Amazon
Avaya
Checkpoint
Cisco®
CompTIA
CrowdStrike
EC-Council
EXIN
Fortinet
Google
ISC
ISC2
ITIL®
Juniper
Microsoft
Okta
Palo Alto Networks
Salesforce
All Vendors
  1. Home
  2. ISC
  3. CISSP-ISSAP

ISC CISSP-ISSAP Exam (page: 10)
ISC CISSP-ISSAP Information Systems Security Architecture Professional
Updated on: 15-Dec-2025

Viewing Page 10 of 50
CISSP-ISSAP PDF 241 Questions

You are the Network Administrator for a small business. You need a widely used, but highly secure hashing algorithm.
Which of the following should you choose?

  1. AES
  2. SHA
  3. EAP
  4. CRC32

Answer(s): B

Explanation:

Secure Hash Algorithm (SHA) is a well known, widely used, and highly secure hashing algorithm designed by the National Security Agency.



Which of the following can be configured so that when an alarm is activated, all doors lock and the suspect or intruder is caught between the doors in the dead-space?

  1. Man trap
  2. Biometric device
  3. Host Intrusion Detection System (HIDS)
  4. Network Intrusion Detection System (NIDS)

Answer(s): A

Explanation:

A man-trap in modern physical security protocols refers to a small space having two sets of interlocking doors such that the first set of doors must close before the second set opens. Identification may be required for each door, and possibly different measures for each door. For example, a key may open the first door, but a personal identification number entered on a number pad opens the second. Other methods of opening doors include proximity cards or biometric devices such as fingerprint readers or iris recognition scans. "Man-traps" may be configured so that when an alarm is activated, all doors lock and trap the suspect between the doors in the "dead-space" or lock just one door to deny access to a secure space such as a data center or research lab. Answer options C, D, and B are incorrect. HIDS, biometric devices, and NIDS cannot be configured to catch the suspect or intruder between the doors in the dead-space.



Which of the following refers to a location away from the computer center where document copies and backup media are kept?

  1. Storage Area network
  2. Off-site storage
  3. On-site storage
  4. Network attached storage

Answer(s): B

Explanation:

Off-site storage refers to a location away from the computer center where documents copies and backup media are kept. This storage method is more secure but less convenient and more costly.
Answer option C is incorrect. Onsite storage refers to the same location where the work place is. It is considered more convenient but less secure in case of disaster.
Answer option A is incorrect. A storage area network (SAN) is an architecture to attach remote computer storage devices (such as disk arrays,
tape libraries, and optical jukeboxes) to servers in such a way that the devices appear as locally attached to the operating system.
Answer option D is incorrect. Network attached storage (NAS), in contrast to SAN, uses file-based protocols such as NFS or SMB/CIFS where it is clear that the storage is remote, and computers request a portion of an abstract file rather than a disk block.



Which of the following encryption methods does the SSL protocol use in order to provide communication privacy, authentication, and message integrity? Each correct answer represents a part of the solution. Choose two.

  1. Public key
  2. IPsec
  3. MS-CHAP
  4. Symmetric

Answer(s): A,D

Explanation:

SSL uses a combination of public key and symmetric encryption to provide communication privacy, authentication, and message integrity. Symmetric encryption is a type of encryption that uses a single key to encrypt and decrypt data.
Symmetric encryption algorithms are faster than public key encryption. Therefore, it is commonly used when a message sender needs to encrypt a large amount of data. Data Encryption Standard (DES) uses symmetric encryption key algorithm to encrypt data. The Public Key Encryption also called asymmetric encryption was first publicly proposed by Diffie and Hellman in 1976. Public Key Encryption is more secure than non-public key encryption. It is based on the mathematical functionality rather than on the simple operations on bit patterns. It uses two separate keys. It has five stages as follows:
Plain Text: It is the original message.
Encryption Algorithm: It performs different transformations on plain text. Public and Private Key: It is the input to the encryption algorithm.
Cipher Text: It is the scrambled message as an output.
Decryption Algorithm: It performs on cipher text and gives the original message as an output. Answer option B is incorrect. Internet Protocol Security (IPSec) is a method of securing data. It secures traffic by using encryption and digital signing. It enhances the security of data as if an IPSec packet is captured, its contents cannot be read.
IPSec also provides sender verification that ensures the certainty of the datagram's origin to the receiver. Answer option C is incorrect. Microsoft created the Microsoft Challenge Handshake Authentication Protocol (MS-CHAP) to authenticate remote Windows workstations. It is designed especially for Windows 95, Windows 98, Windows NT, and Windows 2000 networking products. This protocol provides data encryption along with password encryption.



You work as a Network Consultant. A company named Tech Perfect Inc. hires you for security reasons. The manager of the company tells you to establish connectivity between clients and servers of the network which prevents eavesdropping and tampering of data on the Internet.
Which of the following will you configure on the network to perform the given task?

  1. WEP
  2. IPsec
  3. VPN
  4. SSL

Answer(s): D

Explanation:

In order to perform the given task, you will have to configure the SSL protocol on the network. Secure Sockets Layer (SSL) is a protocol used to transmit private documents via the Internet. SSL uses a combination of public key and symmetric encryption to provide communication privacy, authentication, and message integrity. Using the SSL protocol, clients and servers can communicate in a way that prevents eavesdropping and tampering of data on the Internet. Many Web sites use the SSL protocol to obtain confidential user information, such as credit card numbers. By convention, URLs that require an SSL connection start with https: instead of http:. By default, SSL uses port 443 for secured communication.
Answer option B is incorrect. Internet Protocol Security (IPSec) is a method of securing data. It secures traffic by using encryption and digital signing. It enhances the security of data as if an IPSec packet is captured, its contents cannot be read.
IPSec also provides sender verification that ensures the certainty of the datagram's origin to the receiver. Answer option A is incorrect. Wired Equivalent Privacy (WEP) is a security protocol for wireless local area networks (WLANs). It has two components, authentication and encryption. It provides security, which is equivalent to wired networks, for wireless networks. WEP encrypts data on a wireless network by using a fixed secret key. WEP incorporates a checksum in each frame to provide protection against the attacks that attempt to reveal the key stream.
Answer option C is incorrect. VPN stands for virtual private network. It allows users to use the Internet as a secure pipeline to their corporate local area networks (LANs). Remote users can dial-in to any local Internet Service Provider (ISP) and initiate a VPN session to connect to their corporate LAN over the Internet. Companies using VPNs significantly reduce long-distance dial-up charges. VPNs also provide remote employees with an inexpensive way of remaining connected to their company's LAN for extended periods.



Viewing Page 10 of 50



Share your comments for ISC CISSP-ISSAP exam with other users:

srija 8/14/2023 8:53:00 AM

very helpful
EUROPEAN UNION


Thembelani 5/30/2023 2:17:00 AM

i am writing this exam tomorrow and have dumps
Anonymous


Anita 10/1/2023 4:11:00 PM

can i have the icdl excel exam
Anonymous


Ben 9/9/2023 7:35:00 AM

please upload it
Anonymous


anonymous 9/20/2023 11:27:00 PM

hye when will post again the past year question for this h13-311_v3 part since i have to for my test tommorow…thank you very much
Anonymous


Randall 9/28/2023 8:25:00 PM

on question 22, option b-once per session is also valid.
Anonymous


Tshegofatso 8/28/2023 11:51:00 AM

this website is very helpful
SOUTH AFRICA


philly 9/18/2023 2:40:00 PM

its my first time exam
SOUTH AFRICA


Beexam 9/4/2023 9:06:00 PM

correct answers are device configuration-enable the automatic installation of webview2 runtime. & policy management- prevent users from submitting feedback.
NEW ZEALAND


RAWI 7/9/2023 4:54:00 AM

is this dump still valid? today is 9-july-2023
SWEDEN


Annie 6/7/2023 3:46:00 AM

i need this exam.. please upload these are really helpful
PAKISTAN


Shubhra Rathi 8/26/2023 1:08:00 PM

please upload the oracle 1z0-1059-22 dumps
Anonymous


Shiji 10/15/2023 1:34:00 PM

very good questions
INDIA


Rita Rony 11/27/2023 1:36:00 PM

nice, first step to exams
Anonymous


Aloke Paul 9/11/2023 6:53:00 AM

is this valid for chfiv9 as well... as i am reker 3rd time...
CHINA


Calbert Francis 1/15/2024 8:19:00 PM

great exam for people taking 220-1101
UNITED STATES


Ayushi Baria 11/7/2023 7:44:00 AM

this is very helpfull for me
Anonymous


alma 8/25/2023 1:20:00 PM

just started preparing for the exam
UNITED KINGDOM


CW 7/10/2023 6:46:00 PM

these are the type of questions i need.
UNITED STATES


Nobody 8/30/2023 9:54:00 PM

does this actually work? are they the exam questions and answers word for word?
Anonymous


Salah 7/23/2023 9:46:00 AM

thanks for providing these questions
Anonymous


Ritu 9/15/2023 5:55:00 AM

interesting
CANADA


Ron 5/30/2023 8:33:00 AM

these dumps are pretty good.
Anonymous


Sowl 8/10/2023 6:22:00 PM

good questions
UNITED STATES


Blessious Phiri 8/15/2023 2:02:00 PM

dbua is used for upgrading oracle database
Anonymous


Richard 10/24/2023 6:12:00 AM

i am thrilled to say that i passed my amazon web services mls-c01 exam, thanks to study materials. they were comprehensive and well-structured, making my preparation efficient.
Anonymous


Janjua 5/22/2023 3:31:00 PM

please upload latest ibm ace c1000-056 dumps
GERMANY


Matt 12/30/2023 11:18:00 AM

if only explanations were provided...
FRANCE


Rasha 6/29/2023 8:23:00 PM

yes .. i need the dump if you can help me
Anonymous


Anonymous 7/25/2023 8:05:00 AM

good morning, could you please upload this exam again?
SPAIN


AJ 9/24/2023 9:32:00 AM

hi please upload sre foundation and practitioner exam questions
Anonymous


peter parker 8/10/2023 10:59:00 AM

the exam is listed as 80 questions with a pass mark of 70%, how is your 50 questions related?
Anonymous


Berihun 7/13/2023 7:29:00 AM

all questions are so important and covers all ccna modules
Anonymous


nspk 1/19/2024 12:53:00 AM

q 44. ans:- b (goto setup > order settings > select enable optional price books for orders) reference link --> https://resources.docs.salesforce.com/latest/latest/en-us/sfdc/pdf/sfom_impl_b2b_b2b2c.pdf(decide whether you want to enable the optional price books feature. if so, select enable optional price books for orders. you can use orders in salesforce while managing price books in an external platform. if you’re using d2c commerce, you must select enable optional price books for orders.)
Anonymous