CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. ISC2
  5. ISSAP

Free ISSAP Exam Braindumps (page: 18)

Page 18 of 61
PDF with 241 Questions

Which of the following statements best describes a certification authority?

  1. A certification authority is a technique to authenticate digital documents by using computer cryptography.
  2. A certification authority is a type of encryption that uses a public key and a private key pair for data encryption.
  3. A certification authority is an entity that issues digital certificates for use by other parties.
  4. A certification authority is a type of encryption that uses a single key to encrypt and decrypt data.

Answer(s): C

Explanation:

A certification authority (CA) or certificate authority is an entity that issues digital certificates for use by other parties. It is an example of a trusted third party. A CA issues digital certificates that contain a public key and the identity of the owner. The matching private key is not similarly made available publicly, but kept secret by the end user who generated the key pair. The certificate is also an attestation by the CA that the public key contained in the certificate belongs to the person, organization, server or other entity noted in the certificate. A CA's obligation in such schemes is to verify an applicant's credentials, so that users and relying parties can trust the information in the CA's certificates. A variety of standards and tests are used by CAs to do so. If the user trusts the CA and can verify the CA's signature, then he can also verify that a certain public key does indeed belong to a person identified in the certificate.
Answer options B, D are incorrect. A certification authority (CA) is not a type of encryption.

Answer option A is incorrect. A certification authority (CA) does not authenticate digital documents by using computer cryptography. In order to authenticate digital documents by using computer cryptography, a digital signature should be used.



In which of the following alternative processing sites is the backup facility maintained in a constant order, with a full complement of servers, workstations, and communication links ready to assume the primary operations responsibility?

  1. Hot Site
  2. Mobile Site
  3. Warm Site
  4. Cold Site

Answer(s): A

Explanation:

A hot site is a duplicate of the original site of the organization, with full computer systems as well as near-complete backups of user data. It provides the backup facility, which is maintained in a constant order, with a full complement of servers, workstations, and communication links ready to assume the primary operations responsibility.
A hot site is a backup site in case disaster has taken place in a data center. A hot site is located off site and provides the best protection. It is an exact replica of the current data center. In case a disaster struck to the data center, administrators just need to take the backup of recent data in hot site and the data center is back online in a very short time. It is very expensive to create and maintain the hot site. There are lots of third party companies that provide disaster recovery solutions by maintaining hot sites at their end.
Answer option D is incorrect. A cold site is a backup site in case disaster has taken place in a data center. This is the least expensive disaster recovery solution, usually having only a single room with no equipment. All equipment is brought to the site after the disaster. It can be on site or off site.
Answer option B is incorrect. Mobile sites are self-reliant, portable shells custom-fitted with definite telecommunications and IT equipment essential to meet system requirements. These are presented for lease through commercial vendors. Answer option C is incorrect. A warm site is, quite logically, a compromise between hot and cold sites. Warm sites will have hardware and connectivity already established, though on a smaller scale than the original production site or even a hot site. These sites will have backups on hand, but they may not be complete and may be between several days and a week old. An example would be backup tapes sent to the warm site by courier.



Which of the following should the administrator ensure during the test of a disaster recovery plan?

  1. Ensure that the plan works properly
  2. Ensure that all the servers in the organization are shut down.
  3. Ensure that each member of the disaster recovery team is aware of their responsibility.
  4. Ensure that all client computers in the organization are shut down.

Answer(s): A,C

Explanation:

The administrator should ensure the following during the test of a disaster recovery plan:
Ensure that each member of the disaster recovery team is aware of their responsibility.
Ensure that the plan works properly.



The service-oriented modeling framework (SOMF) provides a common modeling notation to address alignment between business and IT organizations.
Which of the following principles does the SOMF concentrate on?
Each correct answer represents a part of the solution. Choose all that apply.

  1. Disaster recovery planning
  2. SOA value proposition
  3. Software assets reuse
  4. Architectural components abstraction
  5. Business traceability

Answer(s): B,C,D,E

Explanation:

The service-oriented modeling framework (SOMF) concentrates on the following principles:
Business traceability
Architectural best-practices traceability
Technological traceability
SOA value proposition
Software assets reuse
SOA integration strategies
Technological abstraction and generalization
Architectural components abstraction



Page 18 of 61



Post your Comments and Discuss ISC2 ISSAP exam with other Community members:

Terry commented on May 24, 2023
i can practice for exam
Anonymous
upvote

Rahul Kumar commented on August 31, 2023
need certification.
CANADA
upvote

Rahul Kumar commented on August 31, 2023
need certification.
CANADA
upvote

Terry commented on May 24, 2023
I can practice for exam
Anonymous
upvote