Cisco®
CompTIA
Checkpoint
ISC
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
ISC2
Splunk®
Scrum
All Vendors
  2. Home
  3. Exams
  4. ISC2
  5. ISSAP

Free ISSAP Exam Braindumps (page: 18)

Page 17 of 61
PDF with 241 Questions

You have been assigned the task of selecting a hash algorithm. The algorithm will be specifically used to ensure the integrity of certain sensitive files. It must use a 128 bit hash value.
Which of the following should you use?

  1. AES
  2. SHA
  3. MD5
  4. DES

Answer(s): C

Explanation:

Message Digest 5 (MD5) uses a 128 bit hash value and is specifically used to ensure file integrity.
Message Digest 5 (MD5) is a cryptographic hash function designed by Ron Rivest. It has a 128-bit hash value. As an Internet standard (RFC 1321), MD5 has been employed in a wide variety of security applications, and is also commonly used to check the integrity of files. However,
now that it is easy to generate MD5 collisions, it is possible for the person who created the file to create a second file with the same checksum, so this technique cannot protect against some forms of malicious tampering. In this case MD5 can only provide error-checking functionality. It will recognize a corrupt or incomplete download, which becomes more likely when downloading larger files. An MD5 hash is typically expressed as a 32 digit hexadecimal number.
Answer option B is incorrect. SHA (Secure Hash Standard) does not necessarily use a 128 bit hash value and it is not designed specifically to ensure file integrity (though it could be used in that fashion).



Which of the following are the countermeasures against a man-in-the-middle attack? Each correct answer represents a complete solution. Choose all that apply.

  1. Using public key infrastructure authentication.
  2. Using basic authentication.
  3. Using Secret keys for authentication.
  4. Using Off-channel verification.

Answer(s): A,C,D

Explanation:

A user can follow various methods to mitigate a man-in-the-middle attack. To overcome these attacks use authentication techniques that are based on the following:
Public key infrastructures
Stronger mutual authentication
Secret keys (high information entropy secrets)
Passwords (low information entropy secrets)
Other criteria, such as voice recognition or other biometrics Off-the-Record Messaging for instant messaging
Off-channel verification
Carry-forward verification



Which of the following is an electrical event shows that there is enough power on the grid to prevent from a total power loss but there is no enough power to meet the current electrical demand?

  1. Power Surge
  2. Power Spike
  3. Blackout
  4. Brownout

Answer(s): D

Explanation:

A brownout shows that the demand of the electrical power exceeds the capability of the electrical power supply system and reduces the voltage for everyone. It indicates there is enough power on the grid to prevent blackout or a total power loss but there is not enough power to meet the current electrical demand. It frequently occurs during informal weather conditions such as suddenly cold or hot spell. Brownouts are quite harder for computer equipments than blackouts. A brownout lasts longer than a power sag and corrupts more data.
Answer option C is incorrect. A blackout indicates a complete loss of PC's electrical source. It is an event that shows a sudden drop-off power source, which can cause a wide variety of problems on a PC or a network. A blackout is not a power failure over an entire area but it can be in a section or a part of a building , city, or any other larger area. It is caused by electrical storms, traffic accidents in utility poles, or a total collapse of the power system due to demand overload.
Answer option A is incorrect. Power surge is a sharp increase in the voltage or an over voltage event.

It is a short and temporary increase in voltage on the power grid and it is like a rough wave. Different types of electrical disturbance such as lightning storm, distant lightning strikes,
or problems on the electrical power supply grid can cause the voltage to suddenly increase. Answer option B is incorrect. A power spike is a sudden isolated extremely high over voltage event on an electrical line. The primary cause of the power spike is lightning strikes. Lightning carries millions of volts, and if a home or office takes a direct hit, a PC along with other devices are likely to be heavily damaged. Direct striking is a rare event but a strike within a mile can create a sudden spike in the electrical current near the strike.



Which of the following protocols is designed to efficiently handle high-speed data over wide area networks (WANs)?

  1. PPP
  2. X.25
  3. Frame relay
  4. SLIP

Answer(s): C

Explanation:

Frame relay is a telecommunication service designed for cost-efficient data transmission for intermittent traffic between local area networks (LANs) and between end-points in a wide area network (WAN). Frame relay puts data in a variable- size unit called a frame. It checks for lesser errors as compared to other traditional forms of packet switching, which speeds up data transmission.
When an error is detected in a frame, it is simply dropped. The end points are responsible for detecting and retransmitting dropped frames.






Post your Comments and Discuss ISC2 ISSAP exam with other Community members:

Exam Discussions & Posts