Actual CISSP-ISSAP Software 2021

NEW QUESTION 1
You are calculating the Annualized Loss Expectancy (ALE) using the following formula: ALE=AV * EF * ARO What information does the AV (Asset Value) convey?

• A. It represents how many times per year a specific threat occur
• B. It represents the percentage of loss that an asset experiences if an anticipated threat occur
• C. It is expected loss for an asset due to a risk over a one year perio
• D. It represents the total cost of an asset, including the purchase price, recurring maintenance, expenses, and all other cost

Answer: D

NEW QUESTION 2
Which of the following is an electrical event shows that there is enough power on the grid to prevent from a total power loss but there is no enough power to meet the current electrical demand?

• A. Power Surge
• B. Power Spike
• C. Blackout
• D. Brownout

Answer: D

NEW QUESTION 3
Which of the following two cryptography methods are used by NTFS Encrypting File System (EFS) to encrypt the data stored on a disk on a file-by-file basis?

• A. Twofish
• B. Digital certificates
• C. Public key
• D. RSA

Answer: BC

NEW QUESTION 4
You work as a Network Consultant. A company named Tech Perfect Inc. hires you for security reasons. The manager of the company tells you to establish connectivity between clients and servers of the network which prevents eavesdropping and tampering of data on the Internet. Which of the following will you configure on the network to perform the given task?

• A. WEP
• B. IPsec
• C. VPN
• D. SSL

Answer: D

NEW QUESTION 5
You are responsible for a Microsoft based network. Your servers are all clustered. Which of the following are the likely reasons for the clustering? Each correct answer represents a complete solution. Choose two.

• A. Reduce power consumption
• B. Ease of maintenance
• C. Failover
• D. Load balancing

Answer: AB

NEW QUESTION 6
You are the Security Consultant and have been contacted by a client regarding their encryption and hashing algorithms. Their in-house network administrator tells you that their current hashing algorithm is an older one with known weaknesses and is not collision resistant.Which algorithm are they most likely using for hashing?

• A. PKI
• B. SHA
• C. Kerberos
• D. MD5

Answer: D

NEW QUESTION 7
You work as a Network Administrator of a TCP/IP network. You are having DNS resolution problem. Which of the following utilities will you use to diagnose the problem?

• A. TRACERT
• B. PING
• C. IPCONFIG
• D. NSLOOKUP

Answer: D

NEW QUESTION 8
A digital signature is a type of public key cryptography. Which of the following statements are true about digital signatures? Each correct answer represents a complete solution. Choose all that apply.

• A. In order to digitally sign an electronic record, a person must use his/her public ke
• B. In order to verify a digital signature, the signer's private key must be use
• C. In order to digitally sign an electronic record, a person must use his/her private ke
• D. In order to verify a digital signature, the signer's public key must be use

Answer: CD

NEW QUESTION 9
Which of the following encryption modes has the property to allow many error correcting codes to function normally even when applied before encryption?

• A. OFB mode
• B. CFB mode
• C. CBC mode
• D. PCBC mode

Answer: A

NEW QUESTION 10
Which of the following uses a Key Distribution Center (KDC) to authenticate a principle?

• A. CHAP
• B. PAP
• C. Kerberos
• D. TACACS

Answer: C

NEW QUESTION 11
You have just set up a wireless network for customers at a coffee shop. Which of the following are good security measures to implement? Each correct answer represents a complete solution. Choose two.

• A. MAC filtering the router
• B. Not broadcasting SSID
• C. Using WEP encryption
• D. Using WPA encryption

Answer: CD

NEW QUESTION 12
You work as an Incident handler in Mariotrixt.Inc. You have followed the Incident handling process to handle the events and incidents. You identify Denial of Service attack (DOS) from a network linked to your internal enterprise network. Which of the following phases of the Incident handling process should you follow next to handle this incident?

• A. Containment
• B. Preparation
• C. Recovery
• D. Identification

Answer: A

NEW QUESTION 13
Which of the following protocols uses the Internet key Exchange (IKE) protocol to set up security associations (SA)?

• A. IPSec
• B. L2TP
• C. LEAP
• D. ISAKMP

Answer: D

NEW QUESTION 14
Which of the following are types of asymmetric encryption algorithms? Each correct answer represents a complete solution. Choose two.

• A. RSA
• B. AES
• C. ECC
• D. DES

Answer: AC

NEW QUESTION 15
SSH is a network protocol that allows data to be exchanged between two networks using a secure channel. Which of the following encryption algorithms can be used by the SSH protocol? Each correct answer represents a complete solution. Choose all that apply.

• A. Blowfish
• B. DES
• C. IDEA
• D. RC4

Answer: ABC

NEW QUESTION 16
Which of the following methods will allow data to be sent on the Internet in a secure format?

• A. Serial Line Interface Protocol
• B. Point-to-Point Protocol
• C. Browsing
• D. Virtual Private Networks

Answer: D

NEW QUESTION 17
Which of the following protocols supports encapsulation of encrypted packets in secure wrappers that can be transmitted over a TCP/IP connection?

• A. PPTP
• B. UDP
• C. IPSec
• D. PAP

Answer: A

NEW QUESTION 18
You work as a Network Administrator for Net World Inc. You are required to configure a VLAN for the company. Which of the following devices will you use to physically connect the computers in the VLAN? Each correct answer represents a complete solution. Choose two.

• A. Switch
• B. Router
• C. Bridge
• D. Hub
• E. Repeater

Answer: AB

NEW QUESTION 19
Which of the following encryption modes can make protocols without integrity protection even more susceptible to replay attacks, since each block gets decrypted in exactly the same way?

• A. Cipher feedback mode
• B. Cipher block chaining mode
• C. Output feedback mode
• D. Electronic codebook mode

Answer: D

NEW QUESTION 20
Fill in the blank with the appropriate encryption system. The ____ encryption system is an asymmetric key encryption algorithm for the public-key cryptography, which is based on the Diffie- Hellman key agreement.

• A. ElGamal

Answer: A

NEW QUESTION 21
Which of the following statements about Network Address Translation (NAT) are true? Each correct answer represents a complete solution. Choose three.

• A. It hides the internal IP addressing schem
• B. It protects network from the password guessing attack
• C. It is used to connect private networks to the public Interne
• D. It shares public Internet addresses with a large number of internal network client

Answer: ACD

NEW QUESTION 22
Which of the following is a method for transforming a message into a masked form, together with a way of undoing the transformation to recover the message?

• A. Cipher
• B. CrypTool
• C. Steganography
• D. MIME

Answer: A

NEW QUESTION 23
In software development, which of the following analysis is used to document the services and functions that have been accidentally left out, deliberately eliminated or still need to be developed?

• A. Gap analysis
• B. Requirement analysis
• C. Cost-benefit analysis
• D. Vulnerability analysis

Answer: A

NEW QUESTION 24
Which of the following password authentication schemes enables a user with a domain account to log on to a network once, using a password or smart card, and to gain access to multiple computers in the domain without being prompted to log in again?

• A. Single Sign-On
• B. One-time password
• C. Dynamic
• D. Kerberos

Answer: A

NEW QUESTION 25
You work as a Network Administrator for McNeil Inc. The company has a TCP/IP-based network. Performance of the network is slow because of heavy traffic. A hub is used as a central connecting device in the network. Which of the following devices can be used in place of a hub to control the network traffic efficiently?

• A. Repeater
• B. Bridge
• C. Switch
• D. Router

Answer: C

NEW QUESTION 26
Which of the following algorithms can be used to check the integrity of a file?

• A. md5
• B. rsa
• C. blowfish
• D. sha

Answer: AD

NEW QUESTION 27
Which of the following backup types backs up files that have been added and all data that have been modified since the most recent backup was performed?

• A. Differential backup
• B. Incremental backup
• C. Daily backup
• D. Full backup

Answer: B

NEW QUESTION 28
You work as a Security Manager for Tech Perfect Inc. A number of people are involved with you in the DRP efforts. You have maintained several different types of plan documents, intended for different audiences. Which of the following documents will be useful for you as well as public relations personnel who require a non-technical perspective on the entire organization's disaster recovery efforts?

• A. Technical guide
• B. Executive summary
• C. Checklist
• D. Department-specific plan

Answer: B

NEW QUESTION 29
Which of the following is the technology of indoor or automotive environmental comfort?

• A. HIPS
• B. HVAC
• C. NIPS
• D. CCTV

Answer: B

NEW QUESTION 30
......