ISSAP Online Practice Questions and Answers

Which of the following protocols multicasts messages and information among all member devices in an IP multicast group?

A. ARP

B. ICMP

C. TCP

D. IGMP

Which of the following types of attack can be used to break the best physical and logical security mechanism to gain access to a system?

A. Social engineering attack

B. Cross site scripting attack

C. Mail bombing

D. Password guessing attack

An organization wants to allow a certificate authority to gain access to the encrypted data and create digital signatures on behalf of the user. The data is encrypted using the public key from a user's certificate. Which of the following processes fulfills the above requirements?

A. Key escrow

B. Key storage

C. Key revocation

D. Key recovery

Which of the following statements about incremental backup are true? Each correct answer represents a complete solution. Choose two.

A. It is the fastest method of backing up data.

B. It is the slowest method for taking a data backup.

C. It backs up the entire database, including the transaction log.

D. It backs up only the files changed since the most recent backup and clears the archive bit.

You are the Security Consultant and have been contacted by a client regarding their encryption and hashing algorithms. Their in-house network administrator tells you that their current hashing algorithm is an older one with known weaknesses and is not collision resistant.Which algorithm are they most likely using for hashing?

A. PKI

B. SHA

C. Kerberos

D. MD5

You work as a Security Manager for Tech Perfect Inc. A number of people are involved with you in the DRP efforts. You have maintained several different types of plan documents, intended for different audiences. Which of the following documents will be useful for you as well as public relations personnel who require a non-technical perspective on the entire organization's disaster recovery efforts?

A. Technical guide

B. Executive summary

C. Checklist

D. Department-specific plan

Which of the following methods for identifying appropriate BIA interviewees' includes examining the organizational chart of the enterprise to understand the functional positions?

A. Executive management interviews

B. Overlaying system technology

C. Organizational chart reviews

D. Organizational process models

You are the Security Administrator for a consulting firm. One of your clients needs to encrypt traffic. However, he has specific requirements for the encryption algorithm. It must be a symmetric key block cipher. Which of the following should you choose for this client?

A. PGP

B. SSH

C. DES

D. RC4

Which of the following techniques can be used by an administrator while working with the symmetric encryption cryptography? Each correct answer represents a complete solution. Choose all that apply.

A. Block cipher

B. Stream cipher

C. Transposition cipher

D. Message Authentication Code

Your customer is concerned about security. He wants to make certain no one in the outside world can see the IP addresses inside his network. What feature of a router would accomplish this?

A. Port forwarding

B. NAT

C. MAC filtering

D. Firewall