Access controls are divided into three different categories. Place the appropriate security services in their corresponding categories.
Answer(s): A
The various security services with their corresponding categories are as follows:Preventive access control:FenceSecurity policySecurity awareness trainingAntivirus softwareDetective access control:Security guardSupervising userIncident investigationIntrusion detection systemCorrective access control:AlarmMantrapSecurity policy
Which of the following are the initial steps required to perform a risk analysis process? Each correct answer represents a part of the solution. Choose three.
Answer(s): A,B,D
The main steps of performing risk analysis are as follows:Estimate the potential losses to the assets by determining their value.Evaluate the potential threats to the assets.Establish the threats probability and regularity.
Which of the following protocols uses the Internet key Exchange (IKE) protocol to set up security associations (SA)?
Answer(s): D
ISAKMP (Internet Security Association and Key Management Protocol) is a protocol for establishing Security Associations (SA) and cryptographic keys in an Internet environment. It provides a framework for the negotiation and management of security associations between peers and traverses on UDP/500 port. ISAKMP defines the procedures for authenticating a communicating peer, creation and management of Security Associations, key generation techniques, and threat mitigation (e.g. denial of service and replay attacks).ISAKMP defines procedures and packet formats to establish, negotiate, modify, and delete Security Associations. Security Associations contain all information required for execution of various network security services, such as the IP layer services (such as header authentication and payload encapsulation), transport or application layer services, or self-protection of negotiation traffic. ISAKMP defines payloads for exchanging key generation and authentication data.Answer option A is incorrect. Internet Protocol Security (IPSec) is a standard-based protocol that provides the highest level of VPN security.IPSec can encrypt virtually everything above the networking layer. It is used for VPN connections that use the L2TP protocol. It secures both data and password.IPSec cannot be used with Point-to-Point Tunneling Protocol (PPTP). Answer option B is incorrect. Layer 2 Tunneling Protocol (L2TP) is a more secure version of Point-to- Point Tunneling Protocol (PPTP). It provides tunneling, address assignment, and authentication. L2TP allows transfer of Point-to-Point Protocol (PPP) traffic between different networks.L2TP combines with IPSec to provide both tunneling and security for Internet Protocol (IP), Internetwork Packet Exchange (IPX), and other protocol packets across IP networks.Answer option C is incorrect. LEAP (Lightweight Extensible Authentication Protocol) is a proprietary wireless LAN authentication method developed by Cisco Systems. Important features of LEAP are dynamic WEP keys and mutual authentication between a wireless client and a RADIUS server. LEAP allows clients to re-authenticate frequently. The clients get a new WEP key upon each successful authentication.
Sam is creating an e-commerce site. He wants a simple security solution that does not require each customer to have an individual key.Which of the following encryption methods will he use?
Answer(s): B
Symmetric encryption is the simplest encryption method that can be implemented in this situation.
Post your Comments and Discuss ISC2 ISSAP exam with other Community members:
Terry commented on May 24, 2023 i can practice for exam Anonymous upvote
Rahul Kumar commented on August 31, 2023 need certification. CANADA upvote
Terry commented on May 24, 2023 I can practice for exam Anonymous upvote
Our website is free, but we have to fight against bots and content theft. We're sorry for the inconvenience caused by these security measures. You can access the rest of the ISSAP content, but please register or login to continue.