Amazon
Avaya
Checkpoint
Cisco®
CompTIA
CrowdStrike
EC-Council
EXIN
Fortinet
Google
ISC
ISC2
ITIL®
Juniper
Microsoft
Okta
Palo Alto Networks
Salesforce
All Vendors
  1. Home
  2. ISC
  3. CISSP-ISSAP

ISC CISSP-ISSAP Exam (page: 6)
ISC CISSP-ISSAP Information Systems Security Architecture Professional
Updated on: 15-Dec-2025

Viewing Page 6 of 50
CISSP-ISSAP PDF 241 Questions

Which of the following types of attacks cannot be prevented by technical measures only?

  1. Social engineering
  2. Brute force
  3. Smurf DoS
  4. Ping flood attack

Answer(s): A

Explanation:

A social engineering attack is the art of convincing people to disclose useful information such as account names and passwords. This information is further exploited by a hacker to gain access to a user's computer or network. This method involves the ability of people to trick someone mentally rather than exploiting their technical skills. This type of attack cannot be prevented by technical measures only. A user should always distrust a person who asks him for his account name or password, computer name, IP

address, employee ID, or other information that can be misused.



Which of the following attacks can be overcome by applying cryptography?

  1. Web ripping
  2. DoS
  3. Sniffing
  4. Buffer overflow

Answer(s): C

Explanation:

If you send encrypted data packets, sniffers cannot read the data in the plaintext form.
Hence, this attack can be overcome by applying encryption. Majority of the network communications occur in unsecured format. This allows an attacker, who has gained access to data paths in your network, to interpret (read) data traffic. This eavesdropping on your communications is referred to as sniffing or snooping.
Answer option D is incorrect. Buffer overflow is a condition in which an application receives more data than it is configured to accept. It helps an attacker not only to execute a malicious code on the target system but also to install backdoors on the target system for further attacks.
All buffer overflow attacks are due to only sloppy programming or poor memory management by the application developers. The main types of buffer overflows are:
Stack overflow
Format string overflow
Heap overflow
Integer overflow
Answer option A is incorrect. Web ripping is a technique in which the attacker copies the whole structure of a Web site to the local disk and obtains all files of the Web site. Web ripping helps an attacker to trace the loopholes of the Web site. Answer option B is incorrect. A Denial-of-Service (DoS) attack is mounted with the objective of causing a negative impact on the performance of a computer or network. It is also known as network saturation attack or bandwidth consumption attack. Attackers make Denial-of-Service attacks by sending a large number of protocol packets to a network.



Which of the following authentication methods prevents unauthorized execution of code on remote systems?

  1. TACACS
  2. S-RPC
  3. RADIUS
  4. CHAP

Answer(s): B

Explanation:

Secure RPC (Remote Procedure Call) is an authentication method used to authenticate the user and the host. It also prevents unauthorized execution of code on remote systems. S-RPC uses the Diffie-Hellman and DES mechanisms. It is required for the applications to have the NFS
and the NIS+ name service if they use Secure RPC.
Answer option C is incorrect. Remote Authentication Dial In User Service (RADIUS) is a networking protocol that provides centralized access,
authorization and accounting management for people or computers to connect and use a network service.
When a person or device connects to a network often authentication is required. RADIUS is commonly used by ISPs and corporations managing access to the Internet or internal networks employing a variety of networking technologies, including modems, DSL, wireless and VPNs.
Answer option A is incorrect. Terminal Access Controller Access-Control System (TACACS) is a remote authentication protocol that is used to communicate with an authentication server commonly used in UNIX networks. TACACS allows a remote access server to communicate with an authentication server in order to determine if the user has access to the network. TACACS allows a client to accept a username and password and send a query to a TACACS authentication server, sometimes called a TACACS daemon. It uses UDP port 49 as the default port.
Answer option D is incorrect. Challenge Handshake Authentication Protocol (CHAP) is an authentication protocol that uses a secure form of encrypted authentication. Using CHAP, network dial-up connections are able to securely connect to almost all PPP servers.



The simplest form of a firewall is a packet filtering firewall. Typically a router works as a packet- filtering firewall and has the capability to filter on some of the contents of packets. On which of the following layers of the OSI reference model do these routers filter information? Each correct answer represents a complete solution. Choose all that apply.

  1. Transport layer
  2. Physical layer
  3. Data Link layer
  4. Network layer

Answer(s): A,D

Explanation:

Typically routers work as packet-filtering firewalls. These routers have the capability to filter on some of the contents of packets. The information that a packet filtering firewall can examine includes the Network layer (layer 3) and sometimes the Transport layer (layer 4)
information. For example, Cisco routers with standard ACLs filter information at the Network layer.
However, Cisco routers with extended ACLs filter information at both the Network layer and Transport layer. Answer option B is incorrect. The Physical Layer defines the means of transmitting raw bits rather than logical data packets over a physical link connecting network nodes.



Andrew works as a Network Administrator for Infonet Inc. The company's network has a Web server that hosts the company's Web site. Andrew wants to increase the security of the Web site by implementing Secure Sockets Layer (SSL).
Which of the following types of encryption does SSL use? Each correct answer represents a complete solution. Choose two.

  1. Synchronous
  2. Secret
  3. Asymmetric
  4. Symmetric

Answer(s): C,D

Explanation:

SSL uses both the symmetric and asymmetric encryption algorithms. Symmetric algorithm uses the same key to encrypt and decrypt data. This algorithm is faster than asymmetric algorithm but not as secure as it. Asymmetric algorithms use a pair of keys. Data encrypted using one key can only be decrypted using the other. Typically, one of the keys is kept private while the other is made public. Because one key is always kept private, asymmetric algorithm is generally secure. However, it is much slower than symmetric algorithm. To take advantage of both algorithms, SSL encapsulates a randomly selected symmetric key inside a message encrypted with an asymmetric algorithm.
Using the SSL protocol, clients and servers can communicate in a way that prevents eavesdropping and tampering of data on the Internet.
Many Web sites use the SSL protocol to obtain confidential user information, such as credit card numbers. By convention, URLs that require an
SSL connection start with https: instead of http:. By default, SSL uses port 443 for secured communication.



Viewing Page 6 of 50



Share your comments for ISC CISSP-ISSAP exam with other users:

AbedRabbou Alaqabna 12/18/2023 3:10:00 AM

q50: which two functions can be used by an end user when pivoting an interactive report? the correct answer is a, c because we do not have rank in the function pivoting you can check in the apex app
GREECE


Rohan Limaye 12/30/2023 8:52:00 AM

best to practice
Anonymous


Aparajeeta 10/13/2023 2:42:00 PM

so far it is good
Anonymous


Vgf 7/20/2023 3:59:00 PM

please provide me the dump
Anonymous


Deno 10/25/2023 1:14:00 AM

i failed the cisa exam today. but i have found all the questions that were on the exam to be on this site.
Anonymous


CiscoStudent 11/15/2023 5:29:00 AM

in question 272 the right answer states that an autonomous acces point is "configured and managed by the wlc" but this is not what i have learned in my ccna course. is this a mistake? i understand that lightweight aps are managed by wlc while autonomous work as standalones on the wlan.
Anonymous


pankaj 9/28/2023 4:36:00 AM

it was helpful
Anonymous


User123 10/8/2023 9:59:00 AM

good question
UNITED STATES


vinay 9/4/2023 10:23:00 AM

really nice
Anonymous


Usman 8/28/2023 10:07:00 AM

please i need dumps for isc2 cybersecuity
Anonymous


Q44 7/30/2023 11:50:00 AM

ans is coldline i think
UNITED STATES


Anuj 12/21/2023 1:30:00 PM

very helpful
Anonymous


Giri 9/13/2023 10:31:00 PM

can you please provide dumps so that it helps me more
UNITED STATES


Aaron 2/8/2023 12:10:00 AM

thank you for providing me with the updated question and answers. this version has all the questions from the exam. i just saw them in my exam this morning. i passed my exam today.
SOUTH AFRICA


Sarwar 12/21/2023 4:54:00 PM

how i can see exam questions?
CANADA


Chengchaone 9/11/2023 10:22:00 AM

can you please upload please?
Anonymous


Mouli 9/2/2023 7:02:00 AM

question 75: option c is correct answer
Anonymous


JugHead 9/27/2023 2:40:00 PM

please add this exam
Anonymous


sushant 6/28/2023 4:38:00 AM

please upoad
EUROPEAN UNION


John 8/7/2023 12:09:00 AM

has anyone recently attended safe 6.0 certification? is it the samq question from here.
Anonymous


Blessious Phiri 8/14/2023 3:49:00 PM

expository experience
Anonymous


concerned citizen 12/29/2023 11:31:00 AM

52 should be b&c. controller failure has nothing to do with this type of issue. degraded state tells us its a raid issue, and if the os is missing then the bootable device isnt found. the only other consideration could be data loss but thats somewhat broad whereas b&c show understanding of the specific issues the question is asking about.
UNITED STATES


deedee 12/23/2023 5:10:00 PM

great help!!!
UNITED STATES


Samir 8/1/2023 3:07:00 PM

very useful tools
UNITED STATES


Saeed 11/7/2023 3:14:00 AM

looks a good platform to prepare az-104
Anonymous


Matiullah 6/24/2023 7:37:00 AM

want to pass the exam
Anonymous


SN 9/5/2023 2:25:00 PM

good resource
UNITED STATES


Zoubeyr 9/8/2023 5:56:00 AM

question 11 : d
FRANCE


User 8/29/2023 3:24:00 AM

only the free dumps will be enough for pass, or have to purchase the premium one. please suggest.
Anonymous


CW 7/6/2023 7:37:00 PM

good questions. thanks.
Anonymous


Farooqi 11/21/2023 1:37:00 AM

good for practice.
INDIA


Isaac 10/28/2023 2:30:00 PM

great case study
UNITED STATES


Malviya 2/3/2023 9:10:00 AM

the questions in this exam dumps is valid. i passed my test last monday. i only whish they had their pricing in inr instead of usd. but it is still worth it.
INDIA


rsmyth 5/18/2023 12:44:00 PM

q40 the answer is not d, why are you giving incorrect answers? snapshot consolidation is used to merge the snapshot delta disk files to the vm base disk
IRELAND