Amazon
Avaya
Cisco
CompTIA
CrowdStrike
EC-Council
EXIN
Fortinet
Google
ISC
ISC2
ITIL
Juniper
Microsoft
NVIDIA
Okta
Palo Alto Networks
Salesforce
SAP
ServiceNow
All Vendors
  1. Home
  2. ISC
  3. CISSP-ISSAP

ISC CISSP-ISSAP Exam (page: 5)
ISC CISSP-ISSAP Information Systems Security Architecture Professional
Updated on: 06-Apr-2026

Viewing Page 5 of 50
CISSP-ISSAP PDF 241 Questions

Maria works as a Network Security Officer for Gentech Inc. She wants to encrypt her network traffic.

The specific requirement for the encryption algorithm is that it must be a symmetric key block cipher.
Which of the following techniques will she use to fulfill this requirement?

  1. IDEA
  2. PGP
  3. DES
  4. AES

Answer(s): C

Explanation:

The Data Encryption Standard (DES) is a block cipher (a form of shared secret encryption) that was selected by the National Bureau of Standards as an official Federal Information Processing Standard (FIPS) for the United States in 1976

and which has subsequently enjoyed widespread use internationally. It is based on a symmetric-key algorithm that uses a 56-bit key. The algorithm was initially controversial with classified design elements, a relatively short key length, and suspicions about a National Security Agency (NSA) backdoor. DES consequently came under intense academic scrutiny, which motivated the modern understanding of block ciphers and their cryptanalysis.



Which of the following protocols uses public-key cryptography to authenticate the remote computer?

  1. SSH
  2. Telnet
  3. SCP
  4. SSL

Answer(s): A

Explanation:

Secure Shell (SSH) is a protocol that provides strong authentication and secure communications over unsecured channels. It uses public key encryption as the main method for user authentication. SSH secures connections over the Internet by encrypting passwords and other data.
It also protects networks against IP spoofing, packet spoofing, password sniffing, and eavesdropping.
SSH uses TCP port 22 as the default port and operates at the application layer.
SSH protocol has the following three components:
1.Transport layer protocol
2.User authentication protocol
3.Connection protocol
Answer option C is incorrect. The SCP protocol sends data in encrypted format. It is used to prevent potential packet sniffers from extracting usable information from data packets. The protocol itself does not provide authentication and security; it relies on the underlying protocol,
SSH, to provide these features. SCP can interactively request any passwords or passphrases required to make a connection to a remote host,

unlike rcp that fails in this situation.
The SCP protocol implements file transfers only. It does so by connecting to the host using SSH and there executes an SCP server (scp). The
SCP server program is typically the same program as the SCP client. Answer option D is incorrect. Secure Sockets Layer (SSL), also known as Transport Layer Security (TLS) are cryptographic protocols that provide security for communications over networks such as the Internet. TLS and SSL encrypt the segments of network connections at the
Transport Layer end-to-end. SSL uses a program layer located between the Internet's Hypertext Transfer Protocol (HTTP) and Transport
Control Protocol (TCP) layers.
Answer option B is incorrect. The full form of Telnet is Teletype Network. It is used to connect a computer to a local network (LAN) or the
Internet. It can also be used for accessing servers by using a valid user name and password. It is a common way to control Web servers remotely.



Which of the following cryptographic system services ensures that information will not be disclosed to any unauthorized person on a local network?

  1. Authentication
  2. Non-repudiation
  3. Integrity
  4. Confidentiality

Answer(s): D

Explanation:

The confidentiality service of a cryptographic system ensures that information will not be disclosed to any unauthorized person on a local network.



Which of the following are the examples of technical controls? Each correct answer represents a complete solution. Choose three.

  1. Auditing
  2. Network acchitecture
  3. System access
  4. Data backups

Answer(s): A,B,C

Explanation:

The following are the examples of technical controls:
Network acchitecture

System access auditing



Which of the following tenets does the CIA triad provide for which security practices are measured? Each correct answer represents a part of the solution. Choose all that apply.

  1. Integrity
  2. Accountability
  3. Availability
  4. Confidentiality

Answer(s): A,C,D

Explanation:

The CIA triad provides the following three tenets for which security practices are measured:
Confidentiality: It is the property of preventing disclosure of information to unauthorized individuals or systems. Breaches of confidentiality take many forms. Permitting someone to look over your shoulder at your computer screen while you have confidential data displayed on it could be a breach of confidentiality. If a laptop computer containing sensitive information about a company's employees is stolen or sold, it could result in a breach of confidentiality. Integrity: It means that data cannot be modified without authorization. Integrity is violated when an employee accidentally or with malicious intent deletes important data files, when a computer virus infects a computer, when an employee is able to modify his own salary in a payroll database, when an unauthorized user vandalizes a web site, when someone is able to cast a very large number of votes in an online poll, and so on.
Availability: It means that data must be available at every time when it is needed.



Viewing Page 5 of 50



Share your comments for ISC CISSP-ISSAP exam with other users:

Kiky V 8/8/2023 6:32:00 PM

i am really liking it
Anonymous


trying 7/28/2023 12:37:00 PM

thanks good stuff
UNITED STATES


exampei 10/4/2023 2:40:00 PM

need dump c_tadm_23
Anonymous


Eman Sawalha 6/10/2023 6:18:00 AM

next time i will write a full review
GREECE


johnpaul 11/15/2023 7:55:00 AM

first time using this site
ROMANIA


omiornil@gmail.com 7/25/2023 9:36:00 AM

please sent me oracle 1z0-1105-22 pdf
BANGLADESH


John 8/29/2023 8:59:00 PM

very helpful
Anonymous


Kvana 9/28/2023 12:08:00 PM

good info about oml
UNITED STATES


Checo Lee 7/3/2023 5:45:00 PM

very useful to practice
UNITED STATES


dixitdnoh@gmail.com 8/27/2023 2:58:00 PM

this website is very helpful.
UNITED STATES


Sanjay 8/14/2023 8:07:00 AM

good content
INDIA


Blessious Phiri 8/12/2023 2:19:00 PM

so challenging
Anonymous


PAYAL 10/17/2023 7:14:00 AM

17 should be d ,for morequery its scale out
Anonymous


Karthik 10/12/2023 10:51:00 AM

nice question
Anonymous


Godmode 5/7/2023 10:52:00 AM

yes.
NETHERLANDS


Bhuddhiman 7/30/2023 1:18:00 AM

good mateial
Anonymous


KJ 11/17/2023 3:50:00 PM

good practice exam
Anonymous


sowm 10/29/2023 2:44:00 PM

impressivre qustion
Anonymous


CW 7/6/2023 7:06:00 PM

questions seem helpful
Anonymous


luke 9/26/2023 10:52:00 AM

good content
Anonymous


zazza 6/16/2023 9:08:00 AM

question 21 answer is alerts
ITALY


Abwoch Peter 7/4/2023 3:08:00 AM

am preparing for exam
Anonymous


mohamed 9/12/2023 5:26:00 AM

good one thanks
EGYPT


Mfc 10/23/2023 3:35:00 PM

only got thru 5 questions, need more to evaluate
Anonymous


Whizzle 7/24/2023 6:19:00 AM

q26 should be b
Anonymous


sarra 1/17/2024 3:44:00 AM

the aaa triad in information security is authentication, accounting and authorisation so the answer should be d 1, 3 and 5.
UNITED KINGDOM


DBS 5/14/2023 12:56:00 PM

need to attend this
UNITED STATES


Da_costa 8/1/2023 5:28:00 PM

these are free brain dumps i understand, how can one get free pdf
Anonymous


vikas 10/28/2023 6:57:00 AM

provide access
EUROPEAN UNION


Abdullah 9/29/2023 2:06:00 AM

good morning
Anonymous


Raj 6/26/2023 3:12:00 PM

please upload the ncp-mci 6.5 dumps, really need to practice this one. thanks guys
Anonymous


Miguel 10/5/2023 12:21:00 PM

question 16: https://help.salesforce.com/s/articleview?id=sf.care_console_overview.htm&type=5
SPAIN


Hiren Ladva 7/8/2023 10:34:00 PM

yes i m prepared exam
Anonymous


oliverjames 10/24/2023 5:37:00 AM

my experience was great with this site as i studied for the ms-900 from here and got 900/1000 on the test. my main focus was on the tutorials which were provided and practice questions. thanks!
GERMANY