Cisco®
CompTIA
Checkpoint
ISC
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
ISC2
Splunk®
All Vendors
  2. Home
  3. Exams
  4. ISC2
  5. ISSAP

Free ISSAP Exam Braindumps (page: 24)

Page 6 of 61
PDF with 241 Questions

Which of the following protocols is an alternative to certificate revocation lists (CRL) and allows the authenticity of a certificate to be immediately verified?

  1. RSTP
  2. SKIP
  3. OCSP
  4. HTTP

Answer(s): C

Explanation:

The Online Certificate Status Protocol (OCSP) is an Internet protocol used for obtaining the revocation status of an X.509 digital certificate. It is described in RFC 2560 and is on the Internet standards track. It was created as an alternative to certificate revocation lists (CRL),
specifically addressing certain problems associated with using CRLs in a public key infrastructure (PKI). The OCSP allows the authenticity of a certificate to be immediately verified.
Answer option A is incorrect. Rapid Spanning Tree Protocol (RSTP) is an evolution of the Spanning Tree Protocol, which provides for faster spanning tree convergence after a topology change. RSTP is also known as the IEEE 802.1w. It provides a loop-free switching environment.
Standard IEEE 802.1D-2004 incorporates RSTP and obsoletes STP.
While STP can take 30 to 50 seconds to respond to a topology change,
RSTP is typically able to respond to changes within 6 seconds. Answer option D is incorrect. Hypertext Transfer Protocol (HTTP) is a client/server TCP/IP protocol used on the World Wide Web (WWW) to display Hypertext Markup Language (HTML) pages. HTTP defines how messages are formatted and transmitted, and what actions Web servers and browsers should take in response to various commands. For example, when a client application or browser sends a request to the server using HTTP commands, the server responds with a message containing the protocol version, success or failure code, server information, and body content, depending on the request. HTTP uses TCP port 80 as the default port. Answer option B is incorrect. SKIP (Simple Key-Management for Internet Protocol) is developed by the IETF Security Working Group for the sharing of encryption keys. It is used to protect sessionless datagram protocols. SKIP works at Layer 3 of the OSI model. It integrates with the IPSec (Internet Protocol Security).



Which of the following does PEAP use to authenticate the user inside an encrypted tunnel? Each correct answer represents a complete solution. Choose two.

  1. GTC
  2. MS-CHAP v2
  3. AES
  4. RC4

Answer(s): A,B

Explanation:

PEAP uses only a server-side certificate. This certificate creates an encrypted tunnel in which the user is authenticated. PEAP (Protected EAP)
uses Microsoft Challenge Handshake Authentication Protocol version 2 (MS-CHAP v2) or Generic Token Card (GTC) to authenticate the user inside an encrypted tunnel.



Which of the following terms refers to a mechanism which proves that the sender really sent a particular message?

  1. Integrity
  2. Confidentiality
  3. Authentication
  4. Non-repudiation

Answer(s): D

Explanation:

Non-repudiation is a mechanism which proves that the sender really sent a message. It provides an evidence of the identity of the senderand message integrity. It also prevents a person from denying the submission or delivery of the message and the integrity of its contents.
Answer option C is incorrect. Authentication is a process of verifying the identity of a person or network host.
Answer option B is incorrect. Confidentiality ensures that no one can read a message except the intended receiver.
Answer option A is incorrect. Integrity assures the receiver that the received message has not been altered in any way from the original.



Adam works as a Security Analyst for Umbrella Inc. CEO of the company ordered him to implement two-factor authentication for the employees to access their networks. He has told him that he would like to use some type of hardware device in tandem with a security or identifying pin number. Adam decides to implement smart cards but they are not cost effective.
Which of the following types of hardware devices will Adam use to implement two-factor authentication?

  1. Biometric device
  2. One Time Password
  3. Proximity cards
  4. Security token

Answer(s): D

Explanation:

Security token can be a physical device that an authorized user of computer services is given to ease authentication. The term may also refer to software tokens. Security tokens are used to prove one's identity electronically (as in the case of a customer trying to access his bank account). The token is used in addition to or in place of a password to prove that the customer is who he claims to be. The token acts like an electronic key to access something.
Answer option A is incorrect. A biometric device is used for uniquely recognizing humans based upon one or more intrinsic physical or behavioral traits. Biometrics is used as a form of identity access management and access control. It is also used to identify individuals in groups that are under surveillance. Biometric characteristics can be divided into two main classes:
1.Physiological: These devices are related to the shape of the body. But these are not limited to fingerprint, face recognition, DNA, hand and palm geometry, iris recognition, which has largely replaced retina, and odor/scent. 2.Behavioral: These are related to the behavior of a person. But they are not limited to typing rhythm, gait, and voice.
Answer option C is incorrect. Proximity card (or Prox Card) is a generic name for contactless integrated circuit devices used for security access or payment systems. It can refer to the older 125 kHz devices or the newer 13.56 MHz contactless RFID cards, most commonly known as contactless smartcards.
Modern proximity cards are covered by the ISO/IEC 14443 (Proximity Card) standard. There is also a related ISO/IEC 15693 (Vicinity
Card) standard. Proximity cards are powered by resonant energy transfer and have a range of 0-3 inches in most instances. The user will usually be able to leave the card inside a wallet or purse. The price of the cards is also low, usually US$2-$5, allowing them to be used in applications such as identification cards, keycards, payment cards and public transit fare cards.
Answer option B is incorrect. A one-time password (OTP) is a password that is only valid for a single login session or transaction. OTP
avoid a number of shortcomings that are associated with traditional (static) passwords. The most important shortcoming that is addressed by OTP is that, in contrast to static passwords, they are not vulnerable to replay attacks.
This means that, if a potential intruder manages to record an OTP that was already used to log into a service or to conduct a transaction, he will not be able to abuse it since it will be no longer valid. OTP cannot be memorized by human beings. Therefore they require additional technology in order to work.






Post your Comments and Discuss ISC2 ISSAP exam with other Community members:

ISSAP Exam Discussions & Posts