You are the Network Administrator for a small business. You need a widely used, but highly secure hashing algorithm.Which of the following should you choose?
Answer(s): B
Secure Hash Algorithm (SHA) is a well known, widely used, and highly secure hashing algorithm designed by the National Security Agency.
Which of the following can be configured so that when an alarm is activated, all doors lock and the suspect or intruder is caught between the doors in the dead-space?
Answer(s): A
A man-trap in modern physical security protocols refers to a small space having two sets of interlocking doors such that the first set of doors must close before the second set opens. Identification may be required for each door, and possibly different measures for each door. For example, a key may open the first door, but a personal identification number entered on a number pad opens the second. Other methods of opening doors include proximity cards or biometric devices such as fingerprint readers or iris recognition scans. "Man-traps" may be configured so that when an alarm is activated, all doors lock and trap the suspect between the doors in the "dead-space" or lock just one door to deny access to a secure space such as a data center or research lab. Answer options C, D, and B are incorrect. HIDS, biometric devices, and NIDS cannot be configured to catch the suspect or intruder between the doors in the dead-space.
Which of the following refers to a location away from the computer center where document copies and backup media are kept?
Off-site storage refers to a location away from the computer center where documents copies and backup media are kept. This storage method is more secure but less convenient and more costly.Answer option C is incorrect. Onsite storage refers to the same location where the work place is. It is considered more convenient but less secure in case of disaster.Answer option A is incorrect. A storage area network (SAN) is an architecture to attach remote computer storage devices (such as disk arrays,tape libraries, and optical jukeboxes) to servers in such a way that the devices appear as locally attached to the operating system.Answer option D is incorrect. Network attached storage (NAS), in contrast to SAN, uses file-based protocols such as NFS or SMB/CIFS where it is clear that the storage is remote, and computers request a portion of an abstract file rather than a disk block.
Which of the following encryption methods does the SSL protocol use in order to provide communication privacy, authentication, and message integrity? Each correct answer represents a part of the solution. Choose two.
Answer(s): A,D
SSL uses a combination of public key and symmetric encryption to provide communication privacy, authentication, and message integrity. Symmetric encryption is a type of encryption that uses a single key to encrypt and decrypt data.Symmetric encryption algorithms are faster than public key encryption. Therefore, it is commonly used when a message sender needs to encrypt a large amount of data. Data Encryption Standard (DES) uses symmetric encryption key algorithm to encrypt data. The Public Key Encryption also called asymmetric encryption was first publicly proposed by Diffie and Hellman in 1976. Public Key Encryption is more secure than non-public key encryption. It is based on the mathematical functionality rather than on the simple operations on bit patterns. It uses two separate keys. It has five stages as follows:Plain Text: It is the original message.Encryption Algorithm: It performs different transformations on plain text. Public and Private Key: It is the input to the encryption algorithm.Cipher Text: It is the scrambled message as an output.Decryption Algorithm: It performs on cipher text and gives the original message as an output. Answer option B is incorrect. Internet Protocol Security (IPSec) is a method of securing data. It secures traffic by using encryption and digital signing. It enhances the security of data as if an IPSec packet is captured, its contents cannot be read.IPSec also provides sender verification that ensures the certainty of the datagram's origin to the receiver. Answer option C is incorrect. Microsoft created the Microsoft Challenge Handshake Authentication Protocol (MS-CHAP) to authenticate remote Windows workstations. It is designed especially for Windows 95, Windows 98, Windows NT, and Windows 2000 networking products. This protocol provides data encryption along with password encryption.
You work as a Network Consultant. A company named Tech Perfect Inc. hires you for security reasons. The manager of the company tells you to establish connectivity between clients and servers of the network which prevents eavesdropping and tampering of data on the Internet.Which of the following will you configure on the network to perform the given task?
Answer(s): D
In order to perform the given task, you will have to configure the SSL protocol on the network. Secure Sockets Layer (SSL) is a protocol used to transmit private documents via the Internet. SSL uses a combination of public key and symmetric encryption to provide communication privacy, authentication, and message integrity. Using the SSL protocol, clients and servers can communicate in a way that prevents eavesdropping and tampering of data on the Internet. Many Web sites use the SSL protocol to obtain confidential user information, such as credit card numbers. By convention, URLs that require an SSL connection start with https: instead of http:. By default, SSL uses port 443 for secured communication.Answer option B is incorrect. Internet Protocol Security (IPSec) is a method of securing data. It secures traffic by using encryption and digital signing. It enhances the security of data as if an IPSec packet is captured, its contents cannot be read.IPSec also provides sender verification that ensures the certainty of the datagram's origin to the receiver. Answer option A is incorrect. Wired Equivalent Privacy (WEP) is a security protocol for wireless local area networks (WLANs). It has two components, authentication and encryption. It provides security, which is equivalent to wired networks, for wireless networks. WEP encrypts data on a wireless network by using a fixed secret key. WEP incorporates a checksum in each frame to provide protection against the attacks that attempt to reveal the key stream.Answer option C is incorrect. VPN stands for virtual private network. It allows users to use the Internet as a secure pipeline to their corporate local area networks (LANs). Remote users can dial-in to any local Internet Service Provider (ISP) and initiate a VPN session to connect to their corporate LAN over the Internet. Companies using VPNs significantly reduce long-distance dial-up charges. VPNs also provide remote employees with an inexpensive way of remaining connected to their company's LAN for extended periods.
Share your comments for ISC CISSP-ISSAP exam with other users:
planning to take psm test
please allow to download
please provide dumps
is the answer to question 15 correct ? i feel like the answer should be b
its getting more technical
i think these questions are what i need.
helpful assessment
i am confused about the answers to the questions. do you know if the answers are correct?
hi, please make the dumps available for my upcoming examination.
good practice
so far it is really informative
hi i want it please please upload it
am preparing for exam ,just nice questions
please upload c_tadm_23 exam
can we get tdvan4 vantage data engineering pdf?
want to clear the exam.
could you please upload the dumps of sap c_sac_2302
asm management configuration is about storage
kool thumb up
just passed the az-500 exam this last friday. most of the questions in this exam dumps are in the exam. i bought the full version and noticed some of the questions which were answered wrong in the free version are all corrected in the full version. this site is good but i wish the had it in an interactive version like a test engine simulator.
i can practice for exam
please i need this exam.
i need the dump
i want it bad, even if cs6 maybe retired, i want to learn cs6
i hate comptia with all my heart with their "choose the best" answer format as an argument could be made on every question. they say "the "comptia way", lmao no this right here boys is the comptia way 100%. take it from someone whos failed this exam twice but can configure an entire complex network that these are the questions that are on the test 100% no questions asked. the pbqs are dead on! nice work
very good materials
thanks for your support.
iam impressed with the quality of these dumps. they questions and answers were easy to understand and the xengine app was very helpful to use.
not bad but you question database from isaca
awesome contents
answer to 134 is casb. while data loss prevention is the goal, in order to implement dlp in cloud applications you need to deploy a casb.
are these brain dumps sufficient enough to go write exam after practicing them? or does one need more material this wont be enough?
i did attend the required cources and i need to be sure that i am ready to take the exam, i would ask you please to share the questions, to be sure that i am fit to proceed with taking the exam.
why only give explanations on some, and not all questions and their respective answers?
Keeping this site free takes real effort. We constantly battle automated scraping and unauthorized content copying. A quick account helps us protect the community and keep the site free.
To continue studying for your CISSP-ISSAP, please sign in or create a free account.