CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. ISC2
  5. ISSAP

Free ISSAP Exam Braindumps (page: 24)

Page 24 of 61
PDF with 241 Questions

Which of the following processes is used to identify relationships between mission critical applications, processes, and operations and all supporting elements?

  1. Critical path analysis
  2. Functional analysis
  3. Risk analysis
  4. Business impact analysis

Answer(s): A

Explanation:

The critical path analysis is a process that is used to identify relationships between mission critical applications, processes, and operations and all supporting elements. Once this analysis is executed properly, a complete view of the interdependencies and interactions is generated.
These interdependencies and interactions are required to maintain the organization. The result of the critical path analysis process serves as a list of items to secure.
Answer option C is incorrect. Risk analysis is the science of risks and their probability and evaluation in a business or a process. It is an important factor in security enhancement and prevention in a system. Risk analysis should be performed as part of the risk management process for each project. The outcome of the risk analysis would be the creation or review of the risk register to identify and quantify risk elements to the project and their potential impact.
Answer option D is incorrect. A business impact analysis (BIA) is a crisis management and business impact analysis technique that identifies those threats that can impact the business continuity of operations. Such threats can be either natural or man-made. The BIA team should have a clear understanding of the organization, key business processes, and IT resources for assessing the risks associated with continuity.
In the BIA team, there should be senior management, IT personnel, and end users to identify all resources that are to be used during normal operations.
Answer option B is incorrect. The functional analysis process is used for converting system requirements into a comprehensive function standard. Verification is the result of the functional analysis process, in which the fundamentals of a system level functional architecture are defined adequately to allow for synthesis in the design phase. The functional analysis breaks down the higher-level functions into the lower level functions.



Which of the following devices is a least expensive power protection device for filtering the electrical stream to control power surges, noise, power sags, and power spikes?

  1. Line Conditioner
  2. Surge Suppressor
  3. Uninterrupted Power Supply (UPS)
  4. Expansion Bus

Answer(s): C

Explanation:

A UPS is typically used to protect computers, data centers, telecommunication equipment or other electrical equipment where an unexpected power disruption could cause injuries, fatalities, serious business disruption and/or data loss. UPS units range in size from units designed to protect a single computer without a video monitor to large units powering entire data centers, buildings, or even cities. The following services are provided by a UPS:
1.Power Source: A UPS is placed for those devices that must be protected from blackout, brownout, or other power line events.
2.Line conditioning: A UPS is a least expensive device for filtering the electrical stream to control surges, noise, and spikes.
3.Surge Suppression: It provides protection from power surges and power spikes.
4.Brownout: It prevents from the demand of the electrical power that exceeds the capability of the electrical power supply system and reduces the voltage for everyone.
5.Power Sag: It prevents from a temporary dip in the voltage on the supply line that usually lasts only a fraction of a second.
6.Backup power: It is the primary purpose of a UPS to provide backup electricity to the devices plugged into it for a certain amount of time.
Answer option A is incorrect. A line conditioner is a power protection device intended to improve the quality of the power that is delivered to electrical load equipment . It is also known as a power conditioner or power line conditioner. It is used to filter out the electrical stream to control surges and spikes to eliminate any line electrical noise on the line. It is very expensive as compare to surge suppressor or UPS. It is a device that acts in one or more ways to deliver a voltage of the proper level and characteristics to enable load equipment to function properly.
Answer option B is incorrect. A surge suppressor is a power protection device, which is designed to protect electrical devices from voltage spikes. A surge processor attempts to regulate the voltage supplied to an electric device by either blocking or by shorting to ground voltages above a safe threshold. It uses a component named metal-oxide varistor (MOV) to suppress power surges on the line. A surge suppressor is rated by the amount of energy it absorbs, which is stated in joules. The 200 joules is minimum protection, 400 joules average protection, and 600 or more is excellent suppressor.



Answer option D is incorrect. An expansion bus is made up of electronic pathways, which move information between the code of a computer system, including the CPU and RAM, and peripheral devices. It is a collection of wires and protocols that allows for the expansion of a computer. It has the capability of controlling its own transfer of data to another device, allowing the computer to focus on other tasks. In essence, this device freed ups the computer, allowing for more efficiency.



You work as a Project Manager for Tech Perfect Inc. You are creating a document which emphasizes the formal study of what your organization is doing currently and where it will be in the future.
Which of the following analysis will help you in accomplishing the task?

  1. Cost-benefit analysis
  2. Gap analysis
  3. Requirement analysis
  4. Vulnerability analysis

Answer(s): B

Explanation:

Gap analysis is a tool that helps a company to compare its actual performance with its potential performance. It is a formal study of what a business is doing currently and where it wants to go in the future. Gap analysis provides a foundation for measuring investment of time,
money and human resources required to achieve a particular outcome. The goal of gap analysis is to identify the gap between the optimized allocation and integration of the inputs, and the current level of allocation. This helps provide the company with insight into areas, which could be improved. The gap analysis process involves determining, documenting and approving the variance between business requirements and current capabilities. Answer option C is incorrect. The requirements analysis processes are a collection of processes that work together to define the stakeholder requirements, the solution to satisfy the stakeholder, and a definition of the solution in enough detail that the solution components can be constructed.

Answer option D is incorrect. Vulnerability analysis is also known as vulnerability assessment. It is a process that defines systematic examination of a critical infrastructure, identifies and classifies the security vulnerabilities in a computer, network, or communications infrastructure. In addition, vulnerability analysis forecasts the effectiveness of proposed countermeasures, identifies the security deficiencies, evaluates the security alternatives, and verifies the adequacy of such measures after implementation.
Answer option A is incorrect. A cost benefit analysis is a technique related to the cost effectiveness of different alternatives in order to see whether the benefits outweigh the costs. Its aim is to gauge the efficiency of the intervention relative to the status quo.
To implement cost-effective controls and allocate resources, organizations, after identifying all likely controls and evaluating their feasibility and usefulness, must conduct a cost-bene?t analysis. This process must be conducted for each new or enhanced control to determine if the control recommended is appropriate for the organization. A cost beneift analysis mainly determines the impact of implementing the new or enhanced control and then determines the impact of not implementing the control.



SSH is a network protocol that allows data to be exchanged between two networks using a secure channel.
Which of the following encryption algorithms can be used by the SSH protocol? Each correct answer represents a complete solution. Choose all that apply.

  1. Blowfish
  2. DES
  3. IDEA
  4. RC4

Answer(s): A,B,C

Explanation:

SSH connections can use IDEA, Blowfish, and DES encryption algorithms. Answer option D is incorrect. The RC4 encryption algorithm is used by the SSL protocol.



Page 24 of 61



Post your Comments and Discuss ISC2 ISSAP exam with other Community members:

Terry commented on May 24, 2023
i can practice for exam
Anonymous
upvote

Rahul Kumar commented on August 31, 2023
need certification.
CANADA
upvote

Rahul Kumar commented on August 31, 2023
need certification.
CANADA
upvote

Terry commented on May 24, 2023
I can practice for exam
Anonymous
upvote