Cyber Monday 2022! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: CM2022
Welcome to Pass4Success

- Free Preparation Discussions

ISC2 Information Systems Security Architecture Professional Exam

Certification Provider: ISC2
Exam Name: Information Systems Security Architecture Professional
Duration: 150 Minutes
Number of questions in our database: 249
Exam Version: Nov. 20, 2022
Exam Official Topics:
  • Topic 1: Evaluate Security architecture models and frameworks/ Security Architecture Modeling
  • Topic 2: Integrate security principles into applications development/ Architect for Governance, Compliance and Risk Management
  • Topic 3: Identity and Access Management (IAM) Architecture/ Design a security operations architecture
  • Topic 4: Architect for Application Security/ Produce an identity and access management architecture
  • Topic 5: Security Operations Architecture/ Develop an infrastructure security program
  • Topic 6: Create an Information Security Architecture that meets the requirements of governance/ Infrastructure Security Architecture

Free ISC2 Information Systems Security Architecture Professional Exam Actual Questions

The questions for Information Systems Security Architecture Professional were last updated On Nov. 20, 2022

Question #1

Which of the following protects against unauthorized access to confidential information via encryption and works at the network layer?

Reveal Solution Hide Solution
Correct Answer: D

works at the network layer.

IPSec provides machine-level authentication as well as data encryption. It is used for VPN connections that use the L2TP protocol. It secures

both data and password.

Answer option B is incorrect. NAT also works at the network layer, but it does not provide encryption for data.


Question #2

Which of the following statements are true about Public-key cryptography? Each correct answer represents a complete solution. Choose two.

Reveal Solution Hide Solution
Correct Answer: B, D

widely distributed. A message encrypted with a recipient's public key cannot be decrypted by anyone except the owner of that key and the

person associated with the public key used. This is used for confidentiality. A message signed with a sender's private key can be verified by

anyone who has access to the sender's public key.

Answer options A and C are incorrect. Because of the asymmetric behavior of the keys, the secret key can encrypt a message, and anyone

with the public key can decrypt it. The distinguishing technique used in public key-private key cryptography is the use of asymmetric key

algorithms because the key used to encrypt a message is not the same as the key used to decrypt it.


Question #3

Which of the following backup types backs up files that have been added and all data that have been modified since the most recent backup was performed?

Reveal Solution Hide Solution
Correct Answer: B

performed.

Incremental backup backs up files that are created or changed since the last full or incremental backup. Incremental backup provides a faster

method of backing up data than most other backup methods. Restoring data from an incremental backup requires the last full backup and all

subsequent incremental backups. Incremental backups must be restored in the same order as they were created.

If any incremental backup in the incremental backup set is damaged or becomes corrupt, the data backed up after corruption cannot be

restored.

Answer option D is incorrect. Full backup, also known as normal backup, involves backing up the entire hard disks and files of a machine.

When the full backup type is set up, a user should choose which files, folders, and hard disks are to be backed up. After a full backup is

performed, all archive bits are reset to 0.

Answer option A is incorrect. Differential backup backs up files that are created or changed since the last full backup. It requires minimum

space to backup data. Differential backup requires only the last full backup tape and the last differential backup tape to restore data. It is

faster as compared to full backup.

Answer option C is incorrect. There is no such type of backup as daily backup.


Question #4

You are responsible for security at a hospital. Since many computers are accessed by multiple employees 24 hours a day, 7 days a week, controlling physical access to computers is very difficult. This is compounded by a high number of non employees moving through the building. You are concerned about unauthorized access to patient records. What would best solve this problem?

Reveal Solution Hide Solution
Correct Answer: C

and a username/password to access any hospital computers.

Answer option D is incorrect. If there is a security breach, video surveillance might help catch the perpetrator, but it won't prevent the breach.

Answer option A is incorrect. Challenge Handshake Authentication Protocol, will not help prevent unauthorized access to computers.

Answer option B is incorrect. A hospital requires 24 hour a day access to patient data. Time of day restrictions would not work.


Question #5

In which of the following cryptographic attacking techniques does the attacker pick up the information to be encrypted and take a copy of it with the encrypted data?

Reveal Solution Hide Solution
Correct Answer: C

This is used to find patterns in the cryptographic output that might uncover vulnerability or reveal a cryptographic key.

Answer option D is incorrect. In a ciphertext only attack, the attacker obtains encrypted messages that have been encrypted using the same

encryption algorithm. For example, the original version of WEP used RC4, and if sniffed long enough, the repetitions would allow a hacker to

extract the WEP key. Such types of attacks do not require the attacker to have the plaintext because the statistical analysis of the sniffed log

is enough.

Answer option A is incorrect. In a chosen ciphertext attack, the attacker can choose the ciphertext to be decrypted and can then analyze the

plaintext output of the event. The early versions of RSA used in SSL were actually vulnerable to this attack.

Answer option B is incorrect. In a known plaintext attack, the attacker should have both the plaintext and ciphertext of one or more

messages. These two items are used to extract the cryptographic key and recover the encrypted text.



Unlock all Information Systems Security Architecture Professional Exam Questions with Advanced Practice Test Features:
  • Select Question Types you want
  • Set your Desired Pass Percentage
  • Allocate Time (Hours : Minutes)
  • Create Multiple Practice tests with Limited Questions
  • Customer Support
Get Full Access Now
Disscuss ISC2 Information Systems Security Architecture Professional Topics, Questions or Ask Anything Related

Save Cancel