CISSP-ISSAP : Information Systems Security Architecture Professional : Part 11

CISSP-ISSAP : All Parts

CISSP-ISSAP : Information Systems Security Architecture Professional : All Parts
CISSP-ISSAP Part 01	CISSP-ISSAP Part 04	CISSP-ISSAP Part 07	CISSP-ISSAP Part 10
CISSP-ISSAP Part 02	CISSP-ISSAP Part 05	CISSP-ISSAP Part 08	CISSP-ISSAP Part 11
CISSP-ISSAP Part 03	CISSP-ISSAP Part 06	CISSP-ISSAP Part 09	CISSP-ISSAP Part 12

What are the benefits of using AAA security service in a network? Each correct answer represents a part of the solution. Choose all that apply.
- It provides scalability.
- It supports a single backup system.
- It increases flexibility and control of access configuration.
- It supports RADIUS, TACACS+, and Kerberos authentication methods.
Which of the following processes identifies the threats that can impact the business continuity of operations?
- Function analysis
- Risk analysis
- Business impact analysis
- Requirement analysis
In software development, which of the following analysis is used to document the services and functions that have been accidentally left out, deliberately eliminated or still need to be developed?
- Gap analysis
- Requirement analysis
- Cost-benefit analysis
- Vulnerability analysis
In which of the following SDLC phases are the software and other components of the system faithfully incorporated into the design specifications?
- Programming and training
- Evaluation and acceptance
- Definition
- Initiation
Which of the following keys is derived from a preshared key and Extensible Authentication Protocol (EAP)?
- Pairwise Transient Key
- Group Temporal Key
- Private Key
- Pairwise Master Key
Which of the following authentication methods support mutual authentication? Each correct answer represents a complete solution. Choose two.
- MS-CHAP v2
- NTLM
- EAP-MD5
- EAP-TLS
Which of the following life cycle modeling activities establishes service relationships and message exchange paths?
- Service-oriented logical design modeling
- Service-oriented conceptual architecture modeling
- Service-oriented discovery and analysis modeling
- Service-oriented business integration modeling
You work as a Project Manager for Tech Perfect Inc. You are creating a document which emphasizes the formal study of what your organization is doing currently and where it will be in the future. Which of the following analysis will help you in accomplishing the task?
- Cost-benefit analysis
- Gap analysis
- Requirement analysis
- Vulnerability analysis
You want to connect a twisted pair cable segment to a fiber-optic cable segment. Which of the following networking devices will you use to accomplish the task?
- Hub
- Switch
- Repeater
- Router
The service-oriented modeling framework (SOMF) provides a common modeling notation to address alignment between business and IT organizations. Which of the following principles does the SOMF concentrate on? Each correct answer represents a part of the solution. Choose all that apply.
- Disaster recovery planning
- SOA value proposition
- Software assets reuse
- Architectural components abstraction
- Business traceability
Which of the following should the administrator ensure during the test of a disaster recovery plan?
- Ensure that the plan works properly
- Ensure that all the servers in the organization are shut down.
- Ensure that each member of the disaster recovery team is aware of their responsibility.
- Ensure that all client computers in the organization are shut down.
In your office, you are building a new wireless network that contains Windows 2003 servers. To establish a network for secure communication, you have to implement IPSec security policy on the servers. What authentication methods can you use for this implementation? Each correct answer represents a complete solution. Choose all that apply.
- Public-key cryptography
- Kerberos
- Preshared keys
- Digital certificates
An organization is seeking to implement a hot site and wants to maintain a live database server at the backup site. Which of the following solutions will be the best for the organization?
- Electronic vaulting
- Remote journaling
- Remote mirroring
- Transaction logging
Kerberos is a computer network authentication protocol that allows individuals communicating over a non-secure network to prove their identity to one another in a secure manner. Which of the following statements are true about the Kerberos authentication scheme? Each correct answer represents a complete solution. Choose all that apply.
- Kerberos requires continuous availability of a central server.
- Dictionary and brute force attacks on the initial TGS response to a client may reveal the subject’s passwords.
- Kerberos builds on Asymmetric key cryptography and requires a trusted third party.
- Kerberos requires the clocks of the involved hosts to be synchronized.
Which of the following two components does Kerberos Key Distribution Center (KDC) consist of? Each correct answer represents a complete solution. Choose two.
- Data service
- Ticket-granting service
- Account service
- Authentication service
Which of the following are the countermeasures against a man-in-the-middle attack? Each correct answer represents a complete solution. Choose all that apply.
- Using public key infrastructure authentication.
- Using basic authentication.
- Using Secret keys for authentication.
- Using Off-channel verification.
You have been assigned the task of selecting a hash algorithm. The algorithm will be specifically used to ensure the integrity of certain sensitive files. It must use a 128 bit hash value. Which of the following should you use?
- AES
- SHA
- MD5
- DES
The ATM of a bank is robbed by breaking the ATM machine. Which of the following physical security devices can now be used for verification and historical analysis of the ATM robbery?
- Key card
- Biometric devices
- Intrusion detection systems
- CCTV Cameras
Which of the following is an electrical event shows that there is enough power on the grid to prevent from a total power loss but there is no enough power to meet the current electrical demand?
- Power Surge
- Power Spike
- Blackout
- Brownout
In which of the following alternative processing sites is the backup facility maintained in a constant order, with a full complement of servers, workstations, and communication links ready to assume the primary operations responsibility?
- Hot Site
- Mobile Site
- Warm Site
- Cold Site

CISSP-ISSAP : All Parts

CISSP-ISSAP : Information Systems Security Architecture Professional : All Parts
CISSP-ISSAP Part 01	CISSP-ISSAP Part 04	CISSP-ISSAP Part 07	CISSP-ISSAP Part 10
CISSP-ISSAP Part 02	CISSP-ISSAP Part 05	CISSP-ISSAP Part 08	CISSP-ISSAP Part 11
CISSP-ISSAP Part 03	CISSP-ISSAP Part 06	CISSP-ISSAP Part 09	CISSP-ISSAP Part 12

CISSP-ISSAP : Information Systems Security Architecture Professional : Part 11

What are the benefits of using AAA security service in a network? Each correct answer represents a part of the solution. Choose all that apply.

Which of the following processes identifies the threats that can impact the business continuity of operations?

In software development, which of the following analysis is used to document the services and functions that have been accidentally left out, deliberately eliminated or still need to be developed?

In which of the following SDLC phases are the software and other components of the system faithfully incorporated into the design specifications?

Which of the following keys is derived from a preshared key and Extensible Authentication Protocol (EAP)?

Which of the following authentication methods support mutual authentication? Each correct answer represents a complete solution. Choose two.

Which of the following life cycle modeling activities establishes service relationships and message exchange paths?

You work as a Project Manager for Tech Perfect Inc. You are creating a document which emphasizes the formal study of what your organization is doing currently and where it will be in the future. Which of the following analysis will help you in accomplishing the task?

You want to connect a twisted pair cable segment to a fiber-optic cable segment. Which of the following networking devices will you use to accomplish the task?

The service-oriented modeling framework (SOMF) provides a common modeling notation to address alignment between business and IT organizations. Which of the following principles does the SOMF concentrate on? Each correct answer represents a part of the solution. Choose all that apply.

Which of the following should the administrator ensure during the test of a disaster recovery plan?

An organization is seeking to implement a hot site and wants to maintain a live database server at the backup site. Which of the following solutions will be the best for the organization?

Which of the following two components does Kerberos Key Distribution Center (KDC) consist of? Each correct answer represents a complete solution. Choose two.

Which of the following are the countermeasures against a man-in-the-middle attack? Each correct answer represents a complete solution. Choose all that apply.

You have been assigned the task of selecting a hash algorithm. The algorithm will be specifically used to ensure the integrity of certain sensitive files. It must use a 128 bit hash value. Which of the following should you use?

The ATM of a bank is robbed by breaking the ATM machine. Which of the following physical security devices can now be used for verification and historical analysis of the ATM robbery?

Which of the following is an electrical event shows that there is enough power on the grid to prevent from a total power loss but there is no enough power to meet the current electrical demand?

In which of the following alternative processing sites is the backup facility maintained in a constant order, with a full complement of servers, workstations, and communication links ready to assume the primary operations responsibility?