Amazon
Avaya
Cisco
CompTIA
CrowdStrike
EC-Council
EXIN
Fortinet
Google
ISC
ISC2
ITIL
Juniper
Microsoft
NVIDIA
Okta
Palo Alto Networks
Salesforce
SAP
ServiceNow
All Vendors
  1. Home
  2. ISC
  3. CISSP-ISSAP

ISC CISSP-ISSAP Exam (page: 6)
ISC CISSP-ISSAP Information Systems Security Architecture Professional
Updated on: 06-Apr-2026

Viewing Page 6 of 50
CISSP-ISSAP PDF 241 Questions

Which of the following types of attacks cannot be prevented by technical measures only?

  1. Social engineering
  2. Brute force
  3. Smurf DoS
  4. Ping flood attack

Answer(s): A

Explanation:

A social engineering attack is the art of convincing people to disclose useful information such as account names and passwords. This information is further exploited by a hacker to gain access to a user's computer or network. This method involves the ability of people to trick someone mentally rather than exploiting their technical skills. This type of attack cannot be prevented by technical measures only. A user should always distrust a person who asks him for his account name or password, computer name, IP

address, employee ID, or other information that can be misused.



Which of the following attacks can be overcome by applying cryptography?

  1. Web ripping
  2. DoS
  3. Sniffing
  4. Buffer overflow

Answer(s): C

Explanation:

If you send encrypted data packets, sniffers cannot read the data in the plaintext form.
Hence, this attack can be overcome by applying encryption. Majority of the network communications occur in unsecured format. This allows an attacker, who has gained access to data paths in your network, to interpret (read) data traffic. This eavesdropping on your communications is referred to as sniffing or snooping.
Answer option D is incorrect. Buffer overflow is a condition in which an application receives more data than it is configured to accept. It helps an attacker not only to execute a malicious code on the target system but also to install backdoors on the target system for further attacks.
All buffer overflow attacks are due to only sloppy programming or poor memory management by the application developers. The main types of buffer overflows are:
Stack overflow
Format string overflow
Heap overflow
Integer overflow
Answer option A is incorrect. Web ripping is a technique in which the attacker copies the whole structure of a Web site to the local disk and obtains all files of the Web site. Web ripping helps an attacker to trace the loopholes of the Web site. Answer option B is incorrect. A Denial-of-Service (DoS) attack is mounted with the objective of causing a negative impact on the performance of a computer or network. It is also known as network saturation attack or bandwidth consumption attack. Attackers make Denial-of-Service attacks by sending a large number of protocol packets to a network.



Which of the following authentication methods prevents unauthorized execution of code on remote systems?

  1. TACACS
  2. S-RPC
  3. RADIUS
  4. CHAP

Answer(s): B

Explanation:

Secure RPC (Remote Procedure Call) is an authentication method used to authenticate the user and the host. It also prevents unauthorized execution of code on remote systems. S-RPC uses the Diffie-Hellman and DES mechanisms. It is required for the applications to have the NFS
and the NIS+ name service if they use Secure RPC.
Answer option C is incorrect. Remote Authentication Dial In User Service (RADIUS) is a networking protocol that provides centralized access,
authorization and accounting management for people or computers to connect and use a network service.
When a person or device connects to a network often authentication is required. RADIUS is commonly used by ISPs and corporations managing access to the Internet or internal networks employing a variety of networking technologies, including modems, DSL, wireless and VPNs.
Answer option A is incorrect. Terminal Access Controller Access-Control System (TACACS) is a remote authentication protocol that is used to communicate with an authentication server commonly used in UNIX networks. TACACS allows a remote access server to communicate with an authentication server in order to determine if the user has access to the network. TACACS allows a client to accept a username and password and send a query to a TACACS authentication server, sometimes called a TACACS daemon. It uses UDP port 49 as the default port.
Answer option D is incorrect. Challenge Handshake Authentication Protocol (CHAP) is an authentication protocol that uses a secure form of encrypted authentication. Using CHAP, network dial-up connections are able to securely connect to almost all PPP servers.



The simplest form of a firewall is a packet filtering firewall. Typically a router works as a packet- filtering firewall and has the capability to filter on some of the contents of packets. On which of the following layers of the OSI reference model do these routers filter information? Each correct answer represents a complete solution. Choose all that apply.

  1. Transport layer
  2. Physical layer
  3. Data Link layer
  4. Network layer

Answer(s): A,D

Explanation:

Typically routers work as packet-filtering firewalls. These routers have the capability to filter on some of the contents of packets. The information that a packet filtering firewall can examine includes the Network layer (layer 3) and sometimes the Transport layer (layer 4)
information. For example, Cisco routers with standard ACLs filter information at the Network layer.
However, Cisco routers with extended ACLs filter information at both the Network layer and Transport layer. Answer option B is incorrect. The Physical Layer defines the means of transmitting raw bits rather than logical data packets over a physical link connecting network nodes.



Andrew works as a Network Administrator for Infonet Inc. The company's network has a Web server that hosts the company's Web site. Andrew wants to increase the security of the Web site by implementing Secure Sockets Layer (SSL).
Which of the following types of encryption does SSL use? Each correct answer represents a complete solution. Choose two.

  1. Synchronous
  2. Secret
  3. Asymmetric
  4. Symmetric

Answer(s): C,D

Explanation:

SSL uses both the symmetric and asymmetric encryption algorithms. Symmetric algorithm uses the same key to encrypt and decrypt data. This algorithm is faster than asymmetric algorithm but not as secure as it. Asymmetric algorithms use a pair of keys. Data encrypted using one key can only be decrypted using the other. Typically, one of the keys is kept private while the other is made public. Because one key is always kept private, asymmetric algorithm is generally secure. However, it is much slower than symmetric algorithm. To take advantage of both algorithms, SSL encapsulates a randomly selected symmetric key inside a message encrypted with an asymmetric algorithm.
Using the SSL protocol, clients and servers can communicate in a way that prevents eavesdropping and tampering of data on the Internet.
Many Web sites use the SSL protocol to obtain confidential user information, such as credit card numbers. By convention, URLs that require an
SSL connection start with https: instead of http:. By default, SSL uses port 443 for secured communication.



Viewing Page 6 of 50



Share your comments for ISC CISSP-ISSAP exam with other users:

Megan 4/14/2023 5:08:00 PM

these practice exam questions were exactly what i needed. the variety of questions and the realistic exam-like environment they created helped me assess my strengths and weaknesses. i felt more confident and well-prepared on exam day, and i owe it to this exam dumps!
UNITED KINGDOM


abdo casa 8/9/2023 6:10:00 PM

thank u it very instructuf
Anonymous


Danny 1/15/2024 9:10:00 AM

its helpful?
INDIA


hanaa 10/3/2023 6:57:00 PM

is this dump still valid???
Anonymous


Georgio 1/19/2024 8:15:00 AM

question 205 answer is b
Anonymous


Matthew Dievendorf 5/30/2023 9:37:00 PM

question 39, should be answer b, directions stated is being sudneted from /21 to a /23. a /23 has 512 ips so 510 hosts. and can make 4 subnets out of the /21
Anonymous


Adhithya 8/11/2022 12:27:00 AM

beautiful test engine software and very helpful. questions are same as in the real exam. i passed my paper.
UNITED ARAB EMIRATES


SuckerPumch88 4/25/2022 10:24:00 AM

the questions are exactly the same in real exam. just make sure not to answer all them correct or else they suspect you are cheating.
UNITED STATES


soheib 7/24/2023 7:05:00 PM

question: 78 the right answer i think is d not a
Anonymous


srija 8/14/2023 8:53:00 AM

very helpful
EUROPEAN UNION


Thembelani 5/30/2023 2:17:00 AM

i am writing this exam tomorrow and have dumps
Anonymous


Anita 10/1/2023 4:11:00 PM

can i have the icdl excel exam
Anonymous


Ben 9/9/2023 7:35:00 AM

please upload it
Anonymous


anonymous 9/20/2023 11:27:00 PM

hye when will post again the past year question for this h13-311_v3 part since i have to for my test tommorow…thank you very much
Anonymous


Randall 9/28/2023 8:25:00 PM

on question 22, option b-once per session is also valid.
Anonymous


Tshegofatso 8/28/2023 11:51:00 AM

this website is very helpful
SOUTH AFRICA


philly 9/18/2023 2:40:00 PM

its my first time exam
SOUTH AFRICA


Beexam 9/4/2023 9:06:00 PM

correct answers are device configuration-enable the automatic installation of webview2 runtime. & policy management- prevent users from submitting feedback.
NEW ZEALAND


RAWI 7/9/2023 4:54:00 AM

is this dump still valid? today is 9-july-2023
SWEDEN


Annie 6/7/2023 3:46:00 AM

i need this exam.. please upload these are really helpful
PAKISTAN


Shubhra Rathi 8/26/2023 1:08:00 PM

please upload the oracle 1z0-1059-22 dumps
Anonymous


Shiji 10/15/2023 1:34:00 PM

very good questions
INDIA


Rita Rony 11/27/2023 1:36:00 PM

nice, first step to exams
Anonymous


Aloke Paul 9/11/2023 6:53:00 AM

is this valid for chfiv9 as well... as i am reker 3rd time...
CHINA


Calbert Francis 1/15/2024 8:19:00 PM

great exam for people taking 220-1101
UNITED STATES


Ayushi Baria 11/7/2023 7:44:00 AM

this is very helpfull for me
Anonymous


alma 8/25/2023 1:20:00 PM

just started preparing for the exam
UNITED KINGDOM


CW 7/10/2023 6:46:00 PM

these are the type of questions i need.
UNITED STATES


Nobody 8/30/2023 9:54:00 PM

does this actually work? are they the exam questions and answers word for word?
Anonymous


Salah 7/23/2023 9:46:00 AM

thanks for providing these questions
Anonymous


Ritu 9/15/2023 5:55:00 AM

interesting
CANADA


Ron 5/30/2023 8:33:00 AM

these dumps are pretty good.
Anonymous


Sowl 8/10/2023 6:22:00 PM

good questions
UNITED STATES


Blessious Phiri 8/15/2023 2:02:00 PM

dbua is used for upgrading oracle database
Anonymous