engineeringImpersonationPhysical securityAttack vectors - Question #130Infrastructure Security
You work as a Chief Security Officer for Tech Perfect Inc. The company has an internal room without any window and is totally in darkness. For security reasons, you want to place a...
Physical Security ControlsIntrusion DetectionEnvironmental Security - Question #131Infrastructure Security
John works as an Ethical Hacker for company Inc. He wants to find out the ports that are open in company's server using a port scanner. However, he does not want to establish a ful...
Port ScanningTCP SYN ScanNetwork ReconnaissanceStealth Scanning - Question #132Architect for Application Security
Which of the following layers of the OSI model provides non-repudiation services?
OSI ModelNon-RepudiationApplication LayerNetwork Security Services - Question #133Infrastructure Security
You work as a Network Administrator for McNeil Inc. The company has a TCP/IP-based network. Performance of the network is slow because of heavy traffic. A hub is used as a central...
Network infrastructureNetworking devicesTraffic managementPerformance optimization - Question #134Infrastructure Security
Which of the following categories of access controls is deployed in the organization to prevent all direct contacts with systems?
Physical Access ControlAccess Control TypesInfrastructure Security - Question #135Infrastructure Security
Which of the following is an infrastructure system that allows the secure exchange of data over an unsecured network?
PKICryptographic systemsSecure communicationInfrastructure security - Question #136Infrastructure Security
Which of the following algorithms is found to be suitable for both digital signature and encryption?
CryptographyAsymmetric EncryptionDigital SignaturesRSA - Question #137Infrastructure Security
Which of the following is responsible for maintaining certificates in a public key infrastructure (PKI)?
PKICertificatesCertification Authority - Question #138Identity and Access Management (IAM) Architecture
Which of the following authentication methods is based on physical appearance of a user?
Authentication methodsBiometricsPhysical authentication - Question #139Infrastructure Security
Which of the following is a correct sequence of different layers of Open System Interconnection (OSI) model?
OSI ModelNetwork LayersNetworking Fundamentals - Question #140Infrastructure Security
Which of the following are used to suppress gasoline and oil fires? Each correct answer represents a complete solution. Choose three.
Fire suppressionEmergency responsePhysical securityFlammable liquid safety - Question #141Architect for Governance, Risk, and Compliance
Fill in the blank with the appropriate phrase. The is a simple document that provides a high-level view of the entire organization's disaster recovery efforts. Answer: Executive su...
Disaster Recovery DocumentationExecutive SummaryDR Planning - Question #142Infrastructure Security
You work as a Chief Security Officer for Tech Perfect Inc. You have configured IPSec and ISAKMP protocol in the company's network in order to establish a secure communication infra...
ISAKMP ProtocolKey ManagementPeer AuthenticationNetwork Security - Question #143Security Architecture Modeling
Which of the following methods offers a number of modeling practices and disciplines that contribute to a successful service-oriented life cycle management and modeling?
Service-oriented architecture (SOA)Modeling frameworkLifecycle managementSOMF - Question #144Identity and Access Management (IAM) Architecture
The Public Key Infrastructure (PKI) is a set of hardware, software, people, policies, and procedures needed to create, manage, distribute, use, store, and revoke digital certificat...
PKIDigital CertificatesCertificate Revocation ListCertificate Management - Question #145Security Operations Architecture
You work as an Incident handling manager for a company. The public relations process of the company includes an event that responds to the e-mails queries. But since few days, it i...
Incident ResponseIncident Handling PhasesSecurity OperationsVulnerability Remediation - Question #146Infrastructure Security
Which of the following ports must be opened on the firewall for the VPN connection using Point-to- Point Tunneling Protocol (PPTP)?
VPNPPTPFirewallNetwork Ports - Question #147Infrastructure Security
Which of the following plans is a comprehensive statement of consistent actions to be taken before, during, and after a disruptive event that causes a significant loss of informati...
Disaster Recovery PlanBusiness ContinuityIT ResilienceContingency Planning - Question #148Identity and Access Management (IAM) Architecture
Perfect World Inc., provides its sales managers access to the company's network from remote locations. The sales managers use laptops to connect to the network. For security purpos...
Authentication ProtocolsSmart Card AuthenticationRemote Access SecurityExtensible Authentication Protocol (EAP) - Question #149Security Operations Architecture
You work as a CSO (Chief Security Officer) for Tech Perfect Inc. You have a disaster scenario and you want to discuss it with your team members for getting appropriate responses of...
Disaster Recovery TestingSimulation TestTabletop ExerciseBusiness Continuity - Question #150Infrastructure Security
Your customer is concerned about security. He wants to make certain no one in the outside world can see the IP addresses inside his network. What feature of a router would accompli...
NATNetwork SecurityIP AddressingPerimeter Security - Question #151Infrastructure Security
You are responsible for a Microsoft based network. Your servers are all clustered. Which of the following are the likely reasons for the clustering? Each correct answer represents...
ClusteringServer ArchitectureHigh AvailabilityOperational Efficiency