ISC issap practice test

Information Systems Security Architecture Professional Exam

Last exam update: Dec 15 ,2024
Page 1 out of 16. Viewing questions 1-15 out of 242

Question 1

The OSI reference model is divided into layers and each layer has a specific task to perform. At which
layer of OSI model is the File and Print service performed?

  • A. Session layer
  • B. Presentation layer
  • C. Transport layer
  • D. Application layer
Answer:

D


Explanation: The File and Print service is performed at the application layer. This layer also provides a
variety of commonly required functions:
Resource sharing and device redirection
Remote file access
Remote printer access
Inter-process communication
Network management
Directory services
Electronic messaging (such as mail)
Network virtual terminals

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 2

Which of the following methods of encryption uses a single key to encrypt and decrypt data?

  • A. Asymmetric
  • B. Symmetric
  • C. S/MIME
  • D. PGP
Answer:

B


Explanation: Symmetric encryption is a type of encryption that uses a single key to encrypt and
decrypt data. Symmetric encryption algorithms are faster
than public key encryption. Therefore, it is commonly used when a message sender needs to encrypt
a large amount of data. Data Encryption
Standard (DES) uses symmetric encryption key algorithm to encrypt data.
Answer option A is incorrect. Asymmetric encryption is a type of encryption that uses two keys - a
public key and a private key pair for data
encryption. The public key is available to everyone, while the private or secret key is available only to
the recipient of the message. For
example, when a user sends a message or data to another user, the sender uses a public key to
encrypt the data. The receiver uses his
private key to decrypt the data.
Answer options C and D are incorrect. Secure Multipart Internet Mail Extensions (S/MIME) and
Pretty Good Privacy (PGP) are types of
asymmetric encryption. Both are based on public key cryptography where each user has two keys, a
public key for encrypting and a private
key for decrypting messages.

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 3

Which of the following security architectures defines how to integrate widely disparate applications
for a world that is Web-based and uses
multiple implementation platforms?

  • A. Sherwood Applied Business Security Architecture
  • B. Service-oriented modeling and architecture
  • C. Enterprise architecture
  • D. Service-oriented architecture
Answer:

D


Explanation: In computing, a service-oriented architecture (SOA) is a flexible set of design principles
used during the phases of systems development and
integration. A deployed SOA-based architecture will provide a loosely-integrated suite of services
that can be used within multiple business
domains.
SOA also generally provides a way for consumers of services, such as web-based applications, to be
aware of available SOA-based services.
For example, several disparate departments within a company may develop and deploy SOA services
in different implementation languages;
their respective clients will benefit from a well understood, well defined interface to access them.
XML is commonly used for interfacing with
SOA services, though this is not required.
SOA defines how to integrate widely disparate applications for a world that is Web-based and uses
multiple implementation platforms. Rather
than defining an API, SOA defines the interface in terms of protocols and functionality. An endpoint is
the entry point for such an SOA
implementation.

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 4

You are responsible for security at a building that has a lot of traffic. There are even a significant
number of non-employees coming in and out of the building. You are concerned about being able to
find out who is in the building at a particular time. What is the simplest way to accomplish this?

  • A. Implement a sign in sheet at the main entrance and route all traffic through there.
  • B. Have all people entering the building use smart cards for access.
  • C. Implement biometric access.
  • D. Implement cameras at all entrances.
Answer:

A


Explanation: A sign in sheet is very cost effective and can be implemented immediately. Put at a
receptionist's desk, it adds almost no cost yet allows you
to find out who is in the building at a given time.
Answer option B is incorrect. To begin with this solution would entail significant costs. Furthermore,
it would be difficult to implement for non-
employees entering the building.
Answer option D is incorrect. This might work well, but would not be the simplest way to accomplish
the goal. It also would be moderately
expensive.
Answer option C is incorrect. This would be neither simple, nor cost effective. And it would be
difficult to coordinate with the non employees
entering the building.

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 5

The service-oriented modeling framework (SOMF) introduces five major life cycle modeling activities
that drive a service evolution during design-time and run-time. Which of the following activities
integrates SOA software assets and establishes SOA logical environment dependencies?

  • A. Service-oriented business integration modeling
  • B. Service-oriented logical design modeling
  • C. Service-oriented discovery and analysis modeling
  • D. Service-oriented logical architecture modeling
Answer:

D


Explanation: The service-oriented logical architecture modeling integrates SOA software assets and
establishes SOA logical environment dependencies. It
also offers foster service reuse, loose coupling and consolidation.
Answer option C is incorrect. The service-oriented discovery and analysis modeling discovers and
analyzes services for granularity, reusability,
interoperability, loose-coupling, and identifies consolidation opportunities.
Answer option A is incorrect. The service-oriented business integration modeling identifies service
integration and alignment opportunities
with business domains' processes.
Answer option B is incorrect. The service-oriented logical design modeling establishes service
relationships and message exchange paths.

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 6

You work as a Network Administrator for NetTech Inc. The company's network is connected to the
Internet. For security, you want to restrict unauthorized access to the network with minimum
administrative effort. You want to implement a hardware-based solution. What will you do
to accomplish this?

  • A. Connect a brouter to the network.
  • B. Implement a proxy server on the network.
  • C. Connect a router to the network.
  • D. Implement firewall on the network.
Answer:

D


Explanation: Firewall is available both as software and hardware. You can implement hardware-based
firewall for security with minimum administrative
effort.
Firewall is used to protect an internal network or intranet against unauthorized access from the
Internet or other networks. It restricts
inbound and outbound access and can analyze all traffic between an internal network and the
Internet. Users can configure a firewall to pass
or block packets from specific IP addresses and ports.
Answer option B is incorrect. A firewall is also in-built within a proxy server. Although implementing
a proxy server on the network will
implement the firewall automatically, it will be a software-based solution.
Answer option A is incorrect. A brouter is a combination of a bridge and a router. It is used to
connect dissimilar network segments, and it
routes only a specific transport protocol such as TCP/IP. A brouter also works as a bridge for all types
of packets, passing them on as long as
they are not local to the LAN segment from which they have originated.
Answer option C is incorrect. Router is a device that routes data packets between computers in
different networks. It is used to connect
multiple networks, and it determines the path to be taken by each data packet to its destination
computer. Router maintains a routing table of
the available routes and their conditions. By using this information, along with distance and cost
algorithms, the router determines the best
path to be taken by the data packets to the destination computer. A router can connect dissimilar
networks, such as Ethernet, FDDI, and
Token Ring, and route data packets among them. Routers operate at the network layer (layer 3) of
the Open Systems Interconnection (OSI)
model.

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 7

Which of the following algorithms can be used to check the integrity of a file?
Each correct answer represents a complete solution. Choose two.

  • A. md5
  • B. rsa
  • C. blowfish
  • D. sha
Answer:

A and D


Explanation: Any hashing algorithm can be used to get whether any changes have occurred in a file
or not. In this process, hashing algorithm calculates
the hash value of the file specified and a sender sends hash value also with file. Now, a receiver
recalculates the hash value of the file and
matches whether both the hashes are same or not. Since, md5 and sha are the hashing algorithms;
these can be used to check the integrity
of a file.
Answer option B is incorrect. RSA is not a hashing algorithm and it is not used to check the integrity
of a file.
Answer option C is incorrect. Blowfish is not a hashing algorithm and it is not used to check the
integrity of a file.

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 8

Which of the following is a form of gate that allows one person to pass at a time?

  • A. Biometric
  • B. Man-trap
  • C. Turnstile
  • D. Fence
Answer:

C


Explanation: A turnstile is also called a baffle gate. It is a form of gate that allows one person to pass
at a time. Turnstile can also be made so as to
enforce one-way traffic of people, and in addition, it can restrict passage only to people who insert a
coin, a ticket, a pass, or similar. Thus, a
turnstile can be used in the case of paid access.
Answer option D is incorrect. A fence is a perimeter-defining device. It differentiates between those
locations that are under some specified
security protection and those that are not under any security protection. Fencing contains various
components, materials, and construction
methods. It also includes stripes painted on the ground, barbed wires, chain link fences, concrete
walls, and some invisible perimeters in
which laser, motion, and heat detectors are used.
Answer option A is incorrect. Biometrics is a method of authentication that uses physical
characteristics, such as fingerprints, scars, retinal
patterns, and other forms of biophysical qualities to identify a user. Nowadays, the usage of
biometric devices such as hand scanners and
retinal scanners is becoming more common in the business environment.
Answer option B is incorrect. A man-trap in modern physical security protocols refers to a small
space having two sets of interlocking doors
such that the first set of doors must close before the second set opens. Identification may be
required for each door, and possibly different
measures for each door. For example, a key may open the first door, but a personal identification
number entered on a number pad opens the
second. Other methods of opening doors include proximity cards or biometric devices such as
fingerprint readers or iris recognition scans.
"Man-traps" may be configured so that when an alarm is activated, all doors lock and trap the
suspect between the doors in the "dead-space"
or lock just one door to deny access to a secure space such as a data center or research lab.

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 9

Which of the following authentication protocols sends a user certificate inside an encrypted tunnel?

  • A. PEAP
  • B. EAP-TLS
  • C. WEP
  • D. EAP-FAST
Answer:

B


Explanation: The EAP-TLS authentication protocol uses a certificate on both the authentication server
and the user. EAP-TLS first generates client and
server key pairs, and then the keys are signed by a CA (Certificate Authority) server. EAP-TLS sends a
user certificate inside an encrypted
tunnel.
Answer option D is incorrect. No certificate is required while a user uses the EAP-FAST
authentication protocol. EAP-FAST uses PAC (Protected
Access Credential) for a secure communication.
Answer option A is incorrect. PEAP uses only a server-side certificate. The server-side certificate
creates an encrypted tunnel and then
authentication occurs inside the tunnel.
Answer option C is incorrect. In WEP authentication, an administrator cannot authenticate any user;
he only verifies that the user has a key.

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 10

Which of the following are types of access control attacks?
Each correct answer represents a complete solution. Choose all that apply.

  • A. Dictionary attack
  • B. Mail bombing
  • C. Spoofing
  • D. Brute force attack
Answer:

C, D, and B


Explanation: The following are types of access control attacks :
1.Spoofing
2.Brute force attack
3.Dictionary attack
4.Denial of service attack

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 11

Which of the following techniques can be used by an administrator while working with the
symmetric encryption cryptography?
Each correct answer represents a complete solution. Choose all that apply.

  • A. Block cipher
  • B. Stream cipher
  • C. Transposition cipher
  • D. Message Authentication Code
Answer:

A, B, and D


Explanation: An administrator can use the following techniques while working with the symmetric
encryption cryptography:
1.Block cipher: A block cipher is a symmetric key cipher which operates on fixed-length groups of
bits, termed blocks, with an unvarying
transformation. A block cipher encryption algorithm might take a 128-bit block of plaintext as input,
and output a corresponding 128-bit
block of ciphertext. The exact transformation is controlled using a second input the secret key.
Decryption is similar to the encryption
process. The decryption algorithm takes a 128-bit block of ciphertext together with the secret key,
and gives up the original 128-bit
block of plaintext.
2.Stream cipher: A stream cipher is a symmetric key cipher where plaintext bits are combined with a
pseudorandom cipher bit stream,
typically by an exclusive-or (xor) operation. In a stream cipher the plaintext digits are encrypted one
at a time, and the transformation
of successive digits varies during the encryption. It is also called a state cipher because the
encryption of each digit depends on the
current state. In practice, the digits are typically single bits or bytes. Stream ciphers typically execute
at a higher speed than block
ciphers and have lower hardware complexity.
3.Message Authentication Code (MAC): Message authentication code (MAC) is a mechanism that
applies an authentication scheme and
a secret key to a message, so that the message can only be verified by the intended recipient. It
provides integrity checks based on the
secret key. Typically, message authentication codes are used between two parties that share a secret
key to authenticate information
transmitted between them.
Answer option C is incorrect. Transposition cipher cannot be used with the symmetric encryption
cryptography.

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 12

Which of the following types of ciphers operates on a group of bits rather than an individual
character or bit of a message?

  • A. Block cipher
  • B. Classical cipher
  • C. Substitution cipher
  • D. Stream cipher
Answer:

A


Explanation: Block cipher is a symmetric key cipher that operates on fixed-length blocks (groups of
bits) with an unvarying transformation. During the
encryption process, a block cipher might take an n bit block of plaintext as input, and output a
corresponding n bit block of the ciphertext. The
exact transformation is controlled using a secret key. While decrypting, the decryption algorithm
takes the n bit block of the ciphertext
together with the secret key, and yields the original n bit block of the plaintext.
Answer options B, C, and D are incorrect. All these three types of ciphers operate on an individual
character or bit of a message.

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 13

Which of the following plans is a comprehensive statement of consistent actions to be taken before,
during, and after a disruptive event that causes a significant loss of information systems resources?

  • A. Disaster recovery plan
  • B. Contingency plan
  • C. Business Continuity plan
  • D. Continuity of Operations plan
Answer:

A


Explanation: A disaster recovery plan is a complete statement of reliable actions to be taken before,
during, and after a disruptive event that causes a
considerable loss of information systems resources. The chief objective of a disaster recovery plan is
to provide an organized way to make
decisions if a disruptive event occurs.
Disaster recovery planning is a subset of a larger process known as business continuity planning and
should include planning for resumption
of applications, data, hardware, communications (such as networking), and other IT infrastructure. A
business continuity plan (BCP) includes
planning for non-IT related aspects such as key personnel, facilities, crisis communication, and
reputation protection, and should refer to the
disaster recovery plan (DRP) for IT-related infrastructure recovery/continuity.
Answer option C is incorrect. Business Continuity Planning (BCP) is the creation and validation of a
practiced logistical plan for how an
organization will recover and restore partially or completely interrupted critical (urgent) functions
within a predetermined time after a disaster
or extended disruption. The logistical plan is called a business continuity plan.
Answer option D is incorrect. The Continuity Of Operation Plan (COOP) refers to the preparations
and institutions maintained by the United
States government, providing survival of federal government operations in the case of catastrophic
events. It provides procedures and
capabilities to sustain an organization's essential. COOP is the procedure documented to ensure
persistent critical operations throughout any
period where normal operations are unattainable.
Answer option B is incorrect. A contingency plan is a plan devised for a specific situation when things
could go wrong. Contingency plans are
often devised by governments or businesses who want to be prepared for anything that could
happen. Contingency plans include specific
strategies and actions to deal with specific variances to assumptions resulting in a particular
problem, emergency, or state of affairs. They also
include a monitoring process and "triggers" for initiating planned actions. They are required to help
governments, businesses, or individuals to
recover from serious incidents in the minimum time with minimum cost and disruption.

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 14

Which of the following ports must be opened on the firewall for the VPN connection using Point-to-
Point Tunneling Protocol (PPTP)?

  • A. TCP port 110
  • B. TCP port 443
  • C. TCP port 5060
  • D. TCP port 1723
Answer:

D


Explanation: The TCP port 1723 must be opened on the firewall for the Virtual Private Network (VPN)
connection using Point-to-Point Tunneling Protocol
(PPTP) .
Point-to-Point Tunneling Protocol (PPTP) is a remote access protocol. It is an extension of the Point-
to-Point Protocol (PPP). PPTP is used to
securely connect to a private network by a remote client using a public data network, such as the
Internet. Virtual private networks (VPNs)
use the tunneling protocol to enable remote users to access corporate networks securely across the
Internet. PPTP supports encapsulation of
encrypted packets in secure wrappers that can be transmitted over a TCP/IP connection.
Answer option B is incorrect. Secure Sockets Layer (SSL) uses TCP port 443 as the default port.
Answer option C is incorrect. TCP/UDP port 5060 is used for the Session Initiation Protocol (SIP).
Answer option A is incorrect. TCP port 110 is the default port for POP3.

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 15

You work as an Incident handling manager for a company. The public relations process of the
company includes an event that responds to the e-mails queries. But since few days, it is identified
that this process is providing a way to spammers to perform different types of e-mail attacks. Which
of the following phases of the Incident handling process will now be involved in resolving this
process and find a solution?
Each correct answer represents a part of the solution. Choose all that apply.

  • A. Identification
  • B. Eradication
  • C. Recovery
  • D. Contamination
  • E. Preparation
Answer:

D, C, and B


Explanation: The contamination phase should be followed to block the spamming attacks any further.
The Containment phase of the Incident handling
process is responsible for supporting and building up the incident combating process. It ensures the
stability of the system and also confirms
that the incident does not get any worse. The Containment phase includes the process of preventing
further contamination of the system or
network, and preserving the evidence of the contamination.
The loss done to the system due to spamming is recovered using the recovery phase. The Recovery
phase of the Incident handling process is
the stage at which the enterprise or the system is settled back to its balanced production state. It
involves the quality assurance tests and
re-evaluation of the system for the purpose of the system revival or recovery.
The Eradication phase of the Incident handling process involves the cleaning-up of the identified
harmful incidents from the system. It includes
the analyzing of the information that has been gathered for determining how the attack was
committed. To prevent the incident from
happening again, it is vital to recognize how it was conceded out so that a prevention technique is
applied.

User Votes:
A
50%
B
50%
C
50%
D
50%
E
50%
Discussions
vote your answer:
A
B
C
D
E
0 / 1000
To page 2