CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. ISC2
  5. ISSAP

Free ISSAP Exam Braindumps (page: 8)

Page 8 of 61
PDF with 241 Questions

The simplest form of a firewall is a packet filtering firewall. Typically a router works as a packet- filtering firewall and has the capability to filter on some of the contents of packets. On which of the following layers of the OSI reference model do these routers filter information? Each correct answer represents a complete solution. Choose all that apply.

  1. Transport layer
  2. Physical layer
  3. Data Link layer
  4. Network layer

Answer(s): A,D

Explanation:

Typically routers work as packet-filtering firewalls. These routers have the capability to filter on some of the contents of packets. The information that a packet filtering firewall can examine includes the Network layer (layer 3) and sometimes the Transport layer (layer 4)
information. For example, Cisco routers with standard ACLs filter information at the Network layer.
However, Cisco routers with extended ACLs filter information at both the Network layer and Transport layer. Answer option B is incorrect. The Physical Layer defines the means of transmitting raw bits rather than logical data packets over a physical link connecting network nodes.



Andrew works as a Network Administrator for Infonet Inc. The company's network has a Web server that hosts the company's Web site. Andrew wants to increase the security of the Web site by implementing Secure Sockets Layer (SSL).
Which of the following types of encryption does SSL use? Each correct answer represents a complete solution. Choose two.

  1. Synchronous
  2. Secret
  3. Asymmetric
  4. Symmetric

Answer(s): C,D

Explanation:

SSL uses both the symmetric and asymmetric encryption algorithms. Symmetric algorithm uses the same key to encrypt and decrypt data. This algorithm is faster than asymmetric algorithm but not as secure as it. Asymmetric algorithms use a pair of keys. Data encrypted using one key can only be decrypted using the other. Typically, one of the keys is kept private while the other is made public. Because one key is always kept private, asymmetric algorithm is generally secure. However, it is much slower than symmetric algorithm. To take advantage of both algorithms, SSL encapsulates a randomly selected symmetric key inside a message encrypted with an asymmetric algorithm.
Using the SSL protocol, clients and servers can communicate in a way that prevents eavesdropping and tampering of data on the Internet.
Many Web sites use the SSL protocol to obtain confidential user information, such as credit card numbers. By convention, URLs that require an
SSL connection start with https: instead of http:. By default, SSL uses port 443 for secured communication.



John works as a professional Ethical Hacker. He has been assigned the project of testing the security of www.we-are-secure.com. John notices that the We-are-secure network is vulnerable to a man-in- the-middle attack since the key exchange process of the cryptographic algorithm it is using does not thenticate participants.
Which of the following cryptographic algorithms is being used by the We- are-secure server?

  1. Blowfish
  2. Twofish
  3. RSA
  4. Diffie-Hellman

Answer(s): D

Explanation:

According to this scenario, we-are-secure.com is using the Diffie-Hellman cryptographic algorithm to encrypt data into the network. The Diffie- Hellman encryption was developed by Diffie and Hellman in 1976 and published in the paper named "New Directions in Cryptography." It is a key agreement protocol (also called exponential key agreement) that allows two users to exchange a secret key over an insecure medium
(such as the Internet) without any prior secrets. The original protocol had two system parameters, p and g. They are both public and may be used by all the users in a system. The Diffie-Hellman key exchange was vulnerable to a man-in-the-

middle attack, as Diffie-Hellman key exchange does not authenticate the participants.
The current form of the Diffie-Hellman protocol (also known as authenticated Diffie-Hellman key agreement protocol, or Station-to-Station
(STS) protocol), was developed by Diffie, Van Oorschot, and Wiener in 1992 to overcome the man-in- the-middle attack. This is achieved by allowing the two parties to authenticate themselves to each other by the use of digital signatures and public-key certificates. The Diffie-
Hellman protocol is an example of a much more general cryptographic technique, the common element being the derivation of a shared secret value (that is, key) from one party's public key and another party's private key. The parties' key pairs may be generated anew at each run of the protocol as in the original Diffie-Hellman protocol. The public keys may be certified so that the parties can be authenticated and there may be a combination of these attributes.
Answer option C is incorrect. The RSA algorithm is an example of the public key algorithm in which the public key is generated from the private key. In the RSA algorithm, public and private keys are generated as follows:
1.Choose two large prime numbers p and q of equal lengths, and compute n=p*q. 2.Choose a random public key e such that e and (p-1)*(q-1) are relatively prime. 3.Calculate e*d=1*mod[(p-1)*(q-1)]. Here, d is a private key.
4.Calculate d=e^(-1)*mod[(p-1)*(q-1)].
5.Now (e,n) and (d,n) are the public and private keys respectively. Answer option A is incorrect. Blowfish is a symmetric 64-bit block cipher that can support key lengths up to 448 bits. It is included in a large number of cipher suites and encryption products. It was designed in 1993 by Bruce Schneier and is freely available for anyone to use. This has contributed to its popularity in cryptographic software.



Jasmine is creating a presentation. She wants to ensure the integrity and authenticity of the presentation.
Which of the following will she use to accomplish the task?

  1. Mark as final
  2. Digital Signature
  3. Restrict Permission
  4. Encrypt Document

Answer(s): B

Explanation:

Digital signature uses the cryptography mechanism to ensure the integrity of a presentation. Digital signature is an authentication tool that is used to ensure the integrity and non-repudiation of a presentation. It is used to authenticate the presentation by using a cryptographic mechanism. The document for a digital signature can be a presentation, a message, or an email.



Page 8 of 61



Post your Comments and Discuss ISC2 ISSAP exam with other Community members:

Terry commented on May 24, 2023
i can practice for exam
Anonymous
upvote

Rahul Kumar commented on August 31, 2023
need certification.
CANADA
upvote

Rahul Kumar commented on August 31, 2023
need certification.
CANADA
upvote

Terry commented on May 24, 2023
I can practice for exam
Anonymous
upvote