CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. ISC2
  5. ISSAP

Free ISSAP Exam Braindumps (page: 16)

Page 16 of 61
PDF with 241 Questions

You work as a technician for Trade Well Inc. The company is in the business of share trading. To enhance security, the company wants users to provide a third key (apart from ID and password) to access the company's Web site.
Which of the following technologies will you implement to accomplish the task?

  1. Smart cards
  2. Key fobs
  3. VPN
  4. Biometrics

Answer(s): B

Explanation:

In order to accomplish the task, you should use key fobs. The company will provide key fobs to all its users. This will provide users secure access to the company's Web site. The numbers generated in the key fobs will be used by users as the third key.



Which of the following layers of the OSI model corresponds to the Host-to-Host layer of the TCP/IP model?

  1. The transport layer
  2. The presentation layer
  3. The session layer
  4. The application layer

Answer(s): A

Explanation:

The transport layer of the OSI model corresponds to the Host-to-Host layer of the TCP/IP model. The transport layer defines how to address the physical locations and devices on the network, how to make connections between nodes, and it also handles the internetworking of messages.
The TCP/IP model is a specification for computer network protocols created by DARPA, an agency of the United States Department of Defense.
It laid the foundation for ARPANET, which was the world's first wide area network and a predecessor of the Internet. The TCP/IP Model is sometimes called the Internet Reference Model, the DoD Model or the ARPANET Reference Model. Answer options C, D, and B are incorrect. The presentation, application, and session layers of the OSI model correspond to the application layer of the TCP/IP model.
The OSI model organizes network communication through seven different layers. Each layer has a group of protocols associated with it.
Protocols can be defined as rules that every computer should follow in order to communicate within a network. A protocol stack is formed when a communication needs more than one protocol to complete the process. The commonly used protocol stack is TCP/IP, which is used for communication over the Internet.



You are the Network Administrator for a college. You watch a large number of people (some not even students) going in and out of areas with campus computers (libraries, computer labs, etc.). You have had a problem with laptops being stolen.
What is the most cost effective method to prevent this?

  1. Smart card access to all areas with computers.
  2. Use laptop locks.
  3. Video surveillance on all areas with computers.
  4. Appoint a security guard.

Answer(s): B

Explanation:

It is very inexpensive to put physical locks on laptops that connect them to tables preventing them from being easily stolen.
Answer options C, A, and D are incorrect. All of these methods would help ameliorate the situation, but would not be cost effective. All are more expensive than the simpler idea of using laptop locks.



The ATM of a bank is robbed by breaking the ATM machine.
Which of the following physical security devices can now be used for verification and historical analysis of the ATM robbery?

  1. Key card
  2. Biometric devices
  3. Intrusion detection systems
  4. CCTV Cameras

Answer(s): D

Explanation:

Closed-circuit television (CCTV) is a device that uses video cameras to transmit a signal to a specific place, on a limited set of monitors. It differs from broadcast television in that the signal is not openly transmitted, though it may employ point to point wireless links. CCTV is often used for surveillance in areas that may need monitoring such as banks, casinos, airports, military installations, and convenience stores.
Answer option A is incorrect. Key card cannot be used for verification now as the key card was not used during the robbery. The doors of ATM
machines are attached with a unique key card recognition system that works as an access regulator for users.
Answer option B is incorrect. Biometrics is a method of authentication that uses physical characteristics, such as fingerprints, scars, retinal patterns, and other forms of biophysical qualities to identify a user. Nowadays, the usage of biometric devices such as hand scanners and retinal scanners is becoming more common in the business environment. Answer option C is incorrect. An Intrusion detection system (IDS) is used to detect unauthorized attempts to access and manipulate computer systems locally or through the Internet or an intranet. It can detect several types of attacks and malicious behaviors that can compromise the security of a network and computers. This includes network attacks against vulnerable services, unauthorized logins and access to sensitive data, and malware (e.g. viruses, worms, etc.). An IDS also detects attacks that originate from within a system. In most cases, an IDS has three main components: Sensors, Console, and Engine. Sensors generate security events. A console is used to alert and control sensors and to monitor events. An engine is used to record events and to generate security alerts based on received security events. In many IDS
implementations, these three components are combined into a single device. Basically, following two types of IDS are used :

Network-based IDS
Host-based IDS



Page 16 of 61



Post your Comments and Discuss ISC2 ISSAP exam with other Community members:

Terry commented on May 24, 2023
i can practice for exam
Anonymous
upvote

Rahul Kumar commented on August 31, 2023
need certification.
CANADA
upvote

Rahul Kumar commented on August 31, 2023
need certification.
CANADA
upvote

Terry commented on May 24, 2023
I can practice for exam
Anonymous
upvote