Cisco
CompTIA
ISC
EC-Council
EXIN
Fortinet
ITIL
Juniper
Microsoft
VMware
Avaya
SAP
Google
NVIDIA
Salesforce
Amazon
Palo Alto Networks
ISC2
Splunk
ServiceNow
All Vendors
  2. Home
  3. Exams
  4. ISC2
  5. ISSAP

ISC2 ISSAP Exam
ISC2 Information Systems Security Architecture Professional Exam (Page 7 )

Updated On: 7-Feb-2026
Page 7 of 50
PDF with 241 Questions

Which of the following types of attacks cannot be prevented by technical measures only?

  1. Social engineering
  2. Brute force
  3. Smurf DoS
  4. Ping flood attack

Answer(s): A

Explanation:

A social engineering attack is the art of convincing people to disclose useful information such as account names and passwords. This information is further exploited by a hacker to gain access to a user's computer or network. This method involves the ability of people to trick someone mentally rather than exploiting their technical skills. This type of attack cannot be prevented by technical measures only. A user should always distrust a person who asks him for his account name or password, computer name, IP

address, employee ID, or other information that can be misused.



Which of the following attacks can be overcome by applying cryptography?

  1. Web ripping
  2. DoS
  3. Sniffing
  4. Buffer overflow

Answer(s): C

Explanation:

If you send encrypted data packets, sniffers cannot read the data in the plaintext form.
Hence, this attack can be overcome by applying encryption. Majority of the network communications occur in unsecured format. This allows an attacker, who has gained access to data paths in your network, to interpret (read) data traffic. This eavesdropping on your communications is referred to as sniffing or snooping.
Answer option D is incorrect. Buffer overflow is a condition in which an application receives more data than it is configured to accept. It helps an attacker not only to execute a malicious code on the target system but also to install backdoors on the target system for further attacks.
All buffer overflow attacks are due to only sloppy programming or poor memory management by the application developers. The main types of buffer overflows are:
Stack overflow
Format string overflow
Heap overflow
Integer overflow
Answer option A is incorrect. Web ripping is a technique in which the attacker copies the whole structure of a Web site to the local disk and obtains all files of the Web site. Web ripping helps an attacker to trace the loopholes of the Web site. Answer option B is incorrect. A Denial-of-Service (DoS) attack is mounted with the objective of causing a negative impact on the performance of a computer or network. It is also known as network saturation attack or bandwidth consumption attack. Attackers make Denial-of-Service attacks by sending a large number of protocol packets to a network.



Which of the following authentication methods prevents unauthorized execution of code on remote systems?

  1. TACACS
  2. S-RPC
  3. RADIUS
  4. CHAP

Answer(s): B

Explanation:

Secure RPC (Remote Procedure Call) is an authentication method used to authenticate the user and the host. It also prevents unauthorized execution of code on remote systems. S-RPC uses the Diffie-Hellman and DES mechanisms. It is required for the applications to have the NFS
and the NIS+ name service if they use Secure RPC.
Answer option C is incorrect. Remote Authentication Dial In User Service (RADIUS) is a networking protocol that provides centralized access,
authorization and accounting management for people or computers to connect and use a network service.
When a person or device connects to a network often authentication is required. RADIUS is commonly used by ISPs and corporations managing access to the Internet or internal networks employing a variety of networking technologies, including modems, DSL, wireless and VPNs.
Answer option A is incorrect. Terminal Access Controller Access-Control System (TACACS) is a remote authentication protocol that is used to communicate with an authentication server commonly used in UNIX networks. TACACS allows a remote access server to communicate with an authentication server in order to determine if the user has access to the network. TACACS allows a client to accept a username and password and send a query to a TACACS authentication server, sometimes called a TACACS daemon. It uses UDP port 49 as the default port.
Answer option D is incorrect. Challenge Handshake Authentication Protocol (CHAP) is an authentication protocol that uses a secure form of encrypted authentication. Using CHAP, network dial-up connections are able to securely connect to almost all PPP servers.



The simplest form of a firewall is a packet filtering firewall. Typically a router works as a packet- filtering firewall and has the capability to filter on some of the contents of packets. On which of the following layers of the OSI reference model do these routers filter information? Each correct answer represents a complete solution. Choose all that apply.

  1. Transport layer
  2. Physical layer
  3. Data Link layer
  4. Network layer

Answer(s): A,D

Explanation:

Typically routers work as packet-filtering firewalls. These routers have the capability to filter on some of the contents of packets. The information that a packet filtering firewall can examine includes the Network layer (layer 3) and sometimes the Transport layer (layer 4)
information. For example, Cisco routers with standard ACLs filter information at the Network layer.
However, Cisco routers with extended ACLs filter information at both the Network layer and Transport layer. Answer option B is incorrect. The Physical Layer defines the means of transmitting raw bits rather than logical data packets over a physical link connecting network nodes.



Andrew works as a Network Administrator for Infonet Inc. The company's network has a Web server that hosts the company's Web site. Andrew wants to increase the security of the Web site by implementing Secure Sockets Layer (SSL).
Which of the following types of encryption does SSL use? Each correct answer represents a complete solution. Choose two.

  1. Synchronous
  2. Secret
  3. Asymmetric
  4. Symmetric

Answer(s): C,D

Explanation:

SSL uses both the symmetric and asymmetric encryption algorithms. Symmetric algorithm uses the same key to encrypt and decrypt data. This algorithm is faster than asymmetric algorithm but not as secure as it. Asymmetric algorithms use a pair of keys. Data encrypted using one key can only be decrypted using the other. Typically, one of the keys is kept private while the other is made public. Because one key is always kept private, asymmetric algorithm is generally secure. However, it is much slower than symmetric algorithm. To take advantage of both algorithms, SSL encapsulates a randomly selected symmetric key inside a message encrypted with an asymmetric algorithm.
Using the SSL protocol, clients and servers can communicate in a way that prevents eavesdropping and tampering of data on the Internet.
Many Web sites use the SSL protocol to obtain confidential user information, such as credit card numbers. By convention, URLs that require an
SSL connection start with https: instead of http:. By default, SSL uses port 443 for secured communication.






Post your Comments and Discuss ISC2 ISSAP exam prep with other Community members:

Join the ISSAP Discussion