Which of the following statements about Public Key Infrastructure (PKI) are true? Each correct answer represents a complete solution. Choose two.
Answer(s): B,C
Public Key Infrastructure (PKI) provides security through data encryption and digital signature. It uses asymmetric key pairs and combines software, encryption technologies, and services to protect communications and business transactions.
Which of the following types of halon is found in portable extinguishers and is stored as a liquid?
Answer(s): D
Halon 1211 is found in portable extinguishers and is stored as a liquid. It is also used around valuable materials, such as computers and telecommunication switching centers, usually in total flooding systems.Answer option B is incorrect. Halon 1301 is an effective gaseous fire suppression agent. It is stored as a gaseous agent. It is also used around valuable materials, such as computers and telecommunication switching centers, usually in total flooding systems.
Mark has been hired by a company to work as a Network Assistant. He is assigned the task to configure a dial-up connection. He is configuring a laptop.Which of the following protocols should he disable to ensure that the password is encrypted during remote access?
Answer(s): C
PAP uses plain text passwords. Hence, in order to ensure that the password is encrypted during remote access, Mark should disable PAPwhile configuring the dial-up connection.Password Authentication Protocol (PAP) is the least sophisticated authentication protocol, used mostly when a client calls a server running an operating system other than Windows. PAP uses plain text passwords. Shiva Password Authentication Protocol (SPAP) is an authentication protocol used by clients to dial- in to computers running Windows 2000Server, or Shiva servers. SPAP does not support data encryption. Challenge Handshake Authentication Protocol (CHAP) is an authentication protocol that uses a secure form of encrypted authentication. UsingCHAP, network dial-up connections are able to securely connect to almost all PPP servers. Microsoft created the Microsoft Challenge Handshake Authentication Protocol (MS-CHAP) to authenticate remote Windows workstations. It is designed especially for Windows 95, Windows 98, Windows NT, and Windows 2000 networking products. This protocol provides data encryption along with password encryption.Microsoft Challenge Handshake Authentication Protocol version 2 (MS-CHAP v2) is the new version of MS-CHAP. MS-CHAP v2 provides the highest level of security and encryption for dial-up connection in the environment consisting of both Windows NT and Windows 2000/XP dial-up clients. It provides mutual authentication, stronger initial data encryption keys, and different encryption keys for sending and receiving data.
Which of the following disaster recovery tests includes the operations that shut down at the primary site, and are shifted to the recovery site according to the disaster recovery plan?
A full-interruption test includes the operations that shut down at the primary site and are shifted to the recovery site according to the disaster recovery plan. It operates just like a parallel test. The full-interruption test is very expensive and difficult to arrange. Sometimes, it causes a major disruption of operations if the test fails.Answer option A is incorrect. The structured walk-through test is also known as the table-top exercise. In structured walk-through test, the team members walkthrough the plan to identify and correct weaknesses and how they will respond to the emergency scenarios by stepping in the course of the plan. It is the most effective and competent way to identify the areas of overlap in the plan before conducting more challenging training exercises.Answer option D is incorrect. A parallel test includes the next level in the testing procedure, and relocates the employees to an alternate recovery site and implements site activation procedures. These employees present with their disaster recovery responsibilities as they would for an actual disaster. The disaster recovery sites have full responsibilities to conduct the day-to-day organization's business.Answer option B is incorrect. A simulation test is a method used to test the disaster recovery plans.It operates just like a structured walk-through test. In the simulation test, the members of a disaster recovery team present with a disaster scenario and then, discuss on appropriate responses. These suggested responses are measured and some of them are taken by the team. The range of the simulation test should be defined carefully for avoiding excessive disruption of normal business activities.
Post your Comments and Discuss ISC2 ISSAP exam with other Community members:
Terry commented on May 24, 2023 i can practice for exam Anonymous upvote
Rahul Kumar commented on August 31, 2023 need certification. CANADA upvote
Terry commented on May 24, 2023 I can practice for exam Anonymous upvote
Our website is free, but we have to fight against bots and content theft. We're sorry for the inconvenience caused by these security measures. You can access the rest of the ISSAP content, but please register or login to continue.