ISSAP ISC ISSAP Information Systems Security Architecture Professional Free Practice Exam Questions (2025 Updated)

In which of the following access control models can a user not grant permissions to other users to see a copy of an object marked as secret that he has received, unless they have the appropriate permissions?

The network you administer allows owners of objects to manage the access to those objects via access control lists. This is an example of what type of access control?

A digital signature is a type of public key cryptography. Which of the following statements are true about digital signatures? Each correct answer represents a complete solution. Choose all that apply.

Which of the following refers to a location away from the computer center where document copies and backup media are kept?

You work as a Network Administrator for NetTech Inc. The company wants to encrypt its e-mails. Which of the following will you use to accomplish this?

Which of the following devices is a least expensive power protection device for filtering the electrical stream to control power surges, noise, power sags, and power spikes?

A network is configured on a Bus topology. Which of the following conditions could cause a network failure? Each correct answer represents a complete solution. Choose all that apply.

You are the Security Consultant advising a company on security methods. This is a highly secure location that deals with sensitive national defense related data. They are very concerned about physical security as they had a breach last month. In that breach an individual had simply grabbed a laptop and ran out of the building. Which one of the following would have been most effective in preventing this?

Which of the following elements of planning gap measures the gap between the total potential for the market and the actual current usage by all the consumers in the market?

You want to implement a network topology that provides the best balance for regional topologies in terms of the number of virtual circuits, redundancy, and performance while establishing a WAN network. Which of the following network topologies will you use to accomplish the task?

Which of the following disaster recovery tests includes the operations that shut down at the primary site, and are shifted to the recovery site according to the disaster recovery plan?

Which of the following is the duration of time and a service level within which a business process must be restored after a disaster in order to avoid unacceptable consequences associated with a break in business continuity?

Which of the following are the examples of technical controls? Each correct answer represents a complete solution. Choose three.

Adam works as a Security Analyst for Umbrella Inc. CEO of the company ordered him to implement two-factor authentication for the employees to access their networks. He has told him that he would like to use some type of hardware device in tandem with a security or identifying pin number. Adam decides to implement smart cards but they are not cost effective. Which of the following types of hardware devices will Adam use to implement two-factor authentication?

Which of the following types of attacks is often performed by looking surreptitiously at the keyboard or monitor of an employee's computer?

Which of the following uses public key cryptography to encrypt the contents of files?

At which of the following layers of the Open System Interconnection (OSI) model the Internet Control Message Protocol (ICMP) and the Internet Group Management Protocol (IGMP) work?

Which of the following cryptographic algorithm uses public key and private key to encrypt or decrypt data ?

You are calculating the Annualized Loss Expectancy (ALE) using the following formula: ALE=AV * EF * ARO What information does the AV (Asset Value) convey?