CISSP-ISSAP : Information Systems Security Architecture Professional : Part 04

CISSP-ISSAP : All Parts

CISSP-ISSAP : Information Systems Security Architecture Professional : All Parts
CISSP-ISSAP Part 01	CISSP-ISSAP Part 04	CISSP-ISSAP Part 07	CISSP-ISSAP Part 10
CISSP-ISSAP Part 02	CISSP-ISSAP Part 05	CISSP-ISSAP Part 08	CISSP-ISSAP Part 11
CISSP-ISSAP Part 03	CISSP-ISSAP Part 06	CISSP-ISSAP Part 09	CISSP-ISSAP Part 12

The service-oriented modeling framework (SOMF) introduces five major life cycle modeling activities that drive a service evolution during design-time and run-time. Which of the following activities integrates SOA software assets and establishes SOA logical environment dependencies?
- Service-oriented business integration modeling
- Service-oriented logical design modeling
- Service-oriented discovery and analysis modeling
- Service-oriented logical architecture modeling
You work as a Network Administrator for NetTech Inc. The company’s network is connected to the Internet. For security, you want to restrict unauthorized access to the network with minimum administrative effort. You want to implement a hardware-based solution. What will you do to accomplish this?
- Connect a brouter to the network.
- Implement a proxy server on the network.
- Connect a router to the network.
- Implement firewall on the network.
Which of the following security architectures defines how to integrate widely disparate applications for a world that is Web-based and uses multiple implementation platforms?
- Sherwood Applied Business Security Architecture
- Service-oriented modeling and architecture
- Enterprise architecture
- Service-oriented architecture
Which of the following cables provides maximum security against electronic eavesdropping on a network?
- Fibre optic cable
- STP cable
- UTP cable
- NTP cable
The OSI reference model is divided into layers and each layer has a specific task to perform. At which layer of OSI model is the File and Print service performed?
- Session layer
- Presentation layer
- Transport layer
- Application layer
Which of the following methods of encryption uses a single key to encrypt and decrypt data?
- Asymmetric
- Symmetric
- S/MIME
- PGP
Which of the following techniques can be used by an administrator while working with the symmetric encryption cryptography? Each correct answer represents a complete solution. Choose all that apply.
- Block cipher
- Stream cipher
- Transposition cipher
- Message Authentication Code
Which of the following types of ciphers operates on a group of bits rather than an individual character or bit of a message?
- Block cipher
- Classical cipher
- Substitution cipher
- Stream cipher
Which of the following plans is a comprehensive statement of consistent actions to be taken before, during, and after a disruptive event that causes a significant loss of information systems resources?
- Disaster recovery plan
- Contingency plan
- Business Continuity plan
- Continuity of Operations plan
Which of the following are types of access control attacks? Each correct answer represents a complete solution. Choose all that apply.
- Dictionary attack
- Mail bombing
- Spoofing
- Brute force attack
Which of the following algorithms can be used to check the integrity of a file?

158

Each correct answer represents a complete solution. Choose two.
- md5
- rsa
- blowfish
- sha
Which of the following is a form of gate that allows one person to pass at a time?
- Biometric
- Man-trap
- Turnstile
- Fence
Which of the following authentication protocols sends a user certificate inside an encrypted tunnel?
- PEAP
- EAP-TLS
- WEP
- EAP-FAST
Which of the following password authentication schemes enables a user with a domain account to log on to a network once, using a password or smart card, and to gain access to multiple computers in the domain without being prompted to log in again?
- Single Sign-On
- One-time password
- Dynamic
- Kerberos
Your company is covered under a liability insurance policy, which provides various liability coverage for information security risks, including any physical damage of assets, hacking attacks, etc. Which of the following risk management techniques is your company using?
- Risk acceptance
- Risk avoidance
- Risk transfer
- Risk mitigation
Sonya, a user, reports that she works in an electrically unstable environment where brownouts are a regular occurrence. Which of the following will you tell her to use to protect her computer?
- UPS
- Multimeter
- SMPS
- CMOS battery
Which of the following cryptographic algorithm uses public key and private key to encrypt or decrypt data ?
- Asymmetric
- Hashing
- Numeric
- Symmetric
Della works as a security manager for SoftTech Inc. She is training some of the newly recruited personnel in the field of security management. She is giving a tutorial on DRP. She explains that the major goal of a disaster recovery plan is to provide an organized way to make decisions if a disruptive event occurs and asks for the other objectives of the DRP. If you are among some of the newly recruited personnel in SoftTech Inc, what will be your answer for her question? Each correct answer represents a part of the solution. Choose three.
- Guarantee the reliability of standby systems through testing and simulation.
- Protect an organization from major computer services failure.
- Minimize the risk to the organization from delays in providing services.
- Maximize the decision-making required by personnel during a disaster.
Jasmine is creating a presentation. She wants to ensure the integrity and authenticity of the presentation. Which of the following will she use to accomplish the task?
- Mark as final
- Digital Signature
- Restrict Permission
- Encrypt Document
The security controls that are implemented to manage physical security are divided in various groups. Which of the following services are offered by the administrative physical security control group? Each correct answer represents a part of the solution. Choose all that apply.
- Construction and selection
- Site management
- Awareness training
- Access control
- Intrusion detection
- Personnel control

CISSP-ISSAP : All Parts

CISSP-ISSAP : Information Systems Security Architecture Professional : All Parts
CISSP-ISSAP Part 01	CISSP-ISSAP Part 04	CISSP-ISSAP Part 07	CISSP-ISSAP Part 10
CISSP-ISSAP Part 02	CISSP-ISSAP Part 05	CISSP-ISSAP Part 08	CISSP-ISSAP Part 11
CISSP-ISSAP Part 03	CISSP-ISSAP Part 06	CISSP-ISSAP Part 09	CISSP-ISSAP Part 12

CISSP-ISSAP : Information Systems Security Architecture Professional : Part 04

The service-oriented modeling framework (SOMF) introduces five major life cycle modeling activities that drive a service evolution during design-time and run-time. Which of the following activities integrates SOA software assets and establishes SOA logical environment dependencies?

You work as a Network Administrator for NetTech Inc. The company’s network is connected to the Internet. For security, you want to restrict unauthorized access to the network with minimum administrative effort. You want to implement a hardware-based solution. What will you do to accomplish this?

Which of the following security architectures defines how to integrate widely disparate applications for a world that is Web-based and uses multiple implementation platforms?

Which of the following cables provides maximum security against electronic eavesdropping on a network?

The OSI reference model is divided into layers and each layer has a specific task to perform. At which layer of OSI model is the File and Print service performed?

Which of the following methods of encryption uses a single key to encrypt and decrypt data?

Which of the following techniques can be used by an administrator while working with the symmetric encryption cryptography? Each correct answer represents a complete solution. Choose all that apply.

Which of the following types of ciphers operates on a group of bits rather than an individual character or bit of a message?

Which of the following plans is a comprehensive statement of consistent actions to be taken before, during, and after a disruptive event that causes a significant loss of information systems resources?

Which of the following are types of access control attacks? Each correct answer represents a complete solution. Choose all that apply.

Which of the following algorithms can be used to check the integrity of a file?

158

Each correct answer represents a complete solution. Choose two.

Which of the following is a form of gate that allows one person to pass at a time?

Which of the following authentication protocols sends a user certificate inside an encrypted tunnel?

Which of the following password authentication schemes enables a user with a domain account to log on to a network once, using a password or smart card, and to gain access to multiple computers in the domain without being prompted to log in again?

Your company is covered under a liability insurance policy, which provides various liability coverage for information security risks, including any physical damage of assets, hacking attacks, etc. Which of the following risk management techniques is your company using?

Sonya, a user, reports that she works in an electrically unstable environment where brownouts are a regular occurrence. Which of the following will you tell her to use to protect her computer?

Which of the following cryptographic algorithm uses public key and private key to encrypt or decrypt data ?

Jasmine is creating a presentation. She wants to ensure the integrity and authenticity of the presentation. Which of the following will she use to accomplish the task?

The security controls that are implemented to manage physical security are divided in various groups. Which of the following services are offered by the administrative physical security control group? Each correct answer represents a part of the solution. Choose all that apply.