CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. ISC2
  5. ISSAP

Free ISSAP Exam Braindumps (page: 3)

Page 3 of 61
PDF with 241 Questions

Which of the following is used to authenticate asymmetric keys?

  1. Digital signature
  2. MAC Address
  3. Demilitarized zone (DMZ)
  4. Password

Answer(s): A

Explanation:

A digital signature is used to authenticate asymmetric keys. Digital signature is a message signed with a sender's private key can be verified by anyone who has access to the sender's public key,
thereby proving that the sender signed it and that the message has not been tampered with. This is used to ensure authenticity.
Public-key cryptography, also known as asymmetric cryptography, is a form of cryptography in which the key used to encrypt a message differs from the key used to decrypt it.
Answer option C is incorrect. Demilitarized zone (DMZ) or perimeter network is a small network that lies in between the Internet and a private network. It is the boundary between the Internet and an internal network, usually a combination of firewalls and bastion hosts that are gateways between inside networks and outside networks. DMZ provides a large enterprise network or corporate network the ability to use the Internet while still maintaining its security.
Answer options D, B are incorrect. Password and MAC address are not used to authenticate asymmetric keys.



IPsec VPN provides a high degree of data privacy by establishing trust points between communicating devices and data encryption.
Which of the following encryption methods does IPsec VPN use?
Each correct answer represents a complete solution. Choose two.

  1. MD5
  2. LEAP
  3. AES
  4. 3DES

Answer(s): C,D

Explanation:

IPsec VPN provides a high degree of data privacy by establishing trust points between communicating devices and data encryption using the
3DES (Triple Data Encryption Algorithm) or AES (Advanced Encryption Standard).



A user is sending a large number of protocol packets to a network in order to saturate its resources and to disrupt connections to prevent communications between services.
Which type of attack is this?

  1. Denial-of-Service attack
  2. Vulnerability attack
  3. Social Engineering attack
  4. Impersonation attack

Answer(s): A

Explanation:

A Denial-of-Service (DoS) attack is mounted with the objective of causing a negative impact on the performance of a computer or network. It is also known as network saturation attack or bandwidth consumption attack. Attackers make Denial- of-Service attacks by sending a large number of protocol packets to a network. A DoS attack can cause the following to occur:
Saturate network resources.
Disrupt connections between two computers, thereby preventing communications between services.
Disrupt services to a specific computer.
A SYN attack is a common DoS technique in which an attacker sends multiple SYN packets to a target computer. For each SYN packet received,
the target computer allocates resources and sends an acknowledgement (SYN-ACK) to the source IP address. Since the target computer does not receive a response from the attacking computer, it attempts to resend the SYN-ACK. This leaves TCP ports in the half-open state.
When an attacker sends TCP SYNs repeatedly before the half-open connections are timed out, the target computer eventually runs out of resources and is unable to handle any more connections, thereby denying service to legitimate users. Answer option D is incorrect. An impersonation attack attempts to access the system by using a valid user password.
Answer option B is incorrect. A vulnerability attack takes advantage of the vulnerabilities in an operating system or software service to enter into the operating system and disrupt its working.
Answer option C is incorrect. Social engineering is the art of convincing people and making them disclose useful information such as account names and passwords. This information is further exploited by hackers to gain access to a user's computer or network. This method involves mental ability of the people to trick someone rather than their technical skills. A user should always distrust people who ask him for his account name or password, computer name, IP address, employee ID, or other information that can be misused.



Which of the following types of firewall functions at the Session layer of OSI model?

  1. Circuit-level firewall
  2. Application-level firewall
  3. Packet filtering firewall
  4. Switch-level firewall

Answer(s): A

Explanation:

Circuit-level firewall operates at the Session layer of the OSI model. This type of firewall regulates traffic based on whether or not a trusted connection has been established.



Page 3 of 61



Post your Comments and Discuss ISC2 ISSAP exam with other Community members:

Terry commented on May 24, 2023
i can practice for exam
Anonymous
upvote

Rahul Kumar commented on August 31, 2023
need certification.
CANADA
upvote

Rahul Kumar commented on August 31, 2023
need certification.
CANADA
upvote

Terry commented on May 24, 2023
I can practice for exam
Anonymous
upvote