ExamGecko
Search Search Login
Home Home / ISC / CISSP-ISSAP

ISC CISSP-ISSAP Practice Test - Questions Answers, Page 16

Question list
Search
Search

List of questions

Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

You work as a Network Administrator for McRoberts Inc. You are expanding your company's network. After you have implemented the network, you test the connectivity to a remote host by using the PING command. You get the ICMP echo reply message from the remote host. Which of the following layers of the OSI model are tested through this process? Each correct answer represents a complete solution. Choose all that apply.
You have decided to implement video surveillance in your company in order to enhance network security. Which of the following locations must have a camera in order to provide the minimum level of security for the network resources? Each correct answer represents a complete solution. Choose two.
Which of the following encryption methods does the SSL protocol use in order to provide communication privacy, authentication, and message integrity? Each correct answer represents a part of the solution. Choose two.
John works as an Ethical Hacker for company Inc. He wants to find out the ports that are open in company's server using a port scanner. However, he does not want to establish a full TCP connection. Which of the following scanning techniques will he use to accomplish this task?
Which of the following protocols is used to compare two values calculated using the Message Digest (MD5) hashing function?
Which of the following security devices is presented to indicate some feat of service, a special accomplishment, a symbol of authority granted by taking an oath, a sign of legitimate employment or student status, or as a simple means of identification?
In which of the following Person-to-Person social engineering attacks does an attacker pretend to be an outside contractor, delivery person, etc., in order to gain physical access to the organization?
You are the Security Administrator for a consulting firm. One of your clients needs to encrypt traffic. However, he has specific requirements for the encryption algorithm. It must be a symmetric key block cipher. Which of the following should you choose for this client?
Which of the following is the process of finding weaknesses in cryptographic algorithms and obtaining the plaintext or key from the ciphertext?
Which of the following protocols work at the Network layer of the OSI model?

Question 151

Report
Export
Collapse

Which of the following protects against unauthorized access to confidential information via encryption and works at the network layer?

A.
Firewall
A.
Firewall
Answers
B.
NAT
B.
NAT
Answers
C.
MAC address
C.
MAC address
Answers
D.
IPSec
D.
IPSec
Answers
Suggested answer: D

Question 152

Report
Export
Collapse

Which of the following statements are true about Public-key cryptography? Each correct answer represents a complete solution. Choose two.

A.
Data encrypted with the secret key can only be decrypted by another secret key.
A.
Data encrypted with the secret key can only be decrypted by another secret key.
Answers
B.
The secret key can encrypt a message, and anyone with the public key can decrypt it.
B.
The secret key can encrypt a message, and anyone with the public key can decrypt it.
Answers
C.
The distinguishing technique used in public key-private key cryptography is the use of symmetric key algorithms.
C.
The distinguishing technique used in public key-private key cryptography is the use of symmetric key algorithms.
Answers
D.
Data encrypted by the public key can only be decrypted by the secret key.
D.
Data encrypted by the public key can only be decrypted by the secret key.
Answers
Suggested answer: B, D

Question 153

Report
Export
Collapse

Which of the following backup types backs up files that have been added and all data that have been modified since the most recent backup was performed?

A.
Differential backup
A.
Differential backup
Answers
B.
Incremental backup
B.
Incremental backup
Answers
C.
Daily backup
C.
Daily backup
Answers
D.
Full backup
D.
Full backup
Answers
Suggested answer: B

Question 154

Report
Export
Collapse

You are responsible for security at a hospital. Since many computers are accessed by multiple employees 24 hours a day, 7 days a week, controlling physical access to computers is very difficult. This is compounded by a high number of non employees moving through the building. You are concerned about unauthorized access to patient records. What would best solve this problem?

A.
The use of CHAP.
A.
The use of CHAP.
Answers
B.
Time of day restrictions.
B.
Time of day restrictions.
Answers
C.
The use of smart cards.
C.
The use of smart cards.
Answers
D.
Video surveillance of all computers.
D.
Video surveillance of all computers.
Answers
Suggested answer: C

Question 155

Report
Export
Collapse

In which of the following cryptographic attacking techniques does the attacker pick up the information to be encrypted and take a copy of it with the encrypted data?

A.
Chosen ciphertext attack
A.
Chosen ciphertext attack
Answers
B.
Known plaintext attack
B.
Known plaintext attack
Answers
C.
Chosen plaintext attack
C.
Chosen plaintext attack
Answers
D.
Ciphertext only attack
D.
Ciphertext only attack
Answers
Suggested answer: C

Question 156

Report
Export
Collapse

Which of the following are the goals of a public key infrastructure (PKI)? Each correct answer represents a part of the solution. Choose all that apply.

A.
Authenticity
A.
Authenticity
Answers
B.
Globalization
B.
Globalization
Answers
C.
Mobility
C.
Mobility
Answers
D.
Integrity
D.
Integrity
Answers
E.
Confidentiality
E.
Confidentiality
Answers
F.
Nonrepudiation
F.
Nonrepudiation
Answers
Suggested answer: A, D, E

Question 157

Report
Export
Collapse

Which of the following encryption modes has the property to allow many error correcting codes to function normally even when applied before encryption?

A.
OFB mode
A.
OFB mode
Answers
B.
CFB mode
B.
CFB mode
Answers
C.
CBC mode
C.
CBC mode
Answers
D.
PCBC mode
D.
PCBC mode
Answers
Suggested answer: A

Question 158

Report
Export
Collapse

In which of the following phases of the SDLC does the software and other components of the system faithfully incorporate the design specifications and provide proper documentation and training?

A.
Initiation
A.
Initiation
Answers
B.
Programming and training
B.
Programming and training
Answers
C.
Design
C.
Design
Answers
D.
Evaluation and acceptance
D.
Evaluation and acceptance
Answers
Suggested answer: B

Question 159

Report
Export
Collapse

You are the administrator for YupNo.com. You want to increase and enhance the security of your computers and simplify deployment. You are especially concerned with any portable computers that are used by remote employees. What can you use to increase security, while still allowing your users to perform critical tasks?

A.
BitLocker
A.
BitLocker
Answers
B.
Smart Cards
B.
Smart Cards
Answers
C.
Service Accounts
C.
Service Accounts
Answers
D.
AppLocker
D.
AppLocker
Answers
Suggested answer: B

Question 160

Report
Export
Collapse

You have just set up a wireless network for customers at a coffee shop. Which of the following are good security measures to implement? Each correct answer represents a complete solution. Choose two.

A.
MAC filtering the router
A.
MAC filtering the router
Answers
B.
Not broadcasting SSID
B.
Not broadcasting SSID
Answers
C.
Using WEP encryption
C.
Using WEP encryption
Answers
D.
Using WPA encryption
D.
Using WPA encryption
Answers
Suggested answer: C, D
Total 237 questions
Go to page: of 24
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms