CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. ISC2
  5. ISSAP

Free ISSAP Exam Braindumps (page: 15)

Page 15 of 61
PDF with 241 Questions

Computer networks and the Internet are the prime mode of Information transfer today.
Which of the following is a technique used for modifying messages, providing Information and Cyber security, and reducing the risk of hacking attacks during communications and message passing over the Internet?

  1. Risk analysis
  2. Firewall security
  3. Cryptography
  4. OODA loop

Answer(s): C

Explanation:

Cryptography is responsible for the encoding of messages and securing messages during a network communication. Cryptography is a technique of encrypting and decrypting messages.
When the text is encrypted, it is unreadable by humans.
When the text is decrypted, it is readable by the humans. The terms used in cryptography are as follows:
Plaintext: This text can be read by a user.
Ciphertext: This text can be converted to a non-readable format.
Encryption: It is the process of creating a ciphertext from a plaintext. Decryption: It is the process of converting a ciphertext to a plaintext.
Cipher: It is an algorithm that is used to encrypt and decrypt text.
Key: Keys are the elements that are used in the technology of encrypting and decrypting text. Answer option A is incorrect. Risk analysis is the science of risks and their probability and evaluation in a business or a process. It is an important factor in security enhancement and prevention in a system. Risk analysis should be performed as part of the risk management process for each project. The outcome of the risk analysis would be the creation or review of the risk register to identify and quantify risk elements to the project and their potential impact.
Answer option D is incorrect. The OODA loop (for observe, orient, decide, and act) is a concept originally applied to the combat operations process, often at the strategic level in both military and business operations. It is now also often applied to understand commercial operations and learning processes. The concept was developed by military strategist and USAF Colonel John Boyd.



An organization wants to allow a certificate authority to gain access to the encrypted data and create digital signatures on behalf of the user. The data is encrypted using the public key from a user's certificate.
Which of the following processes fulfills the above requirements?

  1. Key escrow
  2. Key storage
  3. Key revocation
  4. Key recovery

Answer(s): A

Explanation:

Key escrow allows the certificate authority (CA) to gain access to all the information that is encrypted using the public key from a user's certificate, as well as create digital signatures on behalf of the user.



Which of the following are the primary components of a discretionary access control (DAC) model? Each correct answer represents a complete solution. Choose two.

  1. User's group
  2. File and data ownership
  3. Smart card
  4. Access rights and permissions

Answer(s): B,D

Explanation:

A discretionary access control (DAC) model is an access control model. Following are the two primary components of a DAC model:
1.File and data ownership: Every object within a system must have an owner that controls the permissions to access the object.
2.Access rights and permissions: It controls the access rights of an individual.



Which of the following encryption modes can make protocols without integrity protection even more susceptible to replay attacks, since each block gets decrypted in exactly the same way?

  1. Cipher feedback mode
  2. Cipher block chaining mode
  3. Output feedback mode
  4. Electronic codebook mode

Answer(s): D

Explanation:

The electronic codebook (ECB) mode is the simplest encryption mode. In this mode, the message is divided into blocks and each block is encrypted separately. The disadvantage of this method is that identical plaintext blocks are encrypted into identical ciphertext blocks; thus, it does not hide data patterns well. In some senses, it doesn't provide serious message confidentiality, and it is not recommended for use in cryptographic protocols at all. ECB mode can also make protocols without integrity protection even more susceptible to replay attacks, since each block gets decrypted in exactly the same way.
Answer option A is incorrect. The cipher feedback (CFB) mode, a close relative of CBC, makes a block cipher into a self-synchronizing stream cipher.
Answer option C is incorrect. The output feedback (OFB) mode makes a block cipher into a synchronous stream cipher. It generates keystream blocks, which are then XORed with the plaintext blocks to get the ciphertext. With other stream ciphers, flipping a bit in the ciphertext produces a flipped bit in the plaintext at the same location. This property allows many error correcting codes to function normally even when applied before encryption.
Answer option B is incorrect. In the cipher-block chaining (CBC) mode, each block of plaintext is XORed with the previous ciphertext block before being encrypted.



Page 15 of 61



Post your Comments and Discuss ISC2 ISSAP exam with other Community members:

Terry commented on May 24, 2023
i can practice for exam
Anonymous
upvote

Rahul Kumar commented on August 31, 2023
need certification.
CANADA
upvote

Rahul Kumar commented on August 31, 2023
need certification.
CANADA
upvote

Terry commented on May 24, 2023
I can practice for exam
Anonymous
upvote