CISSP-ISSAP : Information Systems Security Architecture Professional : Part 05

CISSP-ISSAP : All Parts

CISSP-ISSAP : Information Systems Security Architecture Professional : All Parts
CISSP-ISSAP Part 01	CISSP-ISSAP Part 04	CISSP-ISSAP Part 07	CISSP-ISSAP Part 10
CISSP-ISSAP Part 02	CISSP-ISSAP Part 05	CISSP-ISSAP Part 08	CISSP-ISSAP Part 11
CISSP-ISSAP Part 03	CISSP-ISSAP Part 06	CISSP-ISSAP Part 09	CISSP-ISSAP Part 12

You work as a Network Consultant. A company named Tech Perfect Inc. hires you for security reasons. The manager of the company tells you to establish connectivity between clients and servers of the network which prevents eavesdropping and tampering of data on the Internet. Which of the following will you configure on the network to perform the given task?
- WEP
- IPsec
- VPN
- SSL
You work as a CSO (Chief Security Officer) for Tech Perfect Inc. You have a disaster scenario and you want to discuss it with your team members for getting appropriate responses of the disaster. In which of the following disaster recovery tests can this task be performed?
- Full-interruption test
- Parallel test
- Simulation test
- Structured walk-through test
Perfect World Inc., provides its sales managers access to the company’s network from remote locations. The sales managers use laptops to connect to the network. For security purposes, the company’s management wants the sales managers to log on to the network using smart cards over a remote connection. Which of the following authentication protocols should be used to accomplish this?
- Challenge Handshake Authentication Protocol (CHAP)
- Microsoft Challenge Handshake Authentication Protocol (MS-CHAP)
- Open Shortest Path First (OSPF)
- Extensible Authentication Protocol (EAP)
Which of the following authentication methods provides credentials that are only valid during a single session?
- Kerberos v5
- Smart card
- Certificate
- Token
Your customer is concerned about security. He wants to make certain no one in the outside world can see the IP addresses inside his network. What feature of a router would accomplish this?
- Port forwarding
- NAT
- MAC filtering
- Firewall
Which of the following are the phases of the Certification and Accreditation (C&A) process? Each correct answer represents a complete solution. Choose two.
- Detection
- Continuous Monitoring
- Initiation
- Auditing
Which of the following is the most secure method of authentication?
- Smart card
- Anonymous
- Username and password
- Biometrics
You are responsible for a Microsoft based network. Your servers are all clustered. Which of the following are the likely reasons for the clustering? Each correct answer represents a complete solution. Choose two.
- Reduce power consumption
- Ease of maintenance
- Failover
- Load balancing
Which of the following ports must be opened on the firewall for the VPN connection using Point-to-Point Tunneling Protocol (PPTP)?
- TCP port 110
- TCP port 443
- TCP port 5060
- TCP port 1723
SIMULATION

Fill in the blank with the appropriate encryption system. The ______ encryption system is an asymmetric key encryption algorithm for the public-key cryptography, which is based on the Diffie- Hellman key agreement.
- ElGamal
Which of the following user authentications are supported by the SSH-1 protocol but not by the SSH-2 protocol? Each correct answer represents a complete solution. Choose all that apply.
- TIS authentication
- Rhosts (rsh-style) authentication
- Kerberos authentication
- Password-based authentication
You work as a remote support technician. A user named Rick calls you for support. Rick wants to connect his LAN connection to the Internet. Which of the following devices will you suggest that he use?
- Hub
- Repeater
- Bridge
- Switch
- Router
You are the Network Administrator for a large corporate network. You want to monitor all network traffic on your local network for suspicious activities and receive a notification when a possible attack is in process. Which of the following actions will you take for this?
- Install a network-based IDS
- Install a host-based IDS
- Install a DMZ firewall
- Enable verbose logging on the firewall
You work as a Chief Security Officer for Tech Perfect Inc. The company has an internal room without any window and is totally in darkness. For security reasons, you want to place a device in the room. Which of the following devices is best for that room?
- Photoelectric motion detector
- Badge
- Closed-circuit television
- Alarm
In which of the following Person-to-Person social engineering attacks does an attacker pretend to be an outside contractor, delivery person, etc., in order to gain physical access to the organization?
- In person attack
- Third-party authorization attack
- Impersonation attack
- Important user posing attack
You work as a Network Administrator for McRoberts Inc. You are expanding your company’s network. After you have implemented the network, you test the connectivity to a remote host by using the PING command. You get the ICMP echo reply message from the remote host. Which of the following layers of the OSI model are tested through this process? Each correct answer represents a complete solution. Choose all that apply.
- Layer 3
- Layer 2
- Layer 4
- Layer 1
You are the Security Administrator for a consulting firm. One of your clients needs to encrypt traffic. However, he has specific requirements for the encryption algorithm. It must be a symmetric key block cipher. Which of the following should you choose for this client?
- PGP
- SSH
- DES
- RC4
You work as a Network Administrator for company Inc. The company has deployed an ASA at the network perimeter. Which of the following types of firewall will you use to create two different communications, one between the client and the firewall, and the other between the firewall and the end server?
- Stateful firewall
- Endian firewall
- Packet filter firewall
- Proxy-based firewall
You work as a Security Manager for Tech Perfect Inc. The management tells you to implement a hashing method in the organization that can resist forgery and is not open to the man-in-the-middle attack. Which of the following methods will you use to accomplish the task?
- MD
- NTLM
- MAC
- SHA
You work as an administrator for Techraft Inc. Employees of your company create ‘products’, which are supposed to be given different levels of access. You need to configure a security policy in such a way that an employee (producer of the product) grants accessing privileges (such as read, write, or alter) for his product. Which of the following access control models will you use to accomplish this task?
- Discretionary access control (DAC)
- Role-based access control (RBAC)
- Mandatory access control (MAC)
- Access control list (ACL)

CISSP-ISSAP : All Parts

CISSP-ISSAP : Information Systems Security Architecture Professional : All Parts
CISSP-ISSAP Part 01	CISSP-ISSAP Part 04	CISSP-ISSAP Part 07	CISSP-ISSAP Part 10
CISSP-ISSAP Part 02	CISSP-ISSAP Part 05	CISSP-ISSAP Part 08	CISSP-ISSAP Part 11
CISSP-ISSAP Part 03	CISSP-ISSAP Part 06	CISSP-ISSAP Part 09	CISSP-ISSAP Part 12

CISSP-ISSAP : Information Systems Security Architecture Professional : Part 05

You work as a CSO (Chief Security Officer) for Tech Perfect Inc. You have a disaster scenario and you want to discuss it with your team members for getting appropriate responses of the disaster. In which of the following disaster recovery tests can this task be performed?

Which of the following authentication methods provides credentials that are only valid during a single session?

Your customer is concerned about security. He wants to make certain no one in the outside world can see the IP addresses inside his network. What feature of a router would accomplish this?

Which of the following are the phases of the Certification and Accreditation (C&A) process? Each correct answer represents a complete solution. Choose two.

Which of the following is the most secure method of authentication?

You are responsible for a Microsoft based network. Your servers are all clustered. Which of the following are the likely reasons for the clustering? Each correct answer represents a complete solution. Choose two.

Which of the following ports must be opened on the firewall for the VPN connection using Point-to-Point Tunneling Protocol (PPTP)?

SIMULATION

Which of the following user authentications are supported by the SSH-1 protocol but not by the SSH-2 protocol? Each correct answer represents a complete solution. Choose all that apply.

You work as a remote support technician. A user named Rick calls you for support. Rick wants to connect his LAN connection to the Internet. Which of the following devices will you suggest that he use?

You are the Network Administrator for a large corporate network. You want to monitor all network traffic on your local network for suspicious activities and receive a notification when a possible attack is in process. Which of the following actions will you take for this?

You work as a Chief Security Officer for Tech Perfect Inc. The company has an internal room without any window and is totally in darkness. For security reasons, you want to place a device in the room. Which of the following devices is best for that room?

In which of the following Person-to-Person social engineering attacks does an attacker pretend to be an outside contractor, delivery person, etc., in order to gain physical access to the organization?

You are the Security Administrator for a consulting firm. One of your clients needs to encrypt traffic. However, he has specific requirements for the encryption algorithm. It must be a symmetric key block cipher. Which of the following should you choose for this client?

You work as a Security Manager for Tech Perfect Inc. The management tells you to implement a hashing method in the organization that can resist forgery and is not open to the man-in-the-middle attack. Which of the following methods will you use to accomplish the task?