CISSP CBK Review Seminar -- Domain 5

Question 1

11. What physical characteristics does a retinal scan biometric device measure?

(A) The amount of light reaching the retina
(B) The amount of light reflected by the retina
(C) The size, curvature, and shape of the retina
(D) The pattern of blood vessels on the retina

Answer 1

(D) The pattern of blood vessels on the retina

Question 2

15. ABZ Organization is constructing a new secure facility and has elected to install a two- tier access control system, which will consist of proximity badges and biometric devices. The system security professional is tasked with acquiring the access control systems. The only requirements are to keep cost as low as possible and minimize system down time.

While evaluating the effectiveness of several new devices, the security professional should expect that a biometric device becomes more sensitive when

(A) both the False Acceptance Rate (FAR) and False Rejection Rate (FRR) increase.
(B) the FAR increases while the FRR decreases.
(C) the FAR decreases while the FRR increases.
(D) both the FAR and FRR decrease.

Answer 2

(C) the FAR decreases while the FRR increases.

Question 3

16. ABZ Organization is constructing a new secure facility and has elected to install a two- tier access control system, which will consist of proximity badges and biometric devices. The system security professional is tasked with acquiring the access control systems. The only requirements are to keep cost as low as possible and minimize system down time.

The point where the False Acceptance Rate (FAR) and False Rejection Rate (FRR) is balanced is known as the

(A) Crossover Error Rate (CER).
(B) Crossover Acceptance Rate (CAR).
(C) Equal Crossover Rate (EQR).
(D) Equal Acceptance Rate (EAR).

Answer 3

(A) Crossover Error Rate (CER).

Question 4

While evaluating the effectiveness of several new devices, the security professional should expect that a biometric device has more error rates when

(A) both the False Acceptance Rate (FAR) and False Rejection Rate (FRR) increase.
(B) the FAR increases while the FRR decreases.
(C) the FAR decreases while the FRR increases.
(D) both the FAR and FRR decrease.

Answer 4

(B) the FAR increases while the FRR decreases.

Question 5

22. What is one advantage of content-dependent access control of information?

(A) It prevents data locking.
(B) It limits the user’s individual address space.
(C) It provides highly granular control.
(D) It confines access to authorized users of the system.

Answer 5

(C) It provides highly granular control.

Question 6

23. What is the GREATEST vulnerability of relying solely on proximity cards for access to a secure facility?

(A) A lost or stolen card may allow an unauthorized person to gain access.
(B) A proximity card is too easy to duplicate or forge.
(C) A proximity card does not record time of departure.
(D) An electrical power failure may deny access to all users.

Answer 6

(A) A lost or stolen card may allow an unauthorized person to gain access.

Question 7

48. What determines the correct classification of data in a Mandatory Access Control (MAC) environment?

(A) The analysis of the users in conjunction with the audit department
(B) The assessment by the information security department
(C) The user’s evaluation of a particular information element
(D) The requirements of the organization’s published security policy

Answer 7

(D) The requirements of the organization’s published security policy

Question 8

77. What is one disadvantage of content-dependent access control of information?

(A) It increases processing overhead.
(B) It requires additional password entry.
(C) It exposes the system to data locking.
(D) It limits the user’s individual address space.

Answer 8

(A) It increases processing overhead.

Question 9

114. What is a PRIMARY reason for designing the security kernel to be as small as possible?

(A) The operating system cannot be easily penetrated by users.
(B) Changes to the kernel are not required as frequently.
(C) Due to its compactness, the kernel is easier to formally verify.
(D) System performance and execution are enhanced as the kernel is faster

Answer 9

(C) Due to its compactness, the kernel is easier to formally verify.

Question 10

115. What should be the size of a Trusted Computer Base?

(A) Small - in order to permit it to be implemented in all critical system components without using excessive resources
(B) Small - in order to facilitate the detailed analysis necessary to prove that it meets design requirements
(C) Large - in order to accommodate the implementation of future updates without incurring the time and expense of recertification
(D) Large - in order to enable it to protect the potentially large number of resources in a typical commercial system environment

Answer 10

(B) Small - in order to facilitate the detailed analysis necessary to prove that it meets design requirements

Question 11

116. Which one of the following refers to a series of characters used to verify a user’s identity?

(A) Token serial number
(B) UserID
(C) Password
(D) Security ticket

Answer 11

(C) Password

Question 12

120. Which one of the following can be used to increase the authentication strength of an access control system?

(A) Multi-party
(B) Two factor
(C) Mandatory
(D) Discretionary

Answer 12

(B) Two factor