ISC2 CISSP-ISSAP Free Practice Questions

NEW QUESTION 1
Which of the following security architectures defines how to integrate widely disparate applications for a world that is Web-based and uses multiple implementation platforms?

• A. Sherwood Applied Business Security Architecture
• B. Service-oriented modeling and architecture
• C. Enterprise architecture
• D. Service-oriented architecture

Answer: D

NEW QUESTION 2
Which of the following are the initial steps required to perform a risk analysis process? Each correct answer represents a part of the solution. Choose three.

• A. Estimate the potential losses to assets by determining their valu
• B. Establish the threats likelihood and regularit
• C. Valuations of the critical assets in hard cost
• D. Evaluate potential threats to the asset

Answer: ABD

NEW QUESTION 3
Which of the following layers of the OSI model corresponds to the Host-to-Host layer of the TCP/IP model?

• A. The transport layer
• B. The presentation layer
• C. The session layer
• D. The application layer

Answer: A

NEW QUESTION 4
In which of the following SDLC phases are the software and other components of the system faithfully incorporated into the design specifications?

• A. Programming and training
• B. Evaluation and acceptance
• C. Definition
• D. Initiation

Answer: A

NEW QUESTION 5
A network is configured on a Bus topology. Which of the following conditions could cause a network failure? Each correct answer represents a complete solution. Choose all that apply.

• A. A break in a network cable
• B. 75 ohm terminators at open ends
• C. A powered off workstation
• D. An open-ended cable without terminators

Answer: ABD

NEW QUESTION 6
Fill in the blank with the appropriate encryption system. The ____ encryption system is an asymmetric key encryption algorithm for the public-key cryptography, which is based on the Diffie- Hellman key agreement.

• A. ElGamal

Answer: A

NEW QUESTION 7
You work as a Network Administrator for NetTech Inc. You want to have secure communication on the company's intranet. You decide to use public key and private key pairs. What will you implement to accomplish this?

• A. Microsoft Internet Information Server (IIS)
• B. VPN
• C. FTP server
• D. Certificate server

Answer: D

NEW QUESTION 8
Which of the following encryption modes has the property to allow many error correcting codes to function normally even when applied before encryption?

• A. OFB mode
• B. CFB mode
• C. CBC mode
• D. PCBC mode

Answer: A

NEW QUESTION 9
Which of the following encryption algorithms are based on block ciphers?

• A. RC4
• B. Twofish
• C. Rijndael
• D. RC5

Answer: BCD

NEW QUESTION 10
You work as a Network Administrator for Net Perfect Inc. The company has a Linux-based network. You need to configure a firewall for the company. The firewall should be able to keep track of the state of network connections traveling across the network. Which of the following types of firewalls will you configure to accomplish the task?

• A. Stateful firewall
• B. Host-based application firewall
• C. A network-based application layer firewall
• D. An application firewall

Answer: A

NEW QUESTION 11
Which of the following authentication protocols sends a user certificate inside an encrypted tunnel?

• A. PEAP
• B. EAP-TLS
• C. WEP
• D. EAP-FAST

Answer: B

NEW QUESTION 12
Which of the following statements about incremental backup are true? Each correct answer represents a complete solution. Choose two.

• A. It is the fastest method of backing up dat
• B. It is the slowest method for taking a data backu
• C. It backs up the entire database, including the transaction lo
• D. It backs up only the files changed since the most recent backup and clears the archive bi

Answer: AD

NEW QUESTION 13
You are advising a school district on disaster recovery plans. In case a disaster affects the main IT centers for the district they will need to be able to work from an alternate location. However, budget is an issue. Which of the following is most appropriate for this client?

• A. Warm site
• B. Cold site
• C. Off site
• D. Hot site

Answer: B

NEW QUESTION 14
Which of the following protocols uses the Internet key Exchange (IKE) protocol to set up security associations (SA)?

• A. IPSec
• B. L2TP
• C. LEAP
• D. ISAKMP

Answer: D

NEW QUESTION 15
Which of the following security protocols provides confidentiality, integrity, and authentication of network traffic with end-to-end and intermediate-hop security?

• A. IPSec
• B. SET
• C. SWIPE
• D. SKIP

Answer: C

NEW QUESTION 16
You work as a CSO (Chief Security Officer) for Tech Perfect Inc. You have a disaster scenario and you want to discuss it with your team members for getting appropriate responses of the disaster. In which of the following disaster recovery tests can this task be performed?

• A. Full-interruption test
• B. Parallel test
• C. Simulation test
• D. Structured walk-through test

Answer: C

NEW QUESTION 17
Which of the following techniques can be used by an administrator while working with the symmetric encryption cryptography? Each correct answer represents a complete solution. Choose all that apply.

• A. Block cipher
• B. Stream cipher
• C. Transposition cipher
• D. Message Authentication Code

Answer: ABD

NEW QUESTION 18
Which of the following authentication methods prevents unauthorized execution of code on remote systems?

• A. TACACS
• B. S-RPC
• C. RADIUS
• D. CHAP

Answer: B

NEW QUESTION 19
Which of the following uses public key cryptography to encrypt the contents of files?

• A. EFS
• B. DFS
• C. NTFS
• D. RFS

Answer: A

NEW QUESTION 20
You work as a Network Administrator for NetTech Inc. When you enter http://66.111.64.227 in the browser's address bar, you are able to access the site. But, you are unable to access the site when you enter http://www.company.com. What is the most likely cause?

• A. The site's Web server is offlin
• B. The site's Web server has heavy traffi
• C. WINS server has no NetBIOS name entry for the serve
• D. DNS entry is not available for the host nam

Answer: D

NEW QUESTION 21
You want to implement a network topology that provides the best balance for regional topologies in terms of the number of virtual circuits, redundancy, and performance while establishing a WAN network. Which of the following network topologies will you use to accomplish the task?

• A. Bus topology
• B. Fully meshed topology
• C. Star topology
• D. Partially meshed topology

Answer: D

NEW QUESTION 22
You are responsible for security at a hospital. Since many computers are accessed by multiple employees 24 hours a day, 7 days a week, controlling physical access to computers is very difficult. This is compounded by a high number of non employees moving through the building. You are concerned about unauthorized access to patient records. What would best solve this problem?

• A. The use of CHA
• B. Time of day restriction
• C. The use of smart card
• D. Video surveillance of all computer

Answer: C

NEW QUESTION 23
Which of the following statements about Public Key Infrastructure (PKI) are true? Each correct answer represents a complete solution. Choose two.

• A. It uses symmetric key pair
• B. It provides security using data encryption and digital signatur
• C. It uses asymmetric key pair
• D. It is a digital representation of information that identifies user

Answer: BC

NEW QUESTION 24
Sam is creating an e-commerce site. He wants a simple security solution that does not require each customer to have an individual key. Which of the following encryption methods will he use?

• A. Asymmetric encryption
• B. Symmetric encryption
• C. S/MIME
• D. PGP

Answer: B

NEW QUESTION 25
Which of the following protocols multicasts messages and information among all member devices in an IP multicast group?

• A. ARP
• B. ICMP
• C. TCP
• D. IGMP

Answer: D

NEW QUESTION 26
The network you administer allows owners of objects to manage the access to those objects via access control lists. This is an example of what type of access control?

• A. RBAC
• B. MAC
• C. CIA
• D. DAC

Answer: D

NEW QUESTION 27
John works as a Network Administrator for NetPerfect Inc. The company has a Windows-based network. John has been assigned a project to build a network for the sales department of the company. It is important for the LAN to continue working even if there is a break in the cabling. Which of the following topologies should John use to accomplish the task?

• A. Star
• B. Mesh
• C. Bus
• D. Ring

Answer: B

NEW QUESTION 28
At which of the following layers of the Open System Interconnection (OSI) model the Internet Control Message Protocol (ICMP) and the Internet Group Management Protocol (IGMP) work?

• A. The Physical layer
• B. The Data-Link layer
• C. The Network layer
• D. The Presentation layer

Answer: C

NEW QUESTION 29
......