CISSP STUDY QUESTIONS Flashcards

Question

``` There are parallels between the trust models in Kerberos and Public Key Infrastructure (PKI). When we compare them side by side, Kerberos tickets correspond most closely to which of the following? A. public keys B. private keys C. public-key certificates D. private-key certificates ```

Answer 1

Answer: C Explanation: A Kerberos ticket is issued by a trusted third party. It is an encrypted data structure that includes the service encryption key. In that sense it is similar to a public-key certificate. However, the ticket is not the key.

Answer 2

Answer: A Explanation: Details: The Answer: Bell-LaPadula model The Bell-LAPadula model is also called a multilevel security system because users with different clearances use the system and the system processes data with different classifications. Developed by the US Military in the 1970s.

Answer 3

Answer: A Explanation: Secure European System for Applications in a Multi-vendor Environment (SESAME) was developed to address some of the weaknesses in Kerberos and uses public key cryptography for the distribution of secret keys and provides additional access control support.

Answer 4

Answer: B Explanation: Convenience -Using single sign-on users have to type their passwords only once when they first log in to access all the network resources; and Centralized Administration as some single sign-on systems are built around a unified server administration system. This allows a single administrator to add and delete accounts across the entire network from one user interface

Answer 5

Answer: A Explanation: In cryptography, a public key certificate (or identity certificate) is an electronic document which incorporates a digital signature to bind together a public key with an identity — information such as the name of a person or an organization, their address, and so forth. The certificate can be used to verify that a public key belongs to an individual. In a typical public key infrastructure (PKI) scheme, the signature will be of a certificate authority(CA). In a web of trust scheme, the signature is of either the user (a self-signed certificate) or other users ("endorsements"). In either case, the signatures on a certificate are attestations by the certificate signer that the identity information and the public key belong together.

Answer 6

Answer: B Explanation: Cost is a factor when considering Biometrics but it is not a security characteristic All the other answers are incorrect because they are security characteristics related to Biometrics. Data acquisition process can cause a security concern because if the process is not fast and efficient it can discourage individuals from using the process

Answer 7

Answer: B Explanation: Today implementation of fast, accurate reliable and user-acceptable biometric identification systems is already taking place. Unique physical attributes or behavior of a person are used for that purpose.

Answer 8

Answer: B Explanation: Today implementation of fast, accurate, reliable, and user-acceptable biometric identification systems are already under way. Because most identity authentication takes place when a people are fully clothed (neck to feet and wrists), the parts of the body conveniently available for this purpose are hands, face, and eyes

Answer 9

Answer: B Explanation: Controlling access to information systems and associated networks is necessary for the preservation of their confidentiality, integrity and availability.

Answer 10

Answer: A Explanation: Controlling access by a subject (an active entity such as individual or process) to an object (a passive entity such as a file) involves setting up access rules. These rules can be classified into three access control models: Mandatory, Discretionary, and Non-Discretionary. An access matrix is one of the means used to implement access control

Answer 11

Answer: C Explanation: Rule-based access control is a type of non-discretionary access control because this access is determined by rules and the subject does not decide what those rules will be, the rules are uniformly applied to ALL of the users or subjects. In general, all access control policies other than DAC are grouped in the category of nondiscretionary access control (NDAC). As the name implies, policies in this category have rules that are not established at the discretion of the user. Non-discretionary policies establish controls that cannot be changed by users, but only through administrative action.

Answer 12

Answer: A Explanation: An identity-based access control is a type of Discretionary Access Control (DAC) that is based on an individual's identity. DAC is good for low level security environment. The owner of the file decides who has access to the file.

Answer 13

Answer: C Explanation: Non Discretionary Access Control include Role Based Access Control (RBAC) and Rule Based Access Control (RBAC or RuBAC). RABC being a subset of NDAC, it was easy to eliminate RBAC as it was covered under NDAC already

Answer 14

Answer: A Explanation: organizational policies and procedures, pre-employment background checks, strict hiring practices, employment agreements, friendly and unfriendly employee termination procedures, vacation scheduling, labeling of sensitive materials, increased supervision, security awareness training, behavior awareness, and sign-up procedures to obtain access to information systems and networks

Answer 15

Answer: B Explanation: Preventive/Technical controls are also known as logical controls and can be built into the operating system, be software applications, or can be supplemental hardware/software units.

Answer 16

Answer: C Explanation: The Answer: Call back Systems; Callback systems provide access protection by calling back the number of a previously authorized location, but this control can be compromised by call forwarding.

Answer 17

Answer: A Explanation: Another method for controlling access is by restricting users to specific functions based on their role in the system. This is typically implemented by limiting available menus, data views, encryption, or by physically constraining the user interfaces

Answer 18

Answer: D Explanation: Additional detective/administrative controls are job rotation, the sharing of responsibilities, and reviews of audit records

Answer 19

Answer: B Explanation: The detective/technical control measures are intended to reveal the violations of security policy using technical means

Answer 20

Answer: C Explanation: Detective/physical controls usually require a human to evaluate the input from sensors or cameras to determine if a real threat exists

Answer 21

Answer: D Explanation: External consistency ensures that the data stored in the database is consistent with the real world.

Answer 22

Answer: C Explanation: A central authority determines what subjects can have access to certain objects based on the organizational security policy. The key focal point of this question is the 'central authority' that determines access rights

Answer 23

Answer: B Explanation: Identification is the act of a user professing an identity to a system, usually in the form of a log-on ID to the system. Identification is nothing more than claiming you are somebody. You identify yourself when you speak to someone on the phone that you don’t know, and they ask you who they’re speaking to. When you say, “I’m Jason.”, you’ve just identified yourself

Answer 24

Answer: D Explanation: Authentication is based on the following three factor types: Type 1 Something you know, such as a PIN or password Type 2 Something you have, such as an ATM card or smart card Type 3 Something you are (Unique physical characteristic), such as a fingerprint or retina scan

Answer 25

Answer: C Explanation: A central authority determines what subjects can have access to certain objects based on the organizational security policy. The key focal point of this question is the 'central authority' that determines access rights

Answer 26

Answer: B Explanation: Identification is the act of a user professing an identity to a system, usually in the form of a log-on ID to the system.

Answer 27

Answer: A Explanation: Two-Factor Authentication refers to the act of requiring two of the three factors to be used in the authentication process

Answer 28

Answer: A Explanation: "One-time password" provides maximum security because a new password is required for each new log-on.

Answer 29

Answer: A Explanation: A passphrase is a sequence of characters that is usually longer than the allotted number for a password

Answer 30

Answer: B Explanation: Tokens; Tokens in the form of credit card-size memory cards or smart cards, or those resembling small calculators, are used to supply static and dynamic passwords.

Answer 31

Answer: A Explanation: Tokens are electronic devices or cards that supply a user's password for them. A token system can be used to supply either a static or a dynamic password. There is a big difference between the static and dynamic systems, a static system will normally log a user in but a dynamic system the user will often have to log themselves in

Answer 32

Answer: B Explanation: Synchronous dynamic password tokens: The token generates a new password value at fixed time intervals (this password could be the time of day encrypted with a secret key). The unique password is entered into a system or workstation along with an owner's PIN. The authentication entity in a system or workstation knows an owner's secret key and PIN, and the entity verifies that the entered password is valid and that it was entered during the valid time window.

Answer 33

Answer: B Explanation: In biometrics, identification is a "one-to-many" search of an individual's characteristics from a database of stored images.

Answer 34

Answer: C Explanation: When used in physical control biometric Identification is performed by doing a one to many match. When you submit your biometric template a search is done through a database of templates until the matching one is found. At that point your identity is revealed and if you are a valid employee access is granted

Answer 35

Answer: A Explanation: The percentage of valid subjects that are falsely rejected is called the False Rejection Rate (FRR) or Type I Error

Answer 36

Answer: B Explanation: The percentage of invalid subjects that are falsely accepted is called the False Acceptance Rate (FAR) or Type II Error.

Answer 37

Answer: C Explanation: The percentage at which the False Rejection Rate equals the False Acceptance Rate is called the Crossover Error Rate (CER). Another name for the CER is the Equal Error Rate (EER), any of the two terms could be used.

Answer 38

Answer: B Explanation: Acceptability refers to considerations of privacy, invasiveness, and psychological and physical comfort when using the system

Answer 39

Answer: B Explanation: The advantages of SSO include having the ability to use stronger passwords, easier administration as far as changing or deleting the passwords, minimize the risks of orphan accounts, and requiring less time to access resources.

Answer 40

Answer: A Explanation: Single Sign-On is a distrubuted Access Control methodology where an individual only has to authenticate once and would have access to all primary and secondary network domains. The individual would not be required to re-authenticate when they needed additional resources. The security issue that this creates is if a fraudster is able to compromise those credential they too would have access to all the resources that account has access to. All the other answers are incorrect as they are distractors.

Answer 41

Answer: A Explanation: SSO can be implemented by using scripts that replay the users multiple log-ins against authentication servers to verify a user's identity and to permit access to system services. Single Sign on was the best answer in this case because it would include Kerberos. When you have two good answers within the 4 choices presented you must select the BEST one. The high level choice is always the best. When one choice would include the other one that would be the best as well.

Answer 42

Answer: B Explanation: Kerberos is a network authentication protocol. It is designed to provide strong authentication for client/server applications by using secret-key cryptography. It has the following characteristics: • It is secure: it never sends a password unless it is encrypted. • Only a single login is required per session. Credentials defined at login are then passed between resources without the need for additional logins. • The concept depends on a trusted third party – a Key Distribution Center (KDC). The KDC is aware of all systems in the network and is trusted by all of them. • It performs mutual authentication, where a client proves its identity to a server and a server proves its identity to the client

Answer 43

Answer: A Explanation:The server also checks the authenticator and, if that timestamp is valid, it provides the requested service to the client.

Answer 44

Answer: A Explanation: Kerberos addresses the confidentiality and integrity of information. It also addresses primarily authentication but does not directly address availability.

Answer 45

Answer: C Explanation: Replay can be accomplished on Kerberos if the compromised tickets are used within an allotted time window. The security depends on careful implementation:enforcing limited lifetimes for authentication credentials minimizes the threat of of replayed credentials, the KDC must be physically secured, and it should be hardened, not permitting any non-kerberos activities

Answer 46

Answer: B Explanation: Sesame is an authentication and access control protocol, that also supports communication confidentiality and integrity. It provides public key based authentication along with the Kerberos style authentication, that uses symmetric key cryptography. Sesame supports the Kerberos protocol and adds some security extensions like public key based authentication and an ECMAstyle Privilege Attribute Service

Answer 47

Answer: D Explanation: According to RFC 2865: A Network Access Server (NAS) operates as a client of RADIUS. The client is responsible for passing user information to designated RADIUS servers, and then acting on the response which is returned.

Answer 48

Answer: A Explanation: CHAP: A protocol that uses a three way hand shake The server sends the client a challenge which includes a random value(a nonce) to thwart replay attacks. The client responds with the MD5 hash of the nonce and the password.The authentication is successful if the client's response is the one that the server expected.

Answer 49

Answer: A Explanation: The rows of the table represent records or tuples and the columns of the table represent the attributes

Answer 50

Answer: D Explanation: 1 The formal description of how a relational database operates. 2 The mathematics which underpin SQL operations. A number of operations can be performed in relational algebra to build relations and operate on the data

Answer 51

Answer: A Explanation: The SQL Data Definition Language (DDL) is used to create, modify, and delete views and relations (tables). Data Definition Language. The Data Definition Language (DDL) is used to create and destroy databases and database objects. These commands will primarily be used by database administrators during the setup and removal phases of a database project. Let's take a look at the structure and usage of four basic

Answer 52

Answer: A Explanation: An Intrusion Detection System (IDS) is a system that is used to monitor network traffic or to monitor host audit logs in order to determine if any violations of an organization's system security policy have taken place

Answer 53

Answer: A Explanation: This type of IDS is called a network-based IDS because monitors network traffic in real time.

Answer 54

Answer: A Explanation: A host-based IDS is resident on a host and reviews the system and event logs in order to detect an attack on the host and to determine if the attack was successful. All critical serves should have a Host Based Intrusion Detection System (HIDS) installed. As you are well aware, network based IDS cannot make sense or detect pattern of attacks within encrypted traffic. A HIDS might be able to detect such attack after the traffic has been decrypted on the host. This is why critical servers should have both NIDS and HIDS

Answer 55

Answer: A Explanation: A network-based IDS usually provides reliable, real-time information without consuming network or host resources

Answer 56

Answer: A Explanation: Because a network-based IDS reviews packets and headers, denial of service attacks can also be detected

Answer 57

Answer: A Explanation: A host-based IDS can review the system and event logs in order to detect an attack on the host and to determine if the attack was successful

Answer 58

Answer: A Explanation: The biggest drawback of HIDS, and the reason many organizations resist its use, is that it can be very invasive to the host operating system. HIDS must have the capability to monitor all processes and activities on the host system and this can sometimes interfere with normal system processing.

Answer 59

Answer: A Explanation: An issue with signature-based ID is that only attack signatures that are stored in their database are detected. New attacks without a signature would not be reported. They do require constant updates in order to maintain their effectiveness.

Answer 60

Answer: A Explanation: Statistical Anomaly-Based ID - With this method, an IDS acquires data and defines a "normal" usage profile for the network or host that is being monitored.

Answer 61

Answer: A Explanation: The cost of access control must be commensurate with the value of the information that is being protected.

Answer 62

Answer: B Explanation: These factors cover the integrity, confidentiality, and availability components of information system security.

Answer 63

Answer: A Explanation: Banners at the log-on time should be used to notify external users of any monitoring that is being conducted. A good banner will give you a better legal stand and also makes it obvious the user was warned about who should access the system and if it is an unauthorized user then he is fully aware of trespassing.

Answer 64

Answer: B Explanation: The preventive/technical pairing uses technology to enforce access control policies

Answer 65

Answer: D Explanation: In this step, your main objective is to examine and analyze what has occurred and focus on determining the root cause of the incident

Answer 66

Answer: C Explanation: Access control is the collection of mechanisms that permits managers of a system to exercise a directing or restraining influence over the behavior, use, and content of a system. It permits management to specify what users can do, which resources they can access, and what operations they can perform on a system. Specifying HOW to restrain hackers is not directly linked to access control.

Answer 67

``` Answer: A Explanation: Access Control Techniques Discretionary Access Control Mandatory Access Control Lattice Based Access Control Rule-Based Access Control Role-Based Access Control ```

Answer 68

Answer: C Explanation: It is not a property of Bell LaPadula model. The other answers are incorrect because: A subject is not allowed to read up is a property of the 'simple security rule' of Bell LaPadula model

Answer 69

Answer: B Explanation: When the biometric system accepts impostors who should have been rejected , it is called a Type II error or False Acceptance Rate or False Accept Rate. Biometrics verifies an individual’s identity by analyzing a unique personal attribute or behavior, which is one of the most effective and accurate methods of verifying identification

Answer 70

Answer: C Explanation: In order to protect the confidentiality of the data

Answer 71

Answer: B Explanation: The only way to ensure accountability is if the subject is uniquely identified and authenticated. Identification alone does not provide proof the user is who they claim to be. After showing proper credentials, a user is authorized access to resources

Answer 72

Answer: C Explanation: As this is not a characteristic of Biometrics this is the rigth choice for this question. This is one of the three basic way authentication can be performed and it is not related to Biometrics. Example of something you know would be a password or PIN for example.

Answer 73

Answer: C Explanation: From most effective (lowest CER) to least effective (highest CER) are: Iris scan, fingerprint, voice verification, keystroke dynamics

Answer 74

Answer: B Explanation: Most of the time users usually choose passwords which can be guessed , hence passwords is the BEST answer out of the choices listed above.

Answer 75

Answer: B Explanation: Access control mechanisms should default to no access to provide the necessary level of security and ensure that no security holes go unnoticed. If access is not explicitly allowed, it should be implicitly denied.

Answer 76

Answer: D Explanation: There is no such component within kerberos environment. Kerberos uses only symmetric encryption and does not make use of any public key component

Answer 77

Answer: A Explanation: Data owners decide who has access to resources based only on the identity of the person accessing the resource

Answer 78

Answer: B Explanation: Access decisions are made based on the clearance of the subject and the sensitivity label of the object

Answer 79

Answer: C Explanation: RBAC is sometimes also called non-discretionary access control (NDAC) (as Ferraiolo says "to distinguish it from the policy-based specifics of MAC"). Another model that fits within the NDAC category is Rule-Based Access Control (RuBAC or RBAC). Most of the CISSP books use the same acronym for both models but NIST tend to use a lowercase "u" in between R and B to differentiate the two models

Answer 80

Answer: A Explanation: The underlying problem for a company with a lot of turnover is assuring that new employees are assigned the correct access permissions and that those permissions are removed when they leave the company

Answer 81

Answer: C Explanation: The use of a database view allows sensitive information to be hidden from unauthorized users. For example, the employee table might contain employee name, address, office extension and sensitive information such as social security number, etc. A view of the table could be constructed and assigned to the switchboard operator that only included the name and office extension.

Answer 82

Answer: B Explanation: "It [ACL] specifies a list of users [subjects] who are allowed access to each object"

Answer 83

Answer: B Explanation: Capability tables are used to track, manage and apply controls based on the object and rights, or capabilities of a subject. For example, a table identifies the object, specifies access rights allowed for a subject, and permits access based on the user's posession of a capability (or ticket) for the object. It is a row within the matrix. To put it another way, A capabiltiy table is different from an ACL because the subject is bound to the capability table, whereas the object is bound to the ACL.

Answer 84

Answer: C Explanation: The matrix lists the users, groups and roles down the left side and the resources and functions across the top. The cells of the matrix can either indicate that access is allowed or indicate the type of access

Answer 85

Answer: B Explanation: MAC provides high security by regulating access based on the clearance of individual users and sensitivity labels for each object. Clearance levels and sensitivity levels cannot be modified by individual users -- for example, user Joe (SECRET clearance) cannot reclassify the "Presidential Doughnut Recipe" from "SECRET" to "CONFIDENTIAL" so that his friend Jane (CONFIDENTIAL clearance) can read it. The administrator is ultimately responsible for configuring this protection in accordance with security policy and directives from the Data Owner.

Answer 86

Answer: D Explanation: The primary purpose of a honeypot is to study the attack methods of an attacker for the purposes of understanding their methods and improving defenses.

Answer 87

Answer: B Explanation: Knowlege of modem numbers is a poor access control method as an attacker can discover modem numbers by dialing all numbers in a range. Requiring user authentication before remote access is granted will help in avoiding unauthorized access over a modem line. "Monitoring and auditing for such activity" is incorrect. While monitoring and auditing can assist in detecting a wardialing attack, they do not defend against a successful wardialing attack

Answer 88

Answer: B Explanation: In the lattice model, users are assigned security clearences and the data is classified. Access decisions are made based on the clearence of the user and the classification of the object. Lattice-based access control is an essential ingredient of formal security models such as Bell-LaPadula, Biba, Chinese Wall, etc

Answer 89

Answer: A Explanation: The KDC (Kerberos Distribution Center) can be a single point of failure. Confidentiality is incorrect. Kerberos does ensure confidentiality, keeping communications private between systems over a network

Answer 90

Answer: B Explanation: Buffer Overflow attack takes advantage of improper parameter checking within the application. This is the classic form of buffer overflow and occurs because the programmer accepts whatever input the user supplies without checking to make sure that the length of the input is less than the size of the buffer in the program.

Answer 91

Answer: D Explanation: Bell–LaPadula Confidentiality Model10 The Bell–LaPadula model is perhaps the most well-known and significant security model, in addition to being one of the oldest models used in the creation of modern secure computing systems. Like the Trusted Computer System Evaluation Criteria (or TCSEC), it was inspired by early U.S. Department of Defense security policies and the need to prove that confidentiality could be maintained. In other words, its primary goal is to prevent disclosure as the model system moves from one state (one point in time) to another.

Answer 92

Answer: C Explanation: In the Clark-Wilson model, the subject no longer has direct access to objects but instead must access them through programs (well -formed transactions).

Answer 93

Answer: B Explanation: These controls can be used to investigate what happen after the fact. Your IDS may collect information on where the attack came from, what port was use, and other details that could be used in the investigation steps.

Answer 94

Answer: C Explanation: Logical or technical controls involve the restriction of access to systems and the protection of information. Smart cards and encryption are examples of these types of control.

Answer 95

Answer: D Explanation: Authentication is based on three factor types: type 1 is something you know, type 2 is something you have and type 3 is something you are. Biometrics are based on the Type 3 authentication mechanism.

Answer 96

Answer: A Explanation: The question was asking for a TRUE statement and the only correct statement is "Kerberos does not address availability". Kerberos addresses the confidentiality and integrity of information. It does not directly address availability.

Answer 97

Answer: A Explanation: A view is considered as a virtual table that is derived from other tables. It can be used to restrict access to certain information within the database, to hide attributes, and to implement content-dependent access restrictions. It does not implement referential integrity.

Answer 98

Answer: A Explanation: A weakness of the signature-based (or knowledge-based) intrusion detection approach is that only attack signatures that are stored in a database are detected. Network-based intrusion detection can either be signature-based or statistical anomaly-based (also called behavior-based).

Answer 99

Answer: D Explanation: Unauthorized access of restricted network services by the circumvention of security access controls is known as logon abuse. This type of abuse refers to users who may be internal to the network but access resources they would not normally be allowed

Answer 100

Answer: D Explanation: Something you know and a password fits within only one of the three ways authentication could be done. A password is an example of something you know, thereby something you know and a password does not constitute a two-factor authentication as both are in the same category of factors

Answer 101

Answer: D Explanation: The mandatory access control model is based on a security label system. Users are given a security clearance and data is classified. The classification is stored in the security labels of the resources. Classification labels specify the level of trust a user must have to access a certain file.

Answer 102

Answer: D Explanation: With mandatory access control (MAC), the authorization of a subject's access to an object is dependant upon labels, which indicate the subject's clearance. Identity-based access control is a type of discretionary access control. A role-based access control is a type of nondiscretionary access control.

Answer 103

Answer: A Explanation: When a biometric system rejects an authorized individual, it is called a Type I error. When a system accepts impostors who should be rejected (false positive), it is called a Type II error.

Answer 104

Answer: D Explanation: With mandatory access control (MAC), the authorization of a subject's access to an object is dependant upon labels, which indicate the subject's clearance, and classification of objects.

Answer 105

Answer: C Explanation: Kerberos is a trusted, credential-based, third-party authentication protocol that was developed at MIT and that uses symmetric (secret) key cryptography to authenticate clients to other entities on a network for access to services. It does not use X.509 certificates, which are used in public key cryptography

Answer 106

Answer: C Explanation: Kerberos is a trusted, credential-based, third-party authentication protocol that uses symmetric (secret) key cryptography to provide robust authentication to clients accessing services on a network. Because a client's password is used in the initiation of the Kerberos request for the service protocol, password guessing can be used to impersonate a client

Answer 107

Answer: A Explanation: In a lattice model, there are pairs of elements that have the least upper bound of values and greatest lower bound of values. In a Mandatory Access Control (MAC) model, users and data owners do not have as much freedom to determine who can access files.

Answer 108

Answer: A Explanation: An identity-based access control is an example of discretionary access control that is based on an individual's identity. Identity-based access control (IBAC) is access control based on the identity of the user (typically relayed as a characteristic of the process acting on behalf of that user) where access authorizations to specific objects are assigned based on user identity. Rule Based Access Control (RuBAC) and Role Based Access Control (RBAC) are examples of non-discretionary access controls.

Answer 109

Answer: C Explanation: The lattice is a mechanism use to implement Mandatory Access Control (MAC) Under Mandatory Access Control (MAC) you have: Mandatory Access Control Under-Non Discretionary Access Control (NDAC) you have: Rule-Based Access Control, Role-Based Access Control Under Discretionary Access Control (DAC) you have: Discretionary Access Control

Answer 110

Answer: A Explanation: The ss (simple security) property of the Bell-LaPadula access control model states that reading of information by a subject at a lower sensitivity level from an object at a higher sensitivity level is not permitted (no read up).

Answer 111

Answer: C Explanation: The *- (star) property of the Bell-LaPadula access control model states that writing of information by a subject at a higher level of sensitivity to an object at a lower level of sensitivity is not permitted (no write down).

Answer 112

Answer: D Explanation: The *- (star) integrity axiom of the Biba access control model states that an object at one level of integrity is not permitted to modify an object of a higher level of integrity (no write up)

Answer 113

Answer: D Explanation: The Biba security model addresses the integrity of data being threatened when subjects at lower security levels are able to write to objects at higher security levels and when subjects can read data at lower levels.

Answer 114

Answer: C Explanation: The Clark-Wilson model uses separation of duties, which divides an operation into different parts and requires different users to perform each part. This prevents authorized users from making unauthorized modifications to data, thereby protecting its integrity.

Answer 115

Answer: C Explanation: Preventive controls are concerned with avoiding occurrences of risks while deterrent controls are concerned with discouraging violations. Detecting controls identify occurrences and compensating controls are alternative controls, used to compensate weaknesses in other controls. Supervision is an example of compensating control.

Answer 116

Answer: B Explanation: Corrective controls are concerned with remedying circumstances and restoring controls. Detective controls are concerned with investigating what happen after the fact such as logs and video surveillance tapes for example. Compensating controls are alternative controls, used to compensate weaknesses in other controls. Preventive controls are concerned with avoiding occurrences of risks.

Answer 117

Answer: A Explanation: The iris pattern is considered lifelong. Unique features of the iris are: freckles, rings, rifts, pits, striations, fibers, filaments, furrows, vasculature and coronas. Voice, signature and retina patterns are more likely to change over time, thus are not as suitable for authentication over a long period of time without needing re-enrollment

Answer 118

Answer: D Explanation: Accountability can actually be seen in two different ways: 1) Although audit trails are also needed for accountability, no user can be accountable for their actions unless properly authenticated. 2) Accountability is another facet of access control. Individuals on a system are responsible for their actions. This accountability property enables system activities to be traced to the proper individuals. Accountability is supported by audit trails that record events on the system and network. Audit trails can be used for intrusion detection and for the reconstruction of past events. Monitoring individual activities, such as keystroke monitoring, should be accomplished in accordance with the company policy and appropriate laws. Banners at the log-on time should notify the user of any monitoring that is being conducted

Answer 119

Answer: C Explanation: Role-based access control (RBAC) gives the security officers the ability to specify and enforce enterprise-specific security policies in a way that maps naturally to an organization's structure. Each user is assigned one or more roles, and each role is assigned one or more privileges that are given to users in that role. An access control list (ACL) is a table that tells a system which access rights each user has to a particular system object. With discretionary access control, administration is decentralized and owners of resources control other users' access. Nonmandatory access control is not a defined access control technique.

Answer 120

Answer: A Explanation: The Bell-LaPadula model, mostly concerned with confidentiality, was proposed for enforcing access control in government and military applications. It supports mandatory access control by determining the access rights from the security levels associated with subjects and objects. It also supports discretionary access control by checking access rights from an access matrix. The Biba model, introduced in 1977, the Sutherland model, published in 1986, and the Brewer-Nash model, published in 1989, are concerned with integrity.

Answer 121

Answer: A Explanation: The Clark-Wilson model differs from other models that are subject- and object oriented by introducing a third access element programs resulting in what is called an access triple, which prevents unauthorized users from modifying data or programs. The Biba model uses objects and subjects and addresses integrity based on a hierarchical lattice of integrity levels. The non-interference model is related to the information flow model with restrictions on the information flow. The Sutherland model approaches integrity by focusing on the problem of inference.

Answer 122

Answer: D Explanation: Even thou all 4 terms are very close to each other, the best choice is Excessive Privileges which would include the other three choices presented.

Answer 123

Answer: B Explanation: Availability assures that a system's authorized users have timely and uninterrupted access to the information in the system. The additional access control objectives are reliability and utility. These and other related objectives flow from the organizational security policy. This policy is a high-level statement of management intent regarding the control of access to information and the personnel who are authorized to receive that information. Three things that must be considered for the planning and implementation of access control mechanisms are the threats to the system, the system's vulnerability to these threats, and the risk that the threat may materialize

Answer 124

Answer: C Explanation: Controls are implemented to mitigate risk and reduce the potential for loss. Preventive controls are put in place to inhibit harmful occurrences; detective controls are established to discover harmful occurrences; corrective controls are used to restore systems that are victims of harmful attacks. It is not feasible and possible to eliminate all risks and the potential for loss as risk/threats are constantly changing.

Answer 125

Answer: C Explanation: Logical or technical controls involve the restriction of access to systems and the protection of information. Examples of these types of controls are encryption, smart cards, access lists, and transmission protocols

Answer 126

Answer: A Explanation: Controls provide accountability for individuals who are accessing sensitive information. This accountability is accomplished through access control mechanisms that require identification and authentication and through the audit function. These controls must be in accordance with and accurately represent the organization's security policy. Assurance procedures ensure that the control mechanisms correctly implement the security policy for the entire life cycle of an information system

Answer 127

Answer: B Explanation: In Non-Discretionary Access Control, when Role Based Access Control is being used, a central authority determines what subjects can have access to certain objects based on the organizational security policy. The access controls may be based on the individual's role in the organization.

Answer 128

Answer: B Explanation: In an organization where there are frequent personnel changes, non-discretionary access control (also called Role Based Access Control) is useful because the access controls are based on the individual's role or title within the organization. You can easily configure a new employee acces by assigning the user to a role that has been predefine. The user will implicitly inherit the permissions of the role by being a member of that role. These access permissions defined within the role do not need to be changed whenever a new person takes over the role. Another type of non-discretionary access control model is the Rule Based Access Control (RBAC or RuBAC) where a global set of rule is uniformly applied to all subjects accessing the resources. A good example of RuBAC would be a firewall. This question is a sneaky one, one of the choice has only one added word to it which is often. Reading questions and their choices very carefully is a must for the real exam. Reading it twice if needed is recommended.

Answer 129

Answer: A Explanation: In this type of control, a lattice model is applied. To apply this concept to access control, the pair of elements is the subject and object, and the subject has to have an upper bound equal or higher than the object being accessed.

Answer 130

Answer: A Explanation: Detective/Technical measures include intrusion detection systems and automatically-generated violation reports from audit trail information. These reports can indicate variations from "normal" operation or detect known signatures of unauthorized access episodes. In order to limit the amount of audit information flagged and reported by automated violation analysis and reporting mechanisms, clipping levels can be set

Answer 131

Answer: B Explanation: Passwords can be compromised and must be protected. In the ideal case, a password should only be used once. The changing of passwords can also fall between these two extremes. Passwords can be required to change monthly, quarterly, or at other intervals, depending on the criticality of the information needing protection and the password's frequency of use. Obviously, the more times a password is used, the more chance there is of it being compromised.

Answer 132

Answer: A Explanation: Passwords can be compromised and must be protected. In the ideal case, a password should only be used once. The changing of passwords can also fall between these two extremes. Passwords can be required to change monthly, quarterly, or at other intervals, depending on the criticality of the information needing protection and the password's frequency of use. Obviously, the more times a password is used, the more chance there is of it being compromised. It is recommended to use a passphrase instead of a password. A passphrase is more resistant to attacks. The passphrase is converted into a virtual password by the system. Often time the passphrase will exceed the maximum length supported by the system and it must be trucated into a Virtual Password

Answer 133

Answer: A Explanation: equal error rate or crossover error rate (EER or CER): the rate at which both accept and reject errors are equal. The value of the EER can be easily obtained from the ROC curve. The EER is a quick way to compare the accuracy of devices with different ROC curves. In general, the device with the lowest EER is most accurate. In the context of Biometric Authentication almost all types of detection permit a system's sensitivity to be increased or decreased during an inspection process. If the system's sensitivity is increased, such as in an airport metal detector, the system becomes increasingly selective and has a higher False Reject Rate (FRR). Conversely, if the sensitivity is decreased, the False Acceptance Rate (FAR) will increase.Thus, to have a valid measure of the system performance, the CrossOver Error Rate (CER) is used.

Answer 134

Answer: C Explanation: The throughput rate is the rate at which individuals, once enrolled, can be processed and identified or authenticated by a biometric system. Acceptable throughput rates are in the range of 10 subjects per minute. Things that may impact the throughput rate for some types of biometric systems may include: A concern with retina scanning systems may be the exchange of body fluids on the eyepiece. Another concern would be the retinal pattern that could reveal changes in a person's health, such as diabetes or high blood pressure.

Answer 135

Answer: A Explanation: According to the cited reference, of the given options, the Retina scan has the lowest user acceptance level as it is needed for the user to get his eye close to a device and it is not user friendly and very intrusive.

Answer 136

Answer: C Explanation: The best passwords are those that are both easy to remember and hard to crack using a dictionary attack. The best way to create passwords that fulfil both criteria is to use two small unrelated words or phonemes, ideally with upper and lower case characters, a special character, and/or a number. Shouldn't be used: common names, DOB, spouse, phone numbers, words found in dictionaries or system defaults.

Answer 137

Answer: B Explanation: Tripwire is an integrity checking product, triggering alarms when important files (e.g. system or configuration files) are modified. This is a tool that is not likely to be used by hackers, other than for studying its workings in order to circumvent it. Other programs are password-cracking programs and are likely to be used by security administrators as well as by hackers. More info regarding Tripwire available on the Tripwire, Inc. Web Site

Answer 138

Answer: B Explanation: In an environmental error, the environment in which a system is installed somehow causes the system to be vulnerable. This may be due, for example, to an unexpected interaction between an application and the operating system or between two applications on the same host. A configuration error occurs when user controllable settings in a system are set such that the system is vulnerable. In an access validation error, the system is vulnerable because the access control mechanism is faulty. In an exceptional condition handling error, the system somehow becomes vulnerable due to an exceptional condition that has arisen.

Answer 139

Answer: A Explanation: A network-based vulnerability assessment tool/system either re-enacts system attacks, noting and recording responses to the attacks, or probes different targets to infer weaknesses from their responses.

Answer 140

Answer: D Explanation: Unfortunately, anomaly detectors and the Intrusion Detection Systems (IDS) based on them often produce a large number of false alarms, as normal patterns of user and system behavior can vary wildly. Being only able to identify correctly attacks they already know about is a characteristic of misuse detection (signature-based) IDSs. Application-based IDSs are a special subset of host-based IDSs that analyze the events transpiring within a software application. They are more vulnerable to attacks than host-based IDSs. Not being able to identify abnormal behavior would not cause false positives, since they are not identified.

Answer 141

Answer: C Explanation: Users tend to choose easier to remember passwords. System-generated passwords can provide stronger, harder to guess passwords. Since they are based on rules provided by the administrator, they can include combinations of uppercase/lowercase letters, numbers and special characters, making them less vulnerable to brute force and dictionary attacks. One danger is that they are also harder to remember for users, who will tend to write them down, making them more vulnerable to anyone having access to the user's desk. Another danger with system-generated passwords is that if the password-generating algorithm gets to be known, the entire system is in jeopardy.

Answer 142

Answer: A Explanation: The last login message displays the last login date and time, allowing a user to discover if their account was used by someone else. Hence, this is rather a detective control.

Answer 143

Answer: C Explanation: Accuracy is the most critical characteristic of a biometric identifying verification system. Accuracy is measured in terms of false rejection rate (FRR, or type I errors) and false acceptance rate (FAR or type II errors). The Crossover Error Rate (CER) is the point at which the FRR equals the FAR and has become the most important measure of biometric system accuracy

Answer 144

Answer: B Explanation: When a biometric system is used for access control, the most important error is the false accept or false acceptance rate, or Type II error, where the system would accept an impostor.

Answer 145

Answer: D Explanation: The only way to be truly positive in authenticating identity for access is to base the authentication on the physical attributes of the persons themselves (i.e., biometric identification). Physical attributes cannot be shared, borrowed, or duplicated. They ensure that you do identify the person, however they are not perfect and they would have to be supplemented by another factor

Answer 146

Answer: B Explanation: A continuous authentication provides protection against impostors who can see, alter, and insert information passed between the claimant and verifier even after the claimant/verifier authentication is complete. This is the best protection against hijacking

Answer 147

Answer: D Explanation: An automated login function for remote users would imply a weak authentication, thus certainly not a security goal

Answer 148

Answer: D Explanation: Identification and authentication is a technical measure that prevents unauthorized people (or unauthorized processes) from entering an IT system. Access control usually requires that the system be able to identify and differentiate among users. Reporting incidents is more related to incident response capability (operational control) than to identification and authentication (technical control).

Answer 149

Answer: A Explanation: Systems accountability depends on the ability to ensure that senders cannot deny sending information and that receivers cannot deny receiving it. Because the mechanisms implemented in non-repudiation prevent the ability to successfully repudiate an action, it can be considered as a preventive control.

Answer 150

Answer: B Explanation: Cognitive passwords are fact or opinion-based information used to verify an individual's identity. Passwords that can be used only once are one-time or dynamic passwords. Password generators that use a challenge response scheme refer to token devices. A passphrase is a sequence of characters that is longer than a password and is transformed into a virtual password

Answer 151

Answer: C Explanation: The Key Distribution Center (KDC) holds all users' and services' cryptographic keys. It provides authentication services, as well as key distribution functionality. The Authentication Service is the part of the KDC that authenticates a principal. The Key Distribution Service and Key Granting Service are distracters and are not defined Kerberos components

Answer 152

Answer: A Explanation: The most likely source of exposure is from the uninformed, accidental or unknowing person, although the greatest impact may be from those with malicious or fraudulent intent

Answer 153

Answer: C Explanation: The Crossover Error Rate (CER) is the point where false rejection rate (type I error) equals the false acceptance rate (type II error). The lower the CER, the better the accuracy of thedevice. At the time if this writing, response times and accuracy of some devices are: System type Response time Accuracy (CER

Answer 154

``` Answer: B Explanation: Radius, TACACS and DIAMETER are classified as authentication, authorization, and accounting (AAA) servers ```

Answer 155

Answer: C Explanation: The original TACACS, developed in the early ARPANet days, had very limited functionality and used the UDP transport. In the early 1990s, the protocol was extended to include additional functionality and the transport changed to TCP

Answer 156

Answer: B Explanation: Containing the dial-up problem is conceptually easy: by installing the Remote Access Server outside the firewall and forcing legitimate users to authenticate to the firewall, any access to internal resources through the RAS can be filtered as would any other connection coming from the Internet

Answer 157

Answer: C Explanation: The Bell-LaPadula model focuses on data confidentiality and access to classified information, in contrast to the Biba Integrity Model which describes rules for the protection of data integrity

Answer 158

Answer: C Explanation: An inside attack is an attack initiated by an entity inside the security perimeter, an entity that is authorized to access system resources but uses them in a way not approved by those who granted the authorization whereas an outside attack is initiated from outside the perimeter, by an unauthorized or illegitimate user of the system. An active attack attempts to alter system resources to affect their operation and a passive attack attempts to learn or make use of the information from the system but does not affect system resources.

Answer 159

Answer: A Explanation: RFC 2828 (Internet Security Glossary) defines the Extensible Authentication Protocol as a framework that supports multiple, optional authentication mechanisms for PPP, including cleartext passwords, challenge-response, and arbitrary dialog sequences. It is intended for use primarily by a host or router that connects to a PPP network server via switched circuits or dial-up lines. The Remote Authentication Dial-In User Service (RADIUS) is defined as an Internet protocol for carrying dial-in user's authentication information and configuration information between a shared, centralized authentication server and a network access server that needs to authenticate the users of its network access ports

Answer 160

Answer: B Explanation: Once an identity is established it must be authenticated. There exist numerous technologies and implementation of authentication methods however they almost all fall under three major areas.

Answer 161

Answer: C Explanation: A mechanism where users can authenticate themselves once, and then a central repository of their credentials is used to launch various legacy applications.

Answer 162

Answer: D Explanation: Any identity management system used in an environment where there are tens of thousands of users must be able to scale to support the volumes of data and peak transaction rates

Answer 163

Answer: C Explanation: Principles P1 and P2 authenticate to the Key Distribution Center (KDC), principle P1 receives a Ticket Granting Ticket (TGT), and principle P2 requests a service ticket from the KDC.

Answer 164

Answer: A Explanation: A vulnerability is mostly a weakness, it could be a weakness in a piece of sotware, it could be a weakness in your physical security, it could take many forms. It is a weakness that could be exploited by a Threat. For example an open firewall port, a password that is never changed, or a flammable carpet. A missing Control is also considered to be a Vulnerability

Answer 165

Answer: B Explanation: The following answers are incorrect: An intentional hidden message or feature in an object such as a piece of software or a movie. This is the definition of an "Easter Egg" which is code within code. A good example of this was a small flight simulator that was hidden within Microsoft Excel. If you know which cell to go to on your spreadsheet and the special code to type in that cell, you were able to run the flight simulator. An anomalous condition where a process attempts to store data beyond the boundaries of a fixedlength buffer

Answer 166

Answer: C Explanation: This is a contactless smart card that has two chips with the capability of utilizing both contact and contactless formats

Answer 167

Answer: A Explanation: Explanation : Emanation attacks are the act of intercepting electrical signals that radiate from computing equipment. There are several countermeasures including shielding cabling, white noise, control zones, and TEMPEST equipment (this is a Faraday cage around the equipment)

Answer 168

Answer: B Explanation: Something you know and something you have is two authentication factors and is better than a single authentication factor. Strong Authentication or Two Factor Authentication is widely accepted as the best practice for authentication.

Answer 169

Answer: B Explanation: Business impact analysis is not about technology; it is about supporting the mission of the organization.

Answer 170

Answer: A Explanation: The other answers are incorrect

Answer 171

Answer: A Explanation: The SSH protocol provides an encrypted terminal session to the remote firewalls. By encrypting the data, it prevents sniffing attacks using a protocol analyzer also called a sniffer. With more and more computers installed in networked environments, it often becomes necessary to access hosts from a remote location. This normally means that a user sends login and password strings for authentication purposes. As long as these strings are transmitted as plain text, they could be intercepted and misused to gain access to that user account without the authorized user even knowing about it.

Answer 172

Answer: C Explanation: Simple Network Management Protocol (SNMP) is an Internet-standard protocol for managing devices on IP networks. Devices that typically support SNMP include routers, switches, servers, workstations, printers, modem racks, and more. It is used mostly in network management systems to monitor network-attached devices for conditions that warrant administrative attention. SNMP is a component of the Internet Protocol Suite as defined by the Internet Engineering Task Force (IETF).

Answer 173

Answer: A Explanation: Securing the data manipulated by computing systems has been a challenge in the past years. Several methods to limit the information disclosure exist today, such as access control lists, firewalls, and cryptography. However, although these methods do impose limits on the information that is released by a system, they provide no guarantees about information propagation. For example, access control lists of file systems prevent unauthorized file access, but they do not control how the data is used afterwards. Similarly, cryptography provides a means to exchange information privately across a non-secure channel, but no guarantees about the confidentiality of the data are given once it is decrypted

Answer 174

Answer: B Explanation: This question refers specificly to the LAND Attack. This question is testing your ability to recognize common attacks such as the Land Attack and also your understanding of what would be an acceptable action taken by your Intrusion Detection System

Answer 175

Answer: D Explanation: SQL injection is execution of unexpected SQL in the database as a result of unsanitized user input being accepted and used in the application code to form the SQL statement.It is a coding problem which affects inhouse, open source and commercial software

Answer 176

Answer: B Explanation: Pivoting refers to method used by penetration testers that uses compromised system to attack other systems on the same network to avoid restrictions such as firewall configurations, which may prohibit direct access to all machines. For example, an attacker compromises a web server on a corporate network, the attacker can then use the compromised web server to attack other systems on the network. These types of attacks are often called multilayered attacks. Pivoting is also known as island hopping.

Answer 177

Answer: A Explanation: A zero-day (or zero-hour, or O day, or day zero) attack or threat is a computer threat that tries to exploit computer application vulnerabilities that are unknown to others or the software developer. Zero-day exploits (actual software that uses a security hole to carry out an attack) are used or shared by attackers before the developer of the target software knows about the vulnerability.

Answer 178

Answer: A Explanation: Authenticity refers to the characteristic of a communication, document or any data that ensures the quality of being genuine or not corrupted from the original

Answer 179

Answer: D Explanation: This is a tricky question, the keyword in the question is Internal users. There are two possible answers based on how the question is presented, this question could either apply to internal users or ANY anonymous/external users. Internal users should always have a written agreement first, then logon banners serve as a constant reminder

Answer 180

Answer: A Explanation: Archive bit 1 = On (the archive bit is set). Archive bit 0 = Off (the archive bit is NOT set). When the archive bit is set to ON, it indicates a file that has changed and needs to be backed up. Differential backups backup all files changed since the last full. To do this, they don't change the archive bit value when they backup a file. Instead the differential let's the full backup make that change. An incremental only backs up data since the last incremental backup. Thus is does change the archive bit from 1 (On) to 0 (Off).

Answer 181

Answer: A Explanation: The data link layer, or Layer 2, of the OSI model is responsible for adding a header and a trailer to a packet to prepare the packet for the local area network or wide area network technology binary format for proper line transmission. Layer 2 is divided into two functional sublayers

Answer 182

Answer: B Explanation: User provisioning refers to the creation, maintenance, and deactivation of user objects and attributes as they exist in one or more systems, directories, or applications, in response to business processes

Answer 183

Answer: A Explanation: In general there are three ways a pen tester can test a target system. - White-Box: The tester has full access and is testing from inside the system. - Gray-Box: The tester has some knowledge of the system he's testing. - Black-Box: The tester has no knowledge of the system. Each of these forms of testing has different benefits and can test different aspects of the system from different approaches

Answer 184

Answer: A Explanation: DAC - Discretionary Access Control is where the user controls access to the data they create or manage.

Answer 185

Answer: A Explanation: RBAC - Role-Based Access Control permissions would fit best for a backup job for the employee because the permissions correlate tightly with permissions granted to a backup operator

Answer 186

Answer: A Explanation: There are seven access control categories. Below you have the Access Control Types and Categories. - Access Control Types: - Administrative - Policies, data classification and labeling and security awareness training - Technical - Hardare - MAC FIltering or perimeter devices like: - Software controls like account logons and encryption, file perms

Answer 187

Question 228

Answer 188

B. Authenticity, Chain of Custody, Integrity, Minimalization, Reproducibility

Answer 189

B. System, data, administration, design

Answer 190

(B) Length of the passwords

Answer 191

(B) versioning

Answer 192

(B) a security policy.

Answer 193

(B) documented policies and procedures.

Answer 194

(B) Triggers

Answer 195

(B) disassembly.

Answer 196

(B) Contact your anti-virus vendor

Answer 197

(B) Compliance automation, efficiency of data protection management, facilitation of access control

Answer 198

(B) The properties of the file system

Answer 199

(B) signatures and anomalies

Answer 200

(B) Limit the number of interviewees in each session to three or less

Answer 201

(B) It provides criteria to evaluate trust in IT products.

Answer 202

Answer: D Explanation: The optical unit of the iris pattern biometric system must be positioned so that the sun does not shine into the aperture

Answer 203

Answer: B Explanation: A sensitivity label is required for every subject and object when using the Mandatory Access Control (MAC) model. The sensitivity label is made up of a classification and different categories

Answer 204

Answer: C Explanation: Kerberos makes use of symmetric key cryptography and offers end-to-end security. The majority Kerberos implementations works with shared secret keys.

Answer 205

Answer: A Explanation: Accountability is the ability to identify users and to be able to track user actions. Through the use of audit logs and other tools the user actions are recorded and can be used at a later date to verify what actions were performed

Answer 206

Answer: B Explanation: Kerberos is a third-party authentication service that can be used to support SSO. Kerberos (or Cerberus) was the name of the three-headed dog that guarded the entrance to Hades in Greek mythology

Answer 207

Answer: B Explanation: Kerberos makes use of symmetric key cryptography and offers end-to-end security. The majority Kerberos implementations works with shared secret keys.

Answer 208

Answer: A Explanation: Personal Identification Number (PIN) is a numeric password shared between a user and a system, which can be used to authenticate the user to the system.

Answer 209

Answer: B Explanation: Accountability would not include policies & procedures because while important on an effective security program they cannot be used in determining accountability (References: A: Accountability would include unique identifiers so that you can identify the individual. C: Accountability would include access rules to define access violations. D: Accountability would include audit trails to be able to trace violations or attempted violations.)

Answer 210

Answer: A Explanation: Changing the system time would cause logged events to have the wrong time. An operator could commit fraud and cover his tracks by changing the system time to make it appear as the events happened at a different time. Ensuring that operators are not permitted modify the system time (another person would be required to modify the system time) is an example of separation of duties. The objective of separation of duties is to ensure that one person acting alone cannot compromise the company’s security in any way. High-risk activities should be broken up into different parts and distributed to different individuals or departments. That way, the company does not need to put a dangerously high level of trust in certain individuals. For fraud to take place, collusion would need to be committed, meaning more than one person would have to be involved in the fraudulent activity Job rotation in the workplace is a system where employees work at several jobs in a business, performing each job for a relatively short period of time.

Answer 211

Answer: D Explanation: Role-based access control is a model where access to resources is determined by job role rather than by user account. In this question, a bank teller is a job role. Therefore, an access control policy for a bank teller is a role-based policy. Within an organization, roles are created for various job functions. The permissions to perform certain operations are assigned to specific roles. Members or staff (or other system users) are assigned particular roles, and through those role assignments acquire the computer permissions to perform particular computer-system functions. Since users are not assigned permissions directly, but only acquire them through their role (or roles), management of individual user rights