ExamGecko
Search Search Login
Home Home / ISC / CISSP-ISSAP

ISC CISSP-ISSAP Practice Test - Questions Answers, Page 17

Question list
Search
Search

List of questions

Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

You work as a Network Administrator for McRoberts Inc. You are expanding your company's network. After you have implemented the network, you test the connectivity to a remote host by using the PING command. You get the ICMP echo reply message from the remote host. Which of the following layers of the OSI model are tested through this process? Each correct answer represents a complete solution. Choose all that apply.
You have decided to implement video surveillance in your company in order to enhance network security. Which of the following locations must have a camera in order to provide the minimum level of security for the network resources? Each correct answer represents a complete solution. Choose two.
Which of the following encryption methods does the SSL protocol use in order to provide communication privacy, authentication, and message integrity? Each correct answer represents a part of the solution. Choose two.
John works as an Ethical Hacker for company Inc. He wants to find out the ports that are open in company's server using a port scanner. However, he does not want to establish a full TCP connection. Which of the following scanning techniques will he use to accomplish this task?
Which of the following protocols is used to compare two values calculated using the Message Digest (MD5) hashing function?
Which of the following security devices is presented to indicate some feat of service, a special accomplishment, a symbol of authority granted by taking an oath, a sign of legitimate employment or student status, or as a simple means of identification?
In which of the following Person-to-Person social engineering attacks does an attacker pretend to be an outside contractor, delivery person, etc., in order to gain physical access to the organization?
You are the Security Administrator for a consulting firm. One of your clients needs to encrypt traffic. However, he has specific requirements for the encryption algorithm. It must be a symmetric key block cipher. Which of the following should you choose for this client?
Which of the following is the process of finding weaknesses in cryptographic algorithms and obtaining the plaintext or key from the ciphertext?
Which of the following protocols work at the Network layer of the OSI model?

Question 161

Report
Export
Collapse

Which of the following protocols provides the highest level of VPN security with a VPN connection that uses the L2TP protocol?

A.
IPSec
A.
IPSec
Answers
B.
PPPoE
B.
PPPoE
Answers
C.
PPP
C.
PPP
Answers
D.
TFTP
D.
TFTP
Answers
Suggested answer: A

Question 162

Report
Export
Collapse

Which of the following encryption methods comes under symmetric encryption algorithm? Each correct answer represents a complete solution. Choose three.

A.
DES
A.
DES
Answers
B.
Blowfish
B.
Blowfish
Answers
C.
RC5
C.
RC5
Answers
D.
Diffie-Hellman
D.
Diffie-Hellman
Answers
Suggested answer: A, B, C

Question 163

Report
Export
Collapse

Which of the following uses public key cryptography to encrypt the contents of files?

A.
EFS
A.
EFS
Answers
B.
DFS
B.
DFS
Answers
C.
NTFS
C.
NTFS
Answers
D.
RFS
D.
RFS
Answers
Suggested answer: A

Question 164

Report
Export
Collapse

An access control secures the confidentiality, integrity, and availability of the information and data of an organization. In which of the following categories can you deploy the access control? Each correct answer represents a part of the solution. Choose all that apply.

A.
Detective access control
A.
Detective access control
Answers
B.
Corrective access control
B.
Corrective access control
Answers
C.
Administrative access control
C.
Administrative access control
Answers
D.
Preventive access control
D.
Preventive access control
Answers
Suggested answer: A, B, D

Question 165

Report
Export
Collapse

You are the Network Administrator for a bank. In addition to the usual security issues, you are concerned that your customers could be the victim of phishing attacks that use fake bank Web sites. Which of the following would protect against this?

A.
MAC
A.
MAC
Answers
B.
Mutual authentication
B.
Mutual authentication
Answers
C.
Three factor authentication
C.
Three factor authentication
Answers
D.
Two factor authentication
D.
Two factor authentication
Answers
Suggested answer: B

Question 166

Report
Export
Collapse

You are responsible for security at a defense contracting firm. You are evaluating various possible encryption algorithms to use. One of the algorithms you are examining is not integer based, uses shorter keys, and is public key based. What type of algorithm is this?

A.
Symmetric
A.
Symmetric
Answers
B.
None - all encryptions are integer based.
B.
None - all encryptions are integer based.
Answers
C.
Elliptic Curve
C.
Elliptic Curve
Answers
D.
RSA
D.
RSA
Answers
Suggested answer: C

Question 167

Report
Export
Collapse

Single Loss Expectancy (SLE) represents an organization's loss from a single threat. Which of the following formulas best describes the Single Loss Expectancy (SLE)?

A.
SLE = Asset Value (AV) * Exposure Factor (EF)
A.
SLE = Asset Value (AV) * Exposure Factor (EF)
Answers
B.
SLE = Asset Value (AV) * Annualized Rate of Occurrence (ARO)
B.
SLE = Asset Value (AV) * Annualized Rate of Occurrence (ARO)
Answers
C.
SLE = Annualized Loss Expectancy (ALE) * Annualized Rate of Occurrence (ARO)
C.
SLE = Annualized Loss Expectancy (ALE) * Annualized Rate of Occurrence (ARO)
Answers
D.
SLE = Annualized Loss Expectancy (ALE) * Exposure Factor (EF)
D.
SLE = Annualized Loss Expectancy (ALE) * Exposure Factor (EF)
Answers
Suggested answer: A

Question 168

Report
Export
Collapse

Which of the following are man-made threats that an organization faces? Each correct answer represents a complete solution. Choose three.

A.
Theft
A.
Theft
Answers
B.
Employee errors
B.
Employee errors
Answers
C.
Strikes
C.
Strikes
Answers
D.
Frauds
D.
Frauds
Answers
Suggested answer: A, B, D

Question 169

Report
Export
Collapse

Which of the following methods for identifying appropriate BIA interviewees' includes examining the organizational chart of the enterprise to understand the functional positions?

A.
Executive management interviews
A.
Executive management interviews
Answers
B.
Overlaying system technology
B.
Overlaying system technology
Answers
C.
Organizational chart reviews
C.
Organizational chart reviews
Answers
D.
Organizational process models
D.
Organizational process models
Answers
Suggested answer: C

Question 170

Report
Export
Collapse

Which of the following describes the acceptable amount of data loss measured in time?

A.
Recovery Consistency Objective (RCO)
A.
Recovery Consistency Objective (RCO)
Answers
B.
Recovery Time Objective (RTO)
B.
Recovery Time Objective (RTO)
Answers
C.
Recovery Point Objective (RPO)
C.
Recovery Point Objective (RPO)
Answers
D.
Recovery Time Actual (RTA)
D.
Recovery Time Actual (RTA)
Answers
Suggested answer: C
Total 237 questions
Go to page: of 24
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms