Amazon
Avaya
Cisco
CompTIA
CrowdStrike
EC-Council
EXIN
Fortinet
Google
ISC
ISC2
ITIL
Juniper
Microsoft
NVIDIA
Okta
Palo Alto Networks
Salesforce
SAP
ServiceNow
All Vendors
  1. Home
  2. ISC
  3. CISSP-ISSAP

ISC CISSP-ISSAP Exam (page: 10)
ISC CISSP-ISSAP Information Systems Security Architecture Professional
Updated on: 06-Apr-2026

Viewing Page 10 of 50
CISSP-ISSAP PDF 241 Questions

You are the Network Administrator for a small business. You need a widely used, but highly secure hashing algorithm.
Which of the following should you choose?

  1. AES
  2. SHA
  3. EAP
  4. CRC32

Answer(s): B

Explanation:

Secure Hash Algorithm (SHA) is a well known, widely used, and highly secure hashing algorithm designed by the National Security Agency.



Which of the following can be configured so that when an alarm is activated, all doors lock and the suspect or intruder is caught between the doors in the dead-space?

  1. Man trap
  2. Biometric device
  3. Host Intrusion Detection System (HIDS)
  4. Network Intrusion Detection System (NIDS)

Answer(s): A

Explanation:

A man-trap in modern physical security protocols refers to a small space having two sets of interlocking doors such that the first set of doors must close before the second set opens. Identification may be required for each door, and possibly different measures for each door. For example, a key may open the first door, but a personal identification number entered on a number pad opens the second. Other methods of opening doors include proximity cards or biometric devices such as fingerprint readers or iris recognition scans. "Man-traps" may be configured so that when an alarm is activated, all doors lock and trap the suspect between the doors in the "dead-space" or lock just one door to deny access to a secure space such as a data center or research lab. Answer options C, D, and B are incorrect. HIDS, biometric devices, and NIDS cannot be configured to catch the suspect or intruder between the doors in the dead-space.



Which of the following refers to a location away from the computer center where document copies and backup media are kept?

  1. Storage Area network
  2. Off-site storage
  3. On-site storage
  4. Network attached storage

Answer(s): B

Explanation:

Off-site storage refers to a location away from the computer center where documents copies and backup media are kept. This storage method is more secure but less convenient and more costly.
Answer option C is incorrect. Onsite storage refers to the same location where the work place is. It is considered more convenient but less secure in case of disaster.
Answer option A is incorrect. A storage area network (SAN) is an architecture to attach remote computer storage devices (such as disk arrays,
tape libraries, and optical jukeboxes) to servers in such a way that the devices appear as locally attached to the operating system.
Answer option D is incorrect. Network attached storage (NAS), in contrast to SAN, uses file-based protocols such as NFS or SMB/CIFS where it is clear that the storage is remote, and computers request a portion of an abstract file rather than a disk block.



Which of the following encryption methods does the SSL protocol use in order to provide communication privacy, authentication, and message integrity? Each correct answer represents a part of the solution. Choose two.

  1. Public key
  2. IPsec
  3. MS-CHAP
  4. Symmetric

Answer(s): A,D

Explanation:

SSL uses a combination of public key and symmetric encryption to provide communication privacy, authentication, and message integrity. Symmetric encryption is a type of encryption that uses a single key to encrypt and decrypt data.
Symmetric encryption algorithms are faster than public key encryption. Therefore, it is commonly used when a message sender needs to encrypt a large amount of data. Data Encryption Standard (DES) uses symmetric encryption key algorithm to encrypt data. The Public Key Encryption also called asymmetric encryption was first publicly proposed by Diffie and Hellman in 1976. Public Key Encryption is more secure than non-public key encryption. It is based on the mathematical functionality rather than on the simple operations on bit patterns. It uses two separate keys. It has five stages as follows:
Plain Text: It is the original message.
Encryption Algorithm: It performs different transformations on plain text. Public and Private Key: It is the input to the encryption algorithm.
Cipher Text: It is the scrambled message as an output.
Decryption Algorithm: It performs on cipher text and gives the original message as an output. Answer option B is incorrect. Internet Protocol Security (IPSec) is a method of securing data. It secures traffic by using encryption and digital signing. It enhances the security of data as if an IPSec packet is captured, its contents cannot be read.
IPSec also provides sender verification that ensures the certainty of the datagram's origin to the receiver. Answer option C is incorrect. Microsoft created the Microsoft Challenge Handshake Authentication Protocol (MS-CHAP) to authenticate remote Windows workstations. It is designed especially for Windows 95, Windows 98, Windows NT, and Windows 2000 networking products. This protocol provides data encryption along with password encryption.



You work as a Network Consultant. A company named Tech Perfect Inc. hires you for security reasons. The manager of the company tells you to establish connectivity between clients and servers of the network which prevents eavesdropping and tampering of data on the Internet.
Which of the following will you configure on the network to perform the given task?

  1. WEP
  2. IPsec
  3. VPN
  4. SSL

Answer(s): D

Explanation:

In order to perform the given task, you will have to configure the SSL protocol on the network. Secure Sockets Layer (SSL) is a protocol used to transmit private documents via the Internet. SSL uses a combination of public key and symmetric encryption to provide communication privacy, authentication, and message integrity. Using the SSL protocol, clients and servers can communicate in a way that prevents eavesdropping and tampering of data on the Internet. Many Web sites use the SSL protocol to obtain confidential user information, such as credit card numbers. By convention, URLs that require an SSL connection start with https: instead of http:. By default, SSL uses port 443 for secured communication.
Answer option B is incorrect. Internet Protocol Security (IPSec) is a method of securing data. It secures traffic by using encryption and digital signing. It enhances the security of data as if an IPSec packet is captured, its contents cannot be read.
IPSec also provides sender verification that ensures the certainty of the datagram's origin to the receiver. Answer option A is incorrect. Wired Equivalent Privacy (WEP) is a security protocol for wireless local area networks (WLANs). It has two components, authentication and encryption. It provides security, which is equivalent to wired networks, for wireless networks. WEP encrypts data on a wireless network by using a fixed secret key. WEP incorporates a checksum in each frame to provide protection against the attacks that attempt to reveal the key stream.
Answer option C is incorrect. VPN stands for virtual private network. It allows users to use the Internet as a secure pipeline to their corporate local area networks (LANs). Remote users can dial-in to any local Internet Service Provider (ISP) and initiate a VPN session to connect to their corporate LAN over the Internet. Companies using VPNs significantly reduce long-distance dial-up charges. VPNs also provide remote employees with an inexpensive way of remaining connected to their company's LAN for extended periods.



Viewing Page 10 of 50



Share your comments for ISC CISSP-ISSAP exam with other users:

Byset 9/25/2023 12:49:00 AM

it look like real one
Anonymous


Debabrata Das 8/28/2023 8:42:00 AM

i am taking oracle fcc certification test next two days, pls share question dumps
Anonymous


nITA KALE 8/22/2023 1:57:00 AM

i need dumps
Anonymous


CV 9/9/2023 1:54:00 PM

its time to comptia sec+
GREECE


SkepticReader 8/1/2023 8:51:00 AM

question 35 has an answer for a different question. i believe the answer is "a" because it shut off the firewall. "0" in registry data means that its false (aka off).
UNITED STATES


Nabin 10/16/2023 4:58:00 AM

helpful content
MALAYSIA


Blessious Phiri 8/15/2023 3:19:00 PM

oracle 19c is complex db
Anonymous


Sreenivas 10/24/2023 12:59:00 AM

helpful for practice
Anonymous


Liz 9/11/2022 11:27:00 PM

support team is fast and deeply knowledgeable. i appreciate that a lot.
UNITED STATES


Namrata 7/15/2023 2:22:00 AM

helpful questions
Anonymous


lipsa 11/8/2023 12:54:00 PM

thanks for question
Anonymous


Eli 6/18/2023 11:27:00 PM

the software is provided for free so this is a big change. all other sites are charging for that. also that fucking examtopic site that says free is not free at all. you are hit with a pay-wall.
EUROPEAN UNION


open2exam 10/29/2023 1:14:00 PM

i need exam questions nca 6.5 any help please ?
Anonymous


Gerald 9/11/2023 12:22:00 PM

just took the comptia cybersecurity analyst (cysa+) - wished id seeing this before my exam
UNITED STATES


ryo 9/10/2023 2:27:00 PM

very helpful
MEXICO


Jamshed 6/20/2023 4:32:00 AM

i need this exam
PAKISTAN


Roberto Capra 6/14/2023 12:04:00 PM

nice questions... are these questions the same of the exam?
Anonymous


Synt 5/23/2023 9:33:00 PM

need to view
UNITED STATES


Vey 5/27/2023 12:06:00 AM

highly appreciate for your sharing.
CAMBODIA


Tshepang 8/18/2023 4:41:00 AM

kindly share this dump. thank you
Anonymous


Jay 9/26/2023 8:00:00 AM

link plz for download
UNITED STATES


Leo 10/30/2023 1:11:00 PM

data quality oecd
Anonymous


Blessious Phiri 8/13/2023 9:35:00 AM

rman is one good recovery technology
Anonymous


DiligentSam 9/30/2023 10:26:00 AM

need it thx
Anonymous


Vani 8/10/2023 8:11:00 PM

good questions
NEW ZEALAND


Fares 9/11/2023 5:00:00 AM

good one nice revision
Anonymous


Lingaraj 10/26/2023 1:27:00 AM

i love this thank you i need
Anonymous


Muhammad Rawish Siddiqui 12/5/2023 12:38:00 PM

question # 142: data governance is not one of the deliverables in the document and content management context diagram.
SAUDI ARABIA


al 6/7/2023 10:25:00 AM

most answers not correct here
Anonymous


Bano 1/19/2024 2:29:00 AM

what % of questions do we get in the real exam?
UNITED STATES


Oliviajames 10/25/2023 5:31:00 AM

i just want to tell you. i took my microsoft az-104 exam and passed it. your program was awesome. i especially liked your detailed questions and answers and practice tests that made me well-prepared for the exam. thanks to this website!!!
UNITED STATES


Divya 8/27/2023 12:31:00 PM

all the best
UNITED STATES


KY 1/1/2024 11:01:00 PM

very usefull document
Anonymous


Arun 9/20/2023 4:52:00 PM

nice and helpful questions
INDIA