CISSP-ISSAP : Information Systems Security Architecture Professional : Part 10

CISSP-ISSAP : All Parts

CISSP-ISSAP : Information Systems Security Architecture Professional : All Parts
CISSP-ISSAP Part 01	CISSP-ISSAP Part 04	CISSP-ISSAP Part 07	CISSP-ISSAP Part 10
CISSP-ISSAP Part 02	CISSP-ISSAP Part 05	CISSP-ISSAP Part 08	CISSP-ISSAP Part 11
CISSP-ISSAP Part 03	CISSP-ISSAP Part 06	CISSP-ISSAP Part 09	CISSP-ISSAP Part 12

The OSI model is the most common networking model used in the industry. Applications, network functions, and protocols are typically referenced using one or more of the seven OSI layers. Of the following, choose the two best statements that describe the OSI layer functions. Each correct answer represents a complete solution. Choose two.
- Layers 1 and 2 deal with application functionality and data formatting. These layers reside at the top of the model.
- Layers 4 through 7 define the functionality of IP Addressing, Physical Standards, and Data Link protocols.
- Layers 5, 6, and 7 focus on the Network Application, which includes data formatting and session control.
- Layers 1, 2, 3, and 4 deal with physical connectivity, encapsulation, IP Addressing, and Error Recovery. These layers define the end-to-end functions of data delivery.
Which of the following types of ciphers are included in the historical ciphers? Each correct answer represents a complete solution. Choose two.
- Block ciphers
- Transposition ciphers
- Stream ciphers
- Substitution ciphers
You are calculating the Annualized Loss Expectancy (ALE) using the following formula: ALE=AV * EF * ARO What information does the AV (Asset Value) convey?
- It represents how many times per year a specific threat occurs.
- It represents the percentage of loss that an asset experiences if an anticipated threat occurs.
- It is expected loss for an asset due to a risk over a one year period.
- It represents the total cost of an asset, including the purchase price, recurring maintenance, expenses, and all other costs.
Which of the following security protocols provides confidentiality, integrity, and authentication of network traffic with end-to-end and intermediate-hop security?
- IPSec
- SET
- SWIPE
- SKIP
John works as a security manager for SoftTech Inc. He is working with his team on the disaster recovery management plan. One of his team members has a doubt related to the most cost effective DRP testing plan. According to you, which of the following disaster recovery testing plans is the most cost-effective and efficient way to identify areas of overlap in the plan before conducting more demanding training exercises?
- Evacuation drill
- Walk-through drill
- Structured walk-through test
- Full-scale exercise
Which of the following statements about incremental backup are true? Each correct answer represents a complete solution. Choose two.
- It is the fastest method of backing up data.
- It is the slowest method for taking a data backup.
- It backs up the entire database, including the transaction log.
- It backs up only the files changed since the most recent backup and clears the archive bit.
Which of the following firewalls inspects the actual contents of packets?
- Packet filtering firewall
- Stateful inspection firewall
- Application-level firewall
- Circuit-level firewall
SSH is a network protocol that allows data to be exchanged between two networks using a secure channel. Which of the following encryption algorithms can be used by the SSH protocol? Each correct answer represents a complete solution. Choose all that apply.
- Blowfish
- DES
- IDEA
- RC4
You work as a Network Administrator for Blue Bell Inc. The company has a TCP-based network. The company has two offices in different cities. The company wants to connect the two offices by using a public network. You decide to configure a virtual private network (VPN) between the offices. Which of the following protocols is used by VPN for tunneling?
- L2TP
- HTTPS
- SSL
- IPSec
Adam works as a Network Administrator. He discovers that the wireless AP transmits 128 bytes of plaintext, and the station responds by encrypting the plaintext. It then transmits the resulting ciphertext using the same key and cipher that are used by WEP to encrypt subsequent network traffic. Which of the following types of authentication mechanism is used here?
- Pre-shared key authentication
- Open system authentication
- Shared key authentication
- Single key authentication
Which of the following encryption algorithms are based on block ciphers?
- RC4
- Twofish
- Rijndael
- RC5
John works as a Network Administrator for NetPerfect Inc. The company has a Windows-based network. John has been assigned a project to build a network for the sales department of the company. It is important for the LAN to continue working even if there is a break in the cabling. Which of the following topologies should John use to accomplish the task?
- Star
- Mesh
- Bus
- Ring
You work as a Network Administrator for NetTech Inc. When you enter http://66.111.64.227 in the browser’s address bar, you are able to access the site. But, you are unable to access the site when you enter http://www.company.com. What is the most likely cause?
- The site’s Web server is offline.
- The site’s Web server has heavy traffic.
- WINS server has no NetBIOS name entry for the server.
- DNS entry is not available for the host name.
Which of the following are the centralized administration technologies? Each correct answer represents a complete solution. Choose all that apply.
- RADIUS
- TACACS+
- Media Access control
- Peer-to-Peer
You are advising a school district on disaster recovery plans. In case a disaster affects the main IT centers for the district they will need to be able to work from an alternate location. However, budget is an issue. Which of the following is most appropriate for this client?
- Warm site
- Cold site
- Off site
- Hot site
Which of the following schemes is used by the Kerberos authentication?
- Public key cryptography
- One time password
- Private key cryptography
- OPIE
You are implementing some security services in an organization, such as smart cards, biometrics, access control lists, firewalls, intrusion detection systems, and clipping levels. Which of the following categories of implementation of the access control includes all these security services?
- Administrative access control
- Logical access control
- Physical access control
- Preventive access control
Which of the following are used to suppress paper or wood fires? Each correct answer represents a complete solution. Choose two.
- Soda acid
- Kerosene
- Water
- CO2
Which of the following protocols work at the Network layer of the OSI model?
- Routing Information Protocol (RIP)
- File Transfer Protocol (FTP)
- Simple Network Management Protocol (SNMP)
- Internet Group Management Protocol (IGMP)
You work as a Network Administrator for Net World Inc. You are required to configure a VLAN for the company. Which of the following devices will you use to physically connect the computers in the VLAN? Each correct answer represents a complete solution. Choose two.
- Switch
- Router
- Bridge
- Hub E. Repeater

CISSP-ISSAP : All Parts

CISSP-ISSAP : Information Systems Security Architecture Professional : All Parts
CISSP-ISSAP Part 01	CISSP-ISSAP Part 04	CISSP-ISSAP Part 07	CISSP-ISSAP Part 10
CISSP-ISSAP Part 02	CISSP-ISSAP Part 05	CISSP-ISSAP Part 08	CISSP-ISSAP Part 11
CISSP-ISSAP Part 03	CISSP-ISSAP Part 06	CISSP-ISSAP Part 09	CISSP-ISSAP Part 12

CISSP-ISSAP : Information Systems Security Architecture Professional : Part 10

Which of the following types of ciphers are included in the historical ciphers? Each correct answer represents a complete solution. Choose two.

You are calculating the Annualized Loss Expectancy (ALE) using the following formula: ALE=AV * EF * ARO What information does the AV (Asset Value) convey?

Which of the following security protocols provides confidentiality, integrity, and authentication of network traffic with end-to-end and intermediate-hop security?

Which of the following statements about incremental backup are true? Each correct answer represents a complete solution. Choose two.

Which of the following firewalls inspects the actual contents of packets?

SSH is a network protocol that allows data to be exchanged between two networks using a secure channel. Which of the following encryption algorithms can be used by the SSH protocol? Each correct answer represents a complete solution. Choose all that apply.

Which of the following encryption algorithms are based on block ciphers?

You work as a Network Administrator for NetTech Inc. When you enter http://66.111.64.227 in the browser’s address bar, you are able to access the site. But, you are unable to access the site when you enter http://www.company.com. What is the most likely cause?

Which of the following are the centralized administration technologies? Each correct answer represents a complete solution. Choose all that apply.

You are advising a school district on disaster recovery plans. In case a disaster affects the main IT centers for the district they will need to be able to work from an alternate location. However, budget is an issue. Which of the following is most appropriate for this client?

Which of the following schemes is used by the Kerberos authentication?

You are implementing some security services in an organization, such as smart cards, biometrics, access control lists, firewalls, intrusion detection systems, and clipping levels. Which of the following categories of implementation of the access control includes all these security services?

Which of the following are used to suppress paper or wood fires? Each correct answer represents a complete solution. Choose two.

Which of the following protocols work at the Network layer of the OSI model?

You work as a Network Administrator for Net World Inc. You are required to configure a VLAN for the company. Which of the following devices will you use to physically connect the computers in the VLAN? Each correct answer represents a complete solution. Choose two.