Issap question answers
Upcoming SlideShare
Loading in...5

Issap question answers






Total Views
Views on SlideShare
Embed Views



0 Embeds 0

No embeds



Upload Details

Uploaded via as Adobe PDF

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
Post Comment
Edit your comment

Issap question answers Issap question answers Document Transcript

  • ISC2 ISSAP ExamInformation Systems Security Architecture ProfessionalVersion = DemoTotal Questions in Original Product = 249 CertificationNo1. Test Preparation Resource
  • ISSAP Exam Questions and Answers 1Question: 1Which of the following elements of planning gap measures the gap between the totalpotential for the market and the actual current usage by all the consumers in the market?A. Project gapB. Product gapC. Competitive gapD. Usage gapAnswer: DExplanation:The usage gap measures the gap between the total potential for the market and the actualcurrent usage by all the consumers in the market.Mainly two figures are needed for this calculation:Market potential: The maximum number of consumers available will usually be determinedby market research, but it may sometimes be calculated from demographic data orgovernment statistics.Existing usage: The existing usage by consumers makes up the total current market, fromwhich market shares, for example, are calculated. It is usually derived from marketingresearch, most accurately from panel research and also from ad hoc work.Thus, the usage gap can be calculated by:usage gap = market potential - existing usage Answer option B is incorrect. The productgap is also described as the segment or positioning gap. It represents that part of the marketfrom which the individual organization is excluded because of product or servicecharacteristics. This may have come about because the market has been segmented andthe organization does not have offerings in some segments, or it may be because thepositioning of its offering effectively excludes it from certain groups of potential consumers,because there are competitive offerings much better placed in relation to these groups.The product gap is probably the main element of the planning gap in which the organizationcan have a productive input. Therefore the emphasis is on the importance of correctpositioning.Answer option A is incorrect. The project gap is not a valid element of planning gap.Answer option C is incorrect. The competitive gap is the share of business achieved amongsimilar products, sold in the same market segment and with similar distribution patterns or atleast, in any comparison, after such effects have been discounted. The competitive gaprepresents the effects of factors such as price and promotion, both the absolute level andthe effectiveness of its messages. It is what marketing is popularly supposed to be about.
  • ISSAP Exam Questions and Answers 2Question: 2Which of the following terms refers to the method that allows or restricts specific types ofpackets from crossing over the firewall?A. HackingB. Packet filteringC. Web cachingD. SpoofingAnswer: BExplanation:Packet filtering is a method that allows or restricts the flow of specific types of packets toprovide security. It analyzes the incoming and outgoing packets and lets them pass or stopsthem at a network interface based on the source and destination addresses, ports, orprotocols. Packet filtering provides a way to define precisely which type of IP traffic isallowed to cross the firewall of an intranet. IP packet filtering is important when users fromprivate intranets connect to public networks, such as the Internet. Answer option D isincorrect. Spoofing is a technique that makes a transmission appear to have come from anauthentic source by forging the IP address, email address, caller ID, etc. In IP spoofing, ahacker modifies packet headers by using someone elses IP address to hide his identity.However, spoofing cannot be used while surfing the Internet, chatting on-line, etc. becauseforging the source IP address causes the responses to be misdirected.Answer option C is incorrect. Web caching is a method for minimizing performancebottlenecks and reducing network traffic by serving locally cached Web content. Webcaching helps in reducing bandwidth utilization during periods of high network traffic. Highnetwork traffic is usually caused when a large number of users use the network at the sametime. With a caching solution in place, users requests will be returned from the cachewithout having to travel over a WAN link to the destination Web server.Answer option A is incorrect. Hacking is a process by which a person acquires illegalaccess to a computer or network through a security break or by implanting a virus on thecomputer or network.Question: 3You work as a Network Administrator for NetTech Inc. The company wants to encrypt its e-mails. Which of the following will you use to accomplish this?A. PGPB. PPTPC. IPSecD. NTFSAnswer: A
  • ISSAP Exam Questions and Answers 3Explanation: Standard Internet e-mail is usually sent as plaintext over networks. This is notsecure as intruders can monitor mail servers and network traffic to obtain sensitiveinformation. The two most commonly used methods for providing e-mail security are PrettyGood Privacy (PGP) and Secure/Multipurpose Internet Mail Extensions (S/MIME). Thesemethods typically include authentication of the originator and privacy of the message.Pretty Good Privacy (PGP) is an encryption method that uses public-key encryption toencrypt and digitally sign e-mail messages during communication between e-mail clients.PGP is effective, easy to use, and free. Therefore, it is one of the most common ways toprotect messages on the Internet. Answer option C is incorrect. Internet Protocol security(IPSec) provides secure communication over IP networks. It cannot be used to encrypt e-mail messages.Question: 4Peter works as a Network Administrator for Net World Inc. The company wants to allowremote users to connect and access its private network through a dial-up connection via theInternet. All the data will be sent across a public network. For security reasons, themanagement wants the data sent through the Internet to be encrypted. The company plansto use a Layer 2 Tunneling Protocol (L2TP) connection. Which communication protocol willPeter use to accomplish the task?A. IP Security (IPSec)B. Microsoft Point-to-Point Encryption (MPPE)C. Pretty Good Privacy (PGP)D. Data Encryption Standard (DES)Answer: AExplanation: According to the question, all the data will be sent across a public network.Data sent through a public network such as the Internet should be encrypted in order tomaintain security. The two modes available for data encryption are Microsoft Point-to-PointEncryption (MPPE) and IP Security (IPSec). The MPPE protocol is used for data encryptionin a PPTP connection. It supports MSCHAP v1 and v2, and the EAP-TLS authenticationmethods. However, L2TP does not support the MPPE protocol. Therefore, for an L2TPconnection, Peter will have to use the IPSec protocol to encrypt data. L2TP with IPSecneeds a certificate authority server (CA server) to generate certificates as well as to checktheir validity for providing secure communication across both ends of the VPN.
  • ISSAP Exam Questions and Answers 4Question: 5Which of the following protocols multicasts messages and information among all memberdevices in an IP multicast group?A. ARPB. ICMPC. TCPD. IGMPAnswer: DExplanation: Internet Group Management Protocol (IGMP) is a communication protocol thatmulticasts messages and information among all member devices in an IP multicast group.However, multicast traffic is sent to a single MAC address but is processed by multiplehosts. It can be effectively used for gaming and showing online videos. IGMP is vulnerableto network attacks.Answer option B is incorrect. Internet Control Message Protocol (ICMP) is an integral part ofIP. It is used to report an error in datagram processing. The Internet Protocol (IP) is used forhost-to-host datagram service in a network. The network is configured with connectingdevices called gateways. When an error occurs in datagram processing, gateways ordestination hosts report the error to the source hosts through the ICMP protocol. The ICMPmessages are sent in various situations, such as when a datagram cannot reach itsdestination, when the gateway cannot direct the host to send traffic on a shorter route, whenthe gateway does not have the buffering capacity, etc.Answer option A is incorrect. Address Resolution Protocol (ARP) is a network maintenanceprotocol of the TCP/IP protocol suite. It is responsible for the resolution of IP addresses tomedia access control (MAC) addresses of a network interface card (NIC). The ARP cache isused to maintain a correlation between a MAC address and its corresponding IP address.ARP provides the protocol rules for making this correlation and providing addressconversion in both directions. ARP is limited to physical network systems that supportbroadcast packets. Answer option C is incorrect. Transmission Control Protocol (TCP) is areliable, connection-oriented protocol operating at the transport layer of the OSI model. Itprovides a reliable packet delivery service encapsulated within the Internet Protocol (IP).TCP guarantees the delivery of packets, ensures proper sequencing of data, and providesa checksum feature that validates both the packet header and its data for accuracy. If thenetwork corrupts or loses a TCP packet during transmission, TCP is responsible forretransmitting the faulty packet. It can transmit large amounts of data. Application-layerprotocols, such as HTTP and FTP, utilize the services of TCP to transfer files betweenclients and servers.
  • ISSAP Exam Questions and Answers 5Question: 6Which of the following security devices is presented to indicate some feat of service, aspecial accomplishment, a symbol of authority granted by taking an oath, a sign of legitimateemployment or student status, or as a simple means of identification?A. SensorB. AlarmC. Motion detectorD. BadgeAnswer: DExplanation: A badge is a device or accoutrement that is presented or displayed to indicatesome feat of service, a special accomplishment, a symbol of authority granted by taking anoath, a sign of legitimate employment or student status, or as a simple means ofidentification. It is also used in advertising, publicity, and for branding purposes.A badge can be made from metal, plastic, leather, textile, rubber, etc., and it is commonlyattached to clothing, bags, footwear, vehicles, home electrical equipment, etc.Answer option A is incorrect. A sensor is a device that measures a physical quantity andconverts it into a signal that can be read by an observer or by an instrument.Answer option C is incorrect. A motion detector is a device that contains a physicalmechanism or electronic sensor that quantifies motion that can be either integrated with orconnected to other devices that alert the user of the presence of a moving object within thefield of view. They form a vital component of comprehensive security systems, for bothhomes and businesses.Answer option B is incorrect. An alarm is a device that triggers a deterrent, a repellent, anda notification.Question: 7Which of the following is a method for transforming a message into a masked form, togetherwith a way of undoing the transformation to recover the message?A. CipherB. CrypToolC. SteganographyD. MIMEAnswer: A
  • ISSAP Exam Questions and Answers 6Explanation: A cipher is a cryptographic algorithm that performs encryption or decryption. Itis a series of well-defined steps that can be followed as a procedure. The cipher transformsa message into a masked form, together with a way of undoing the transformation to recoverthe message. When using a cipher the original information is known as plaintext, and theencrypted form as ciphertext. The ciphertext message contains all the information of theplaintext message, but it is not in a readable format. The operation of a cipher usuallydepends on a piece of auxiliary information, called a key or a cryptovariable. The encryptingprocedure is varied depending on the key, which changes the detailed operation of thealgorithm. A key must be selected before using a cipher to encrypt a message. Withoutknowledge of the key, it is impossible to decrypt the ciphertext into plaintext.Answer option B is incorrect. CrypTool is free software and an e-learning tool illustratingcryptographic concepts.Answer option C is incorrect. Steganography is the art and science of writing hiddenmessages in such a way that no one, apart from the sender and intended recipient,suspects the existence of the message, a form of security through obscurity.Answer option D is incorrect. MIME stands for Multipurpose Internet Mail Extensions. It is astandard for multi-part, multimedia electronic mail messages and World Wide Webhypertext documents on the Internet. MIME provides a mechanism for exchanging non-textinformation, such as binary data, audio data, video data, and foreign language text thatcannot be represented in ASCII text.Question: 8Mark works as a Network Administrator for NetTech Inc. He wants users to access onlythose resources that are required for them. Which of the following access control models willhe use?A. Policy Access ControlB. Mandatory Access ControlC. Discretionary Access ControlD. Role-Based Access ControlAnswer: DExplanation: Role-based access control (RBAC) is an access control model. In this model, auser can access resources according to his role in the organization. For example, a backupadministrator is responsible for taking backups of important data. Therefore, he is onlyauthorized to access this data for backing it up. However, sometimes users with differentroles need to access the same resources. This situation can also be handled using theRBAC model.Answer option B is incorrect. Mandatory Access Control (MAC) is a model that uses apredefined set of access privileges for an object of the system. Access to an object isrestricted on the basis of the sensitivity of the object and granted through authorization.Sensitivity of an object is defined by the label assigned to it. For example, if a user receivesa copy of an object that is marked as "secret", he cannot grant permission to other users tosee this object unless they have the appropriate permission.
  • ISSAP Exam Questions and Answers 7Answer option C is incorrect. DAC is an access control model. In this model, the data ownerhas the right to decide who can access the data. This model is commonly used in PCenvironment. The basis of this model is the use of Access Control List (ACL).Answer option A is incorrect. There is no such access control model as Policy AccessControl.Question: 9Which of the following is used to authenticate asymmetric keys?A. Digital signatureB. MAC AddressC. Demilitarized zone (DMZ)D. PasswordAnswer: AExplanation: A digital signature is used to authenticate asymmetric keys.Digital signature is a message signed with a senders private key can be verified by anyonewho has access to the senders public key, thereby proving that the sender signed it andthat the message has not been tampered with. This is used to ensure authenticity. Public-key cryptography, also known as asymmetric cryptography, is a form of cryptography inwhich the key used to encrypt a message differs from the key used to decrypt it. Answeroption C is incorrect. Demilitarized zone (DMZ) or perimeter network is a small network thatlies in between the Internet and a private network. It is the boundary between the Internetand an internal network, usually a combination of firewalls and bastion hosts that aregateways between inside networks and outside networks. DMZ provides a large enterprisenetwork or corporate network the ability to use the Internet while still maintaining its security.Answer options D and B are incorrect. Password and MAC address are not used toauthenticate asymmetric keys.Question: 10IPsec VPN provides a high degree of data privacy by establishing trust points betweencommunicating devices and data encryption. Which of the following encryption methodsdoes IPsec VPN use?Each correct answer represents a complete solution. Choose two.A. MD5B. LEAPC. AESD. 3DESAnswer: D and C
  • ISSAP Exam Questions and Answers 8Explanation: IPsec VPN provides a high degree of data privacy by establishing trust pointsbetween communicating devices and data encryption using the 3DES (Triple DataEncryption Algorithm) or AES (Advanced Encryption Standard).Question: 11A user is sending a large number of protocol packets to a network in order to saturate itsresources and to disrupt connections to prevent communications between services. Whichtype of attack is this?A. Denial-of-Service attackB. Vulnerability attackC. Social Engineering attackD. Impersonation attackAnswer: AExplanation: A Denial-of-Service (DoS) attack is mounted with the objective of causing anegative impact on the performance of a computer or network. It is also known as networksaturation attack or bandwidth consumption attack. Attackers make Denial-of-Serviceattacks by sending a large number of protocol packets to a network. A DoS attack cancause the following to occur:Saturate network resources.Disrupt connections between two computers, thereby preventing communications betweenservices.Disrupt services to a specific computer.A SYN attack is a common DoS technique in which an attacker sends multiple SYN packetsto a target computer. For each SYN packet received, the target computer allocatesresources and sends an acknowledgement (SYN-ACK) to the source IP address. Since thetarget computer does not receive a response from the attacking computer, it attempts toresend the SYN-ACK. This leaves TCP ports in the half-open state. When an attackersends TCP SYNs repeatedly before the half-open connections are timed out, the targetcomputer eventually runs out of resources and is unable to handle any more connections,thereby denying service to legitimate users.Answer option D is incorrect. An impersonation attack attempts to access the system byusing a valid user password.Answer option B is incorrect. A vulnerability attack takes advantage of the vulnerabilities inan operating system or software service to enter into the operating system and disrupt itsworking.Answer option C is incorrect. Social engineering is the art of convincing people and makingthem disclose useful information such as account names and passwords. This information isfurther exploited by hackers to gain access to a users computer or network. This methodinvolves mental ability of the people to trick someone rather than their technical skills. Auser should always distrust people who ask him for his account name or password,computer name, IP address, employee ID, or other information that can be misused.
  • ISSAP Exam Questions and Answers 9Question: 12Which of the following types of firewall functions at the Session layer of OSI model?A. Circuit-level firewallB. Application-level firewallC. Packet filtering firewallD. Switch-level firewallAnswer: AExplanation: Circuit-level firewall operates at the Session layer of the OSI model. This typeof firewall regulates traffic based on whether or not a trusted connection has beenestablished.Question: 13Which of the following statements about a stream cipher are true? Each correct answerrepresents a complete solution. Choose three.A. It typically executes at a higher speed than a block cipher.B. It divides a message into blocks for processing.C. It typically executes at a slower speed than a block cipher.D. It divides a message into bits for processing.E. It is a symmetric key cipher.Answer: A, D, and EExplanation: A stream cipher is a symmetric key cipher or encryption. It divides a messageinto bits for processing. It typically executes at a higher speed than a block cipher. A streamcipher is also known as a state cipher, as the encryption of each digit is dependent on thecurrent state.Question: 14Which of the following types of attack can be used to break the best physical and logicalsecurity mechanism to gain access to a system?A. Social engineering attackB. Cross site scripting attackC. Mail bombingD. Password guessing attackAnswer: A
  • ISSAP Exam Questions and Answers 10Explanation: Social engineering attack can be used to break the best physical and logicalsecurity mechanism to gain access to a system.Social engineering is the art of convincing people and making them disclose usefulinformation such as account names and passwords. This information is further exploited byhackers to gain access to a users computer or network. This method involves mental abilityof the people to trick someone rather than their technical skills. A user should alwaysdistrust people who ask him for his account name or password, computer name, IP address,employee ID, or other information that can be misused.Answer option D is incorrect. A password guessing attack occurs when an unauthorizeduser tries to log on repeatedly to a computer or network by guessing usernames andpasswords. Many password guessing programs that attempt to break passwords areavailable on the Internet. Following are the types of password guessing attacks:Brute force attackDictionary attackAnswer option B is incorrect. A cross site scripting attack is one in which an attacker entersmalicious data into a Website. For example, the attacker posts a message that containsmalicious code to any newsgroup site. When another user views this message, the browserinterprets this code and executes it and, as a result, the attacker is able to take control of theusers system. Cross site scripting attacks require the execution of client-side languagessuch as JavaScript, Java, VBScript, ActiveX, Flash, etc. within a users Web environment.With the help of a cross site scripting attack, the attacker can perform cookie stealing,sessions hijacking, etc.Answer option C is incorrect. Mail bombing is an attack that is used to overwhelm mailservers and clients by sending large amount of unwanted e-mails. The aim of this type ofattack is to completely fill the recipients hard disk with immense, useless files, causing atbest irritation, and at worst total computer failure. E-mail filtering and properly configuringemail relay functionality on mail servers can be helpful for protection against this type ofattack.Question: 15You are the Security Consultant advising a company on security methods. This is a highlysecure location that deals with sensitive national defense related data. They are veryconcerned about physical security as they had a breach last month. In that breach anindividual had simply grabbed a laptop and ran out of the building. Which one of thefollowing would have been most effective in preventing this?A. Not using laptops.B. Keeping all doors locked with a guard.C. Using a man-trap.D. A sign in log.Answer: CExplanation: A man-trap is a scenario in which there are two doors (for example one oneach end of a short corridor) but only one can be open at a time.
  • ISSAP Exam Questions and Answers 11Thus a person exiting the building would have to go through one door, close it, go to theother end of the corridor and open that door. The second door could not open until the firstwas closed. And in an emergency both doors can be automatically sealed.Answer option A is incorrect. Laptops can be quite useful and effective. It is almost neverthe proper course of action to simply ban useful technology, rather than find good ways tosecure it.Answer option B is incorrect. While this might work, it would be very expensive and wouldalso cause a tremendous inconvenience for employees. Furthermore, there is always thepossibility of a guard leaving for a moment.Answer option D is incorrect. Sign in logs are always a good idea. However, they would donothing to prevent this scenario.Question: 16You want to implement a network topology that provides the best balance for regionaltopologies in terms of the number of virtual circuits, redundancy, and performance whileestablishing a WAN network. Which of the following network topologies will you use toaccomplish the task?A. Bus topologyB. Fully meshed topologyC. Star topologyD. Partially meshed topologyAnswer: DExplanation: According to the scenario, you want to implement a network topology thatprovides the best balance for regional topologies in terms of the number of virtual circuits,redundancy, and performance while establishing a WAN network. Therefore, you will use thepartially meshed topology. Since in the partially meshed topology, all nodes are notconnected to each other, nonmeshed node communicates with another nonmeshed nodeby sending traffic through one of the fully connected routers.Answer option A is incorrect. This topology is not used for WAN networking.Answer option B is incorrect. In the fully meshed topology, every node has a direct path toone another. However, this topology has the following disadvantages:It requires a large number of virtual circuits that are required for every connection betweenrouters.Due to this approach, there will be a large number of packets and broadcast replications.It increases routers overhead.Answer option D is incorrect. In the star topology, a single internetworking hub providesaccess from remote networks into the core router.The star topology minimizes tariff costs. However, it has the following disadvantages: If thecentral router fails, there will be no other backup.Since all traffic intended for the centralized resources goes through the central router, itbecomes the bottleneck of overall performance for accessing the centralized resources.The star topology is not scalable.
  • ISSAP Exam Questions and Answers 12Question: 17Which of the following protocols is an alternative to certificate revocation lists (CRL) andallows the authenticity of a certificate to be immediately verified?A. RSTPB. SKIPC. OCSPD. HTTPAnswer: CExplanation: The Online Certificate Status Protocol (OCSP) is an Internet protocol used forobtaining the revocation status of an X.509 digital certificate. It is described in RFC 2560and is on the Internet standards track. It was created as an alternative to certificaterevocation lists (CRL),specifically addressing certain problems associated with using CRLs in a public keyinfrastructure (PKI). The OCSP allows the authenticity of a certificate to be immediatelyverified.Answer option A is incorrect. Rapid Spanning Tree Protocol (RSTP) is an evolution of theSpanning Tree Protocol, which provides for faster spanning tree convergence after atopology change. RSTP is also known as the IEEE 802.1w. It provides a loop-free switchingenvironment.Standard IEEE 802.1D-2004 incorporates RSTP and obsoletes STP. While STP can take 30to 50 seconds to respond to a topology change, RSTP is typically able to respond tochanges within 6 seconds.Answer option D is incorrect. Hypertext Transfer Protocol (HTTP) is a client/server TCP/IPprotocol used on the World Wide Web (WWW) to display Hypertext Markup Language(HTML) pages. HTTP defines how messages are formatted and transmitted, and whatactions Web servers and browsers should take in response to various commands. Forexample, when a client application or browser sends a request to the server using HTTPcommands, the server responds with a message containing the protocol version, success orfailure code, server information, and body content, depending on the request. HTTP usesTCP port 80 as the default port.Answer option B is incorrect. SKIP (Simple Key-Management for Internet Protocol) isdeveloped by the IETF Security Working Group for the sharing of encryption keys. It is usedto protect sessionless datagram protocols. SKIP works at Layer 3 of the OSI model. Itintegrates with the IPSec (Internet Protocol Security).
  • ISSAP Exam Questions and Answers 13Question: 18Which of the following does PEAP use to authenticate the user inside an encrypted tunnel?Each correct answer represents a complete solution. Choose two.A. GTCB. MS-CHAP v2C. AESD. RC4Answer: B and AExplanation: PEAP uses only a server-side certificate. This certificate creates an encryptedtunnel in which the user is authenticated. PEAP (Protected EAP) uses Microsoft ChallengeHandshake Authentication Protocol version 2 (MS-CHAP v2) or Generic Token Card (GTC)to authenticate the userinside an encrypted tunnel.Question: 19Which of the following terms refers to a mechanism which proves that the sender really senta particular message?A. IntegrityB. ConfidentialityC. AuthenticationD. Non-repudiationAnswer: DExplanation: Non-repudiation is a mechanism which proves that the sender really sent amessage. It provides an evidence of the identity of the senderand message integrity. It alsoprevents a person from denying the submission or delivery of the message and the integrityof its contents.Answer option C is incorrect. Authentication is a process of verifying the identity of a personor network host.Answer option B is incorrect. Confidentiality ensures that no one can read a messageexcept the intended receiver.Answer option A is incorrect. Integrity assures the receiver that the received message hasnot been altered in any way from the original.
  • ISSAP Exam Questions and Answers 14Question: 20Adam works as a Security Analyst for Umbrella Inc. CEO of the company ordered him toimplement two-factor authentication for the employees to access their networks. He has toldhim that he would like to use some type of hardware device in tandem with a security oridentifying pin number. Adam decides to implement smart cards but they are not costeffective. Which of the following types of hardware devices will Adam use to implement two-factor authentication?A. Biometric deviceB. One Time PasswordC. Proximity cardsD. Security tokenAnswer: DExplanation: Security token can be a physical device that an authorized user of computerservices is given to ease authentication. The term may also refer to software tokens.Security tokens are used to prove ones identity electronically (as in the case of a customertrying to access his bank account). The token is used in addition to or in place of apassword to prove that the customer is who he claims to be. The token acts like anelectronic key to access something.Answer option A is incorrect. A biometric device is used for uniquely recognizing humansbased upon one or more intrinsic physical orbehavioral traits. Biometrics is used as a form of identity access management and accesscontrol. It is also used to identify individuals in groups that are under surveillance. Biometriccharacteristics can be divided into two main classes:1.Physiological: These devices are related to the shape of the body. But these are notlimited to fingerprint, face recognition, DNA, hand and palm geometry, iris recognition, whichhas largely replaced retina, and odor/scent.2.Behavioral: These are related to the behavior of a person. But they are not limited totyping rhythm, gait, and voice.Answer option C is incorrect. Proximity card (or Prox Card) is a generic name for contactlessintegrated circuit devices used for security access or payment systems. It can refer to theolder 125 kHz devices or the newer 13.56 MHz contactless RFID cards, most commonlyknown as contactless smartcards.Modern proximity cards are covered by the ISO/IEC 14443 (Proximity Card) standard.There is also a related ISO/IEC 15693 (Vicinity Card) standard. Proximity cards arepowered by resonant energy transfer and have a range of 0-3 inches in most instances. Theuser will usually be able to leave the card inside a wallet or purse. The price of the cards isalso low, usually US$2-$5, allowing them to be used in applications such as identificationcards, keycards, payment cards and public transit fare cards.Answer option B is incorrect. A one-time password (OTP) is a password that is only valid fora single login session or transaction. OTP avoid a number of shortcomings that areassociated with traditional (static) passwords. The most important shortcoming that isaddressed by OTP is that, in contrast to static passwords, they are not vulnerable to replayattacks. This means that, if a potential intruder manages to record an OTP that was alreadyused to log into a service or to conduct a transaction, he will not be able to abuse it since it
  • ISSAP Exam Questions and Answers 15will be no longer valid. OTP cannot be memorized by human beings. Therefore they requireadditional technology in order to work.Question: 21Maria works as a Network Security Officer for Gentech Inc. She wants to encrypt hernetwork traffic. The specific requirement for the encryption algorithm is that it must be asymmetric key block cipher. Which of the following techniques will she use to fulfill thisrequirement?A. IDEAB. PGPC. DESD. AESAnswer: CExplanation: The Data Encryption Standard (DES) is a block cipher (a form of shared secretencryption) that was selected by the National Bureau of Standards as an official FederalInformation Processing Standard (FIPS) for the United States in 1976 and which hassubsequently enjoyed widespread use internationally. It is based on a symmetric-keyalgorithm that uses a 56-bit key. The algorithm was initially controversial with classifieddesign elements, a relatively short key length, and suspicions about a National SecurityAgency (NSA) backdoor. DES consequently came under intense academic scrutiny, whichmotivated the modern understanding of block ciphers and their cryptanalysis.Question: 22Which of the following protocols uses public-key cryptography to authenticate the remotecomputer?A. SSHB. TelnetC. SCPD. SSLAnswer: AExplanation: Secure Shell (SSH) is a protocol that provides strong authentication andsecure communications over unsecured channels. It uses public key encryption as the mainmethod for user authentication. SSH secures connections over the Internet by encryptingpasswords and other data.
  • ISSAP Exam Questions and Answers 16It also protects networks against IP spoofing, packet spoofing, password sniffing, andeavesdropping. SSH uses TCP port 22 as the default port and operates at the applicationlayer.SSH protocol has the following three components:1.Transport layer protocol2.User authentication protocol3.Connection protocolAnswer option C is incorrect. The SCP protocol sends data in encrypted format. It is used toprevent potential packet sniffers from extracting usable information from data packets. Theprotocol itself does not provide authentication and security; it relies on the underlyingprotocol, SSH, to provide these features. SCP can interactively request any passwords orpassphrases required to make a connection to a remote host, unlike rcp that fails in thissituation.The SCP protocol implements file transfers only. It does so by connecting to the host usingSSH and there executes an SCP server (scp). The SCP server program is typically thesame program as the SCP client.Answer option D is incorrect. Secure Sockets Layer (SSL), also known as Transport LayerSecurity (TLS) are cryptographic protocols that provide security for communications overnetworks such as the Internet. TLS and SSL encrypt the segments of network connections atthe Transport Layer end-to-end. SSL uses a program layer located between the InternetsHypertext Transfer Protocol (HTTP) and Transport Control Protocol (TCP) layers.Answer option B is incorrect. The full form of Telnet is Teletype Network. It is used toconnect a computer to a local network (LAN) or the Internet. It can also be used foraccessing servers by using a valid user name and password. It is a common way to controlWeb servers remotely.
  • ISSAP Exam Questions and Answers 17ISC2 ISSAP ExamInformation Systems Security Architecture ProfessionalVersion = DemoTotal Questions in Original Product = 249 CertificationNo1. Test Preparation Resource