CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. ISC2
  5. ISSAP

Free ISSAP Exam Braindumps (page: 27)

Page 27 of 61
PDF with 241 Questions

Which of the following protocols provides certificate-based authentication for virtual private networks (VPNs)?

  1. PPTP
  2. SMTP
  3. HTTPS
  4. L2TP

Answer(s): D

Explanation:

Layer 2 Tunneling Protocol (L2TP) is a more secure version of Point-to-Point Tunneling Protocol (PPTP). It provides tunneling, address assignment, and authentication. L2TP allows transfer of Point-to-Point Protocol (PPP) traffic between different networks. L2TP combines with
IPSec to provide both tunneling and security for Internet Protocol (IP), Internetwork Packet Exchange (IPX), and other protocol packets across IP networks. It provides certificate-based authentication for virtual private networks (VPNs). Answer option A is incorrect. Point-to-Point Tunneling Protocol (PPTP) is a remote access protocol. It is an extension of the Point-to-Point
Protocol (PPP). PPTP is used to securely connect to a private network by a remote client using a public data network, such as the Internet.
Virtual private networks (VPNs) use the tunneling protocol to enable remote users to access corporate networks securely across the Internet.
PPTP supports encapsulation of encrypted packets in secure wrappers that can be transmitted over a TCP/IP connection.
Answer options C, B are incorrect. The HTTPS and SMTP protocols are not used in virtual private networks (VPNs).



Which of the following types of ciphers are included in the historical ciphers? Each correct answer represents a complete solution. Choose two.

  1. Block ciphers
  2. Transposition ciphers
  3. Stream ciphers
  4. Substitution ciphers

Answer(s): B,D

Explanation:

Historical ciphers include the following types of ciphers:
1.Substitution ciphers: In cryptography, a substitution cipher is a method of encryption by which units of plaintext are replaced with ciphertext according to a regular system. The units may be single letters, pairs of letters, triplets of letters, mixtures of the above, and so forth. The receiver deciphers the text by performing an inverse substitution.
2.Transposition ciphers:
A transposition cipher is a method of cryptographic encryption by which the positions held by units of plaintext (which are commonly characters or groups of characters) are shifted according to a regular system, so that the ciphertext constitutes a permutation of the plaintext. That is, the order of the units is changed. Mathematically a bijective function is used on the characters'
positions to encrypt and an inverse function to decrypt. Answer options A, C are incorrect. Block ciphers and stream ciphers are not included in the historical ciphers. Both are the types of modern ciphers.



John works as a security manager for SoftTech Inc. He is working with his team on the disaster recovery management plan. One of his team members has a doubt related to the most cost effective DRP testing plan. According to you, which of the following disaster recovery testing plans is the most cost-effective and efficient way to identify areas of overlap in the plan before conducting more demanding training exercises?

  1. Evacuation drill
  2. Walk-through drill
  3. Structured walk-through test
  4. Full-scale exercise

Answer(s): C

Explanation:

The structured walk-through test is also known as the table-top exercise. In structured walk-through test, the team members walkthrough the plan to identify and correct weaknesses and how they will respond to the emergency scenarios by stepping in the course of the plan. It is the most effective and competent way to identify the areas of overlap in the plan before conducting more challenging training exercises.
Answer option D is incorrect. In full-scale exercise, the critical systems run at an alternate site. Answer option B is incorrect. The emergency management group and response teams actually perform their emergency response functions by walking through the test, without actually initiating recovery procedures. But it is not much cost effective.
Answer option A is incorrect. It is a test performed when personnel walks through the evacuation route to a designated area where procedures for accounting for the personnel are tested.



Which of the following security protocols provides confidentiality, integrity, and authentication of network traffic with end-to-end and intermediate-hop security?

  1. IPSec
  2. SET
  3. SWIPE
  4. SKIP

Answer(s): C

Explanation:

The Software IP Encryption Protocol (SWIPE) is an IP (Internet Protocol) security protocol that operates at the Internet Layer of the Internet Protocol Suite. It provides confidentiality, integrity, and authentication of network traffic, and can be used to provide both end-to-end and intermediate-hop security. SWIPE is concerned only with security mechanisms; policy and key management are handled outside the protocol.
It works by augmenting each packet with a cryptographically-strong authenticator and/or encrypting the data to be sent.
Answer option B is incorrect. Secure Electronic Transaction (SET) was a standard protocol for securing credit card transactions over insecure networks, specifically, the Internet. SET was not itself a payment system, but rather a set of security protocols and formats that enable users to employ the existing credit card payment infrastructure on an open network in a secure fashion.
However, it failed to gain traction. VISA now promotes the 3-D Secure scheme.
SET allowed parties to cryptographically identify themselves to each other and exchange information securely. SET used a blinding algorithm that, in effect, would have let merchants substitute a certificate for a user's credit-card number. If SET were used, the merchant itself would never have had to know the credit-card numbers being sent from the buyer, which would have provided verified good payment but protected customers and credit companies from fraud.
Answer option A is incorrect. Internet Protocol Security (IPSec) is a method of securing data. It secures traffic by using encryption and digital signing. It enhances the security of data as if an IPSec packet is captured, its contents cannot be read.
IPSec also provides sender verification that ensures the certainty of the datagram's origin to the receiver. Answer option D is incorrect. SKIP (Simple Key-Management for Internet Protocol) is developed by the IETF Security Working Group for the sharing of encryption keys. It is used to protect sessionless datagram protocols. SKIP works at Layer 3 of the OSI model. It integrates with the IPSec (Internet Protocol Security).



Page 27 of 61



Post your Comments and Discuss ISC2 ISSAP exam with other Community members:

Terry commented on May 24, 2023
i can practice for exam
Anonymous
upvote

Rahul Kumar commented on August 31, 2023
need certification.
CANADA
upvote

Rahul Kumar commented on August 31, 2023
need certification.
CANADA
upvote

Terry commented on May 24, 2023
I can practice for exam
Anonymous
upvote