New Year Sale 2026! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

ISC2 ISSAP Exam - Topic 5 Question 110 Discussion

Actual exam question for ISC2's ISSAP exam
Question #: 110
Topic #: 5
[All ISSAP Questions]

John works as a professional Ethical Hacker. He has been assigned the project of testing the security of www.we-are-secure.com. John notices that the We-are-secure network is vulnerable to a man-in-the-middle attack since the key exchange process of the cryptographic algorithm it is using does not thenticate participants. Which of the following cryptographic algorithms is being used by the We-are-secure server?

Show Suggested Answer Hide Answer
Suggested Answer: D

by Nobuko at Jan 05, 2026, 05:16 AM

Limited Time Offer

25%

Off

Get Premium ISSAP Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Merlyn
3 days ago
Twofish? Nah, that's not it. Blowfish maybe? Sounds like a fishy situation.
upvoted 0 times
...
Louvenia
8 days ago
RSA would be my guess. It's a classic algorithm with potential authentication issues.
upvoted 0 times
...
Nada
13 days ago
Diffie-Hellman, definitely. That's the one with the key exchange vulnerability.
upvoted 0 times
...
Refugia
19 days ago
I thought Blowfish and Twofish were more focused on encryption rather than key exchange, so they seem unlikely to be the answer.
upvoted 0 times
...
Clemencia
24 days ago
I feel like I've seen a question like this before, and it was about how Diffie-Hellman can be vulnerable to MITM attacks due to lack of authentication.
upvoted 0 times
...
Charlette
29 days ago
I'm not entirely sure, but I think RSA is more about encrypting messages rather than just key exchange, so it probably isn't the answer.
upvoted 0 times
...
Sylvie
1 month ago
I remember studying that Diffie-Hellman is often used for key exchange but doesn't authenticate participants, so it might be the right answer here.
upvoted 0 times
...
Hubert
1 month ago
Aha, I think I've got it! The lack of authentication in the key exchange process suggests Diffie-Hellman, since that protocol doesn't inherently provide authentication. I'll go with option D.
upvoted 0 times
...
Winifred
1 month ago
I'm a bit confused on this one. The question is asking about the algorithm, but the details seem to be more about the key exchange process. I'll need to review my cryptography concepts to figure this out.
upvoted 0 times
...
Rene
2 months ago
Okay, I know Blowfish and Twofish are symmetric ciphers, so they're probably not the right answer here. I'm leaning towards Diffie-Hellman since that's a key exchange protocol that could be vulnerable to MITM attacks.
upvoted 0 times
...
Eladia
2 months ago
Hmm, the man-in-the-middle vulnerability points to a problem with the key exchange, so I'm guessing it's either Diffie-Hellman or RSA. I'll have to weigh the pros and cons of each.
upvoted 0 times
...
Lauran
2 months ago
This sounds like a tricky one. I'll need to think carefully about the key exchange process and what that might imply about the algorithm being used.
upvoted 0 times
...

Save Cancel