CISSP-ISSAP Exam Details

  • Exam Code
    :CISSP-ISSAP
  • Exam Name
    :ISSAP - Information Systems Security Architecture Professional (ISSAP)
  • Certification
    :ISC Certifications
  • Vendor
    :ISC
  • Total Questions
    :237 Q&As
  • Last Updated
    :Jul 14, 2026

ISC CISSP-ISSAP Online Questions & Answers

  • Question 31:

    You are responsible for security at a hospital. Since many computers are accessed by multiple employees 24 hours a day, 7 days a week, controlling physical access to computers is very difficult. This is compounded by a high number of non employees moving through the building. You are concerned about unauthorized access to patient records. What would best solve this problem?

    A. The use of CHAP.
    B. Time of day restrictions.
    C. The use of smart cards.
    D. Video surveillance of all computers.

  • Question 32:

    An organization wants to allow a certificate authority to gain access to the encrypted data and create digital signatures on behalf of the user. The data is encrypted using the public key from a user's certificate. Which of the following processes fulfills the above requirements?

    A. Key escrow
    B. Key storage
    C. Key revocation
    D. Key recovery

  • Question 33:

    Which of the following uses a Key Distribution Center (KDC) to authenticate a principle?

    A. CHAP
    B. PAP
    C. Kerberos
    D. TACACS

  • Question 34:

    Fill in the blank with the appropriate phrase. The is a simple document that provides a high-level view of the entire organization's disaster recovery efforts.

  • Question 35:

    You have decided to implement video surveillance in your company in order to enhance network security. Which of the following locations must have a camera in order to provide the minimum level of security for the network resources? Each correct answer represents a complete solution. Choose two.

    A. Parking lot
    B. All hallways
    C. Server Rooms
    D. All offices
    E. All entrance doors

  • Question 36:

    Which of the following is a correct sequence of different layers of Open System Interconnection (OSI) model?

    A. Physical layer, data link layer, network layer, transport layer, presentation layer, session layer, and application layer
    B. Physical layer, network layer, transport layer, data link layer, session layer, presentation layer, and application layer
    C. application layer, presentation layer, network layer, transport layer, session layer, data link layer, and physical layer
    D. Physical layer, data link layer, network layer, transport layer, session layer, presentation layer, and application layer

  • Question 37:

    Which of the following cryptographic system services ensures that information will not be disclosed to any unauthorized person on a local network?

    A. Authentication
    B. Non-repudiation
    C. Integrity
    D. Confidentiality

  • Question 38:

    Your company is covered under a liability insurance policy, which provides various liability coverage for information security risks, including any physical damage of assets, hacking attacks, etc. Which of the following risk management techniques is your company using?

    A. Risk acceptance
    B. Risk avoidance
    C. Risk transfer
    D. Risk mitigation

  • Question 39:

    You work as a Chief Security Officer for Tech Perfect Inc. The company has a TCP/IP based network. You want to use a firewall that can track the state of active connections of the network and then determine which network packets are allowed to enter through the firewall. Which of the following firewalls has this feature?

    A. Stateful packet inspection firewall
    B. Proxy-based firewall
    C. Dynamic packet-filtering firewall
    D. Application gateway firewall

  • Question 40:

    You work as an administrator for Techraft Inc. Employees of your company create 'products', which are supposed to be given different levels of access. You need to configure a security policy in such a way that an employee (producer of the product) grants accessing privileges (such as read, write, or alter) for his product. Which of the following access control models will you use to accomplish this task?

    A. Discretionary access control (DAC)
    B. Role-based access control (RBAC)
    C. Mandatory access control (MAC)
    D. Access control list (ACL)

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only ISC exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your CISSP-ISSAP exam preparations and ISC certification application, do not hesitate to visit our Vcedump.com to find your solutions here.