ISC2 ISSEP PDF Exam Questions:
How to Get Success in ISC2 ISSEP Exam:
- Avoid deceptive ISSEP PDF Exam Questions.
- Focus on ISSEP Questions (PDF) based on the latest exam syllabus.
- Make notes of ISC2 ISSEP PDF for better learning.
- Prepare from our latest ISC2 ISSEP PDF file and get success in first attempt.
Prepare ISC2 ISSEP Exam Within Short Time
Your knowledge and abilities are validated by passing the ISC2 ISSEP exam. Our PDF questions and answers will help you prepare for the ISSEP exam in a short time because it includes questions similar to the real ISC2 exam questions. After downloading the ISSEP ISC2 PDF exam questions, relevant to the actual exam, you can take a print of all questions and prepare them anytime, anywhere.
Realistic Scenario Based ISC2 ISSEP PDF Exam Questions:
Everyone wants to become certified Certified Information Systems Security Professional and improve his/her resume. You should practice with real ISSEP questions. Students can benefit from the ISSEP exam questions which are available in PDF format. The ISSEP exam questions and answers are designed to match the criteria of the actual exam. If you use scenario-based ISC2 ISSEP questions you will have an extra potential to clear the exam on the first attempt.
FITSAF stands for Federal Information Technology Security Assessment Framework. It is a methodology for assessing the security of information systems. Which of the following FITSAF levels shows that the procedures and controls are tested and reviewed?
See the explanation below.
The following are the five levels of FITSAF based on SEI's Capability Maturity Model (CMM):
Level 1: The first level reflects that an asset has documented a security policy.
Level 2: The second level shows that the asset has documented procedures and controls to implement the policy.
Level 3: The third level indicates that these procedures and controls have been implemented.
Level 4: The fourth level shows that the procedures and controls are tested and reviewed.
Level 5: The fifth level is the final level and shows that the asset has procedures and controls fully integrated into a comprehensive program.
Which of the following is a type of security management for computers and networks in order to identify security breaches?
See the explanation below.
Intrusion detection (ID) is a type of security management system for computers and networks. An ID system gathers and analyzes information from various areas within a computer or a network to identify possible security breaches, which include both intrusions (attacks from outside the organization) and misuse (attacks from within the organization). ID uses vulnerability assessment (sometimes referred to as scanning), which is a technology developed to assess the security of a computer system or network. Intrusion detection functions include the following:
Monitoring and analyzing both user and system activities
Analyzing system configurations and vulnerabilities
Assessing system and file integrity
Ability to recognize patterns typical of attacks
Analysis of abnormal activity patterns
Tracking user policy violations
Answer option A is incorrect. An intrusion prevention system (IPS) is a network security device that monitors network and/or system activities for malicious or unwanted behavior and can react, in real-time, to block or prevent those activities. When an attack is detected, the IPS can drop the offending packets while still allowing all other traffic to pass.
Answer option C is incorrect. Adaptive Security Appliance (ASA) is a new generation of network security hardware of Cisco. ASA hardware acts as a firewall, in other security roles, and in a combination of roles. The Cisco ASA includes the following components:
Anti-x: Anti-x includes whole class of security tools such as Anti-virus, Anti-spyware, Anti-spam, etc.
Intrusion Detection and Prevention: Intrusion Detection and Prevention includes tools such as
Intrusion Detection Systems (IDS) and Intrusion Prevention Systems (IPS) for sophisticated kinds of attacks.
Note: Earlier Cisco sold firewalls with the proprietary name PIX firewall. ASA is the new edition of
security solutions by Cisco.
Answer option D is incorrect. Extensible Authentication Protocol, or EAP, is a universal authentication framework frequently used in wireless networks and Point-to-Point connections. It is defined in RFC 3748, which has been updated by RFC 5247. Although the EAP protocol is not limited to wireless LANs and can be used for wired LAN authentication, it is most often used in wireless LANs. The WPA and WPA2 standard has officially adopted five EAP types as its official authentication mechanism. EAP is an authentication framework, not a specific authentication mechanism. The EAP provides some common functions and a negotiation of the desired authentication mechanism.
Which of the following types of firewalls increases the security of data packets by remembering the state of connection at the network and the session layers as they pass through the filter?
See the explanation below.
A stateful packet filter firewall maintains context about active sessions, and uses that 'state information' to speed packet processing. It increases the security of data packets by remembering the state of connection at the network and the session layers as the packets pass through the filter.
Any existing network connection can be described by several properties, including source and destination IP address, UDP or TCP ports, and the current stage of the connection's lifetime (including session initiation, handshaking, data transfer, or completion connection). If a packet does not match an existing connection, it will be evaluated according to the ruleset for new connections.
If a packet matches an existing connection based on comparison with the firewall's state table, it will be allowed to pass without further processing. PF (Packet Filter, also written pf) is a BSD licensed
stateful packet filter, a central piece of software for firewalling. It is comparable to iptables, ipfw and
ipfilter. PF is developed on OpenBSD, but has been ported to many other operating systems.
Answer option A is incorrect. A stateless packet filter firewall separately analyses incoming packets
independently of the TCP connection or UDP data stream they belong to. It requires less memory,
and can be faster for simple filters that require less time to filter than to look up a session. It may
also be necessary for filtering stateless network protocols that have no concept of a session.
However, it cannot make more complex decisions based on what stage communications between
hosts have reached. It decides whether to allow a packet to traverse the firewall based on the
header of the packet, without regard to past traffic through the firewall.
Stateless IP filters are very inexpensive, and many are free. They are included with router
configuration software or are included with most Open Source operating systems.
Answer option B is incorrect. The PIX firewall is a Cisco product that performs VPN and firewall
functions. This product comes in different models according to the requirements. Cisco's PIX firewall
models such as PIX 501, 506 and 506E provide a firewall solution for small office environments. Cisco
PIX 515, 515E, 525, etc. are widely used in medium and large enterprises. These days Adaptive
Security Appliances (ASA) is used instead of PIX firewalls.
Answer option D is incorrect. A virtual firewall (VF) is a network firewall service or appliance running
entirely within a virtualized environment and which provides the usual packet filtering and
monitoring provided via a physical network firewall. The VF can be realized as a traditional software
firewall on a guest virtual machine already running, or it can be a purpose-built virtual security
appliance designed with virtual network security in mind, or it can be a virtual switch with additional
security capabilities, or it can be a managed kernel process running within the host hypervisor.
Which of the following federal laws is designed to protect computer data from theft?
See the explanation below.
The Computer Fraud and Abuse Act is a law passed by the United States Congress in 1984 intended to reduce cracking of computer systems and to address federal computer-related offenses. The Computer Fraud and Abuse Act (codified as 18 U.S.C. 1030) governs cases with a compelling federal interest, where computers of the federal government or certain financial institutions are involved, where the crime itself is interstate in nature, or computers used in interstate and foreign commerce.
It was amended in 1986, 1994, 1996, in 2001 by the USA PATRIOT Act, and in 2008 by the Identity Theft Enforcement and Restitution Act. Section (b) of the act punishes anyone who not just commits or attempts to commit an offense under the Computer Fraud and Abuse Act but also those who conspire to do so.
Answer option A is incorrect. FISMA assigns specific responsibilities to federal agencies, the National
Institute of Standards and Technology (NIST), and the Office of Management and Budget (OMB) in
order to strengthen information system security. In particular, FISMA requires the head of each
agency to implement policies and procedures to cost-effectively reduce information technology
security risks to an acceptable level.
According to FISMA, the term information security means protecting information and information
systems from unauthorized access, use, disclosure, disruption, modification, or destruction in order
to provide integrity, confidentiality, and availability. Answer option C is incorrect. The Government
Information Security Reform Act (GISRA) addresses the information security program, evaluation,
and reporting requirements for federal agencies. The basic requirement of this law is that the
agencies should perform the periodic threat-based risk assessments for systems and data. GISRA
requires that the organizations should develop and execute risk-based, cost effective policies and
procedures to provide guidance for security planning and implementation. GISRA's essential
requisite is that the agencies should develop a process to guarantee that some corrective action has
taken place to address the deficiencies. It also emphasizes that the agencies should provide training
on security awareness and security responsibilities to agency personnel and information security
personnel. Answer option D is incorrect. The Computer Security Act was passed by the United States
Congress. It was passed to improve the security and privacy of sensitive information in Federal
computer systems and to establish a minimum acceptable security practices for such systems. It
requires the creation of computer security plans, and the appropriate training of system users or
owners where the systems house sensitive information.
Which of the following is used to indicate that the software has met a defined quality level and is ready for mass distribution either by electronic means or by physical media?
See the explanation below.
RTM is used to indicate that the software has met a defined quality level and is ready for mass
distribution either by electronic means or by physical media.
Answer option D is incorrect. The Designated Approving Authority (DAA), in the United States
Department of Defense, is the official with the authority to formally assume responsibility for
operating a system at an acceptable level of risk. The DAA is responsible for implementing system
security. The DAA can grant the accreditation and can determine that the system's risks are not at an
acceptable level and the system is not ready to be operational.
Answer option A is incorrect. Asynchronous Transfer Mode (ATM) is a standardized digital data
transmission technology. Asynchronous Transfer Mode is a cell-based switching technique that uses
asynchronous time division multiplexing. It encodes data into small fixed-sized cells (cell relay) and
provides data link layer services that run over OSI Layer 1 physical links. This differs from other
technologies based on packet-switched networks (such as the Internet Protocol or Ethernet), in
which variable sized packets (known as frames when referencing Layer 2) are used. ATM exposes
properties from both circuit switched and small packet switched networking, making it suitable for
wide area data networking as well as real-time media transport. ATM uses a connection-oriented
model and establishes a virtual circuit between two endpoints before the actual data exchange
begins. It provides medium to high bandwidth and low latency and jitter.
Answer option C is incorrect. A Chief Risk Officer (CRO) is also known as Chief Risk Management
Officer (CRMO). The Chief Risk Officer or Chief Risk Management Officer of a corporation is the
executive accountable for enabling the efficient and effective governance of significant risks, and
related opportunities, to a business and its various segments. Risks are commonly categorized as
strategic, reputational, operational, financial, or compliance-related. CRO's are accountable to the
Executive Committee and The Board for enabling the business to balance risk and reward. In more
complex organizations, they are generally responsible for coordinating the organization's Enterprise
Risk Management (ERM) approach.
Reliable Source Of Preparation For Information Systems Security Engineering Professional Exam.
We provide Certified Information Systems Security Professional certification questions along with answers to assist students in passing the ISC2 Exam. You can enhance your ISC2 ISSEP preparation with the help of an online practice engine. Try out our ISC2 ISSEP questions because 98% of Examskit users passed the final ISSEP exam in one go.