CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. ISC2
  5. ISSAP

Free ISSAP Exam Braindumps (page: 20)

Page 20 of 61
PDF with 241 Questions

Kerberos is a computer network authentication protocol that allows individuals communicating over a non-secure network to prove their identity to one another in a secure manner.
Which of the following statements are true about the Kerberos authentication scheme? Each correct answer represents a complete solution. Choose all that apply.

  1. Kerberos requires continuous availability of a central server.
  2. Dictionary and brute force attacks on the initial TGS response to a client may reveal the subject's passwords.
  3. Kerberos builds on Asymmetric key cryptography and requires a trusted third party.
  4. Kerberos requires the clocks of the involved hosts to be synchronized.

Answer(s): A,B,D

Explanation:

Kerberos is a computer network authentication protocol that allows individuals communicating over a non-secure network to prove their identity to one another in a secure manner. Kerberos builds on symmetric key cryptography and requires a trusted third party. Kerberos uses as its basis the Needham-Schroeder protocol. It makes use of a trusted third party, termed a key distribution center (KDC), which consists of two logically separate parts:
Authentication Server (AS)
Ticket Granting Server (TGS)
Kerberos works on the basis of tickets, which serve to prove the identity of users. The KDC maintains a database of secret keys; each entity on the network, whether a client or a server, shares a secret key known only to itself and to the KDC.
Knowledge of this key serves to prove an entity's identity. For communication between two entities, the KDC generates a session key, which they can use to secure their interactions.



An organization is seeking to implement a hot site and wants to maintain a live database server at the backup site.
Which of the following solutions will be the best for the organization?

  1. Electronic vaulting
  2. Remote journaling
  3. Remote mirroring
  4. Transaction logging

Answer(s): C

Explanation:

Remote mirroring is the most advanced and popular database backup solution. It maintains a live database server at the backup site. The remote server receives copies of the database modifications at that time when these modifications are applied to the production server. This production server is placed at the primary site. Thus, the mirrored server is ready to take over an operational role at a moment's notice.
Remote mirroring is a useful strategy for those organizations that are seeking to implement a hot site.
While considering the feasibility of a remote mirroring solution, always be sure to take into account the infrastructure and personnel costs that are required for supporting the mirrored server as well as the processing overhead. The processing overhead is added to each database transaction on the mirrored server.
Answer options A, B are incorrect. Electronic vaulting and remote journaling can be used for database backup, but both of them cannot work with the live database server.



A helpdesk technician received a phone call from an administrator at a remote branch office. The administrator claimed to have forgotten the password for the root account on UNIX servers and asked for it. Although the technician didn't know any administrator at the branch office, the guy sounded really friendly and since he knew the root password himself, he supplied the caller with the password.
What type of attack has just occurred?

  1. Social Engineering attack
  2. Brute Force attack
  3. War dialing attack
  4. Replay attack

Answer(s): A

Explanation:

Any process whereby the attacker attempts to get a person to divulge security information is called social engineering attack. This is a very common tactic.



You work as a Network Administrator of a TCP/IP network. You are having DNS resolution problem.

Which of the following utilities will you use to diagnose the problem?

  1. TRACERT
  2. PING
  3. IPCONFIG
  4. NSLOOKUP

Answer(s): D

Explanation:

NSLOOKUP is a tool for diagnosing and troubleshooting Domain Name System (DNS) problems. It performs its function by sending queries to the DNS server and obtaining detailed responses at the command prompt. This information can be useful for diagnosing and resolving name resolution issues, verifying whether or not the resource records are added or updated correctly in a zone, and debugging other server-related problems. This tool is installed along with the TCP/IP protocol through the Control Panel. Answer option B is incorrect. The ping command-line utility is used to test connectivity with a host on a TCP/IP-based network. This is achieved by sending out a series of packets to a specified destination host. On receiving the packets, the destination host responds with a series of replies. These replies can be used to determine whether or not the network is working properly. Answer option C is incorrect. IPCONFIG is a command-line utility used to display current TCP/IP network configuration values and update or release the Dynamic Host Configuration Protocol (DHCP) allocated leases. It is also used to display, register, or flush Domain Name System (DNS) names.
Answer option A is incorrect. TRACERT is a route-tracing Windows utility that displays the path an IP packet takes to reach the destination. It shows the Fully Qualified Domain Name (FQDN) and the IP address of each gateway along the route to the remote host.



Page 20 of 61



Post your Comments and Discuss ISC2 ISSAP exam with other Community members:

Terry commented on May 24, 2023
i can practice for exam
Anonymous
upvote

Rahul Kumar commented on August 31, 2023
need certification.
CANADA
upvote

Rahul Kumar commented on August 31, 2023
need certification.
CANADA
upvote

Terry commented on May 24, 2023
I can practice for exam
Anonymous
upvote