CISSP Questions and Answers 04

QUESTION 301:
What is the PRIMARY advantage of using a separate authentication server (e.g., Remote Access Dial-In
User System, Terminal Access Controller Access Control System) to authenticate dial-in users?
A. Single user logons are easier to manage and audit.
B. Each session has a unique (one-time) password assigned to it.
C. Audit and access information are not kept on the access server.
D. Call-back is very difficult to defeat.
Answer: C
Explanation:
TACACS integrates the authentication and authorization processes. XTACACS keeps the authentication,
authorization and accounting processes separate. TACACS+ improves XTACACS by adding two-factor
authentication. – Ed Tittle CISSP Study Guide (sybex) pg 745
QUESTION 302:
Within the Open Systems Interconnection (OSI) Reference Model, authentication addresses the need for a
network entity to verify both
A. The identity of a remote communicating entity and the authenticity of the source of the data that are
received.
B. The authenticity of a remote communicating entity and the path through which communications are received.
C. The location of a remote communicating entity and the path through which communications are received.
D. The identity of a remote communicating entity and the level of security of the path through which data are
received.
Answer: A
Explanation:
OSI model needs to know the source of the data and that it is who it says it is. Path it the data take is not cared
about
unless source routing is used. The level of security is not cared about inherently by the receiving node (in
general)
unless configured. A is the best option in this question.
QUESTION 303:
Which of the following is the most reliable authentication device?
A. Variable callback system
B. Smart card system
C. fixed callback system
D. Combination of variable and fixed callback system
Answer: B
QUESTION 304:
Which of the following are proprietarily implemented by CISCO?
A. RADIUS+
B. TACACS
C. XTACACS and TACACS+
D. RADIUS
Answer: C
Explanation:
Cisco implemented an enhanced version of TACACS, known as XTACACS (extended
TACACS),
which was also compatible with TACACS. It allowed for UDP and TCP encoding. XTACACS
contained several improvements: It provided accounting functionality to track length of
login and which hosts a user connected to, and it also separated the authentication,
authorization, and accounting processes such that they could be independently
implemented. None of the three functions are mandatory. XTACACS is described in RFC
1492.
TACACS+ is the latest Cisco implementation. It is best described as XTACACS with
improved attribute control (authorization) and accounting.
QUESTION 305:
What is a protocol used for carrying authentication, authorization, and configuration
information between a Network Access Server and a shared Authentication Server?
A. IPSec
B. RADIUS
C. L2TP
D. PPTP
Answer: B
Explanation:
RADIUS is a protocol for carrying authentication, authorization, and configuration
information between a Network Access Server, which desires to authenticate its links
and a shared Authentication Server. RADIUS is a standard published in RFC2138 as
mentioned above.
QUESTION 306:
RADIUS is defined by which RFC?
A. 2168
B. 2148
C. 2138
D. 2158
Answer: C
Explanation:
RADIUS is a protocol for carrying authentication, authorization, and configuration
information between a Network Access Server, which desires to authenticate its links
and a shared Authentication Server. RADIUS is a standard published in RFC2138 as
mentioned above.
QUESTION 307:
In a RADIUS architecture, which of the following acts as a client?
A. A network Access Server.
B. None of the choices.
C. The end user.
D. The authentication server.
Answer: A
Explanation:
A Network Access Server (NAS) operates as a client of RADIUS. The client is responsible
for passing user information to designated RADIUS servers, and then acting on the
response, which is returned.
QUESTION 308:
In a RADIUS architecture, which of the following can ac as a proxy client?
A. The end user.
B. A Network Access Server.
C. The RADIUS authentication server.
D. None of the choices.
Answer: C
Explanation:
A RADIUS server can act as a proxy client to other RADIUS servers or other kinds of
authentication servers.
QUESTION 309:
Which of the following statements pertaining to RADIUS is incorrect?
A. A RADIUS server can act as a proxy server, forwarding client requests to other
authentication domains.
B. Most of RADIUS clients have a capability to query secondary RADIUS servers for
redundancy
C. Most RADIUS servers have built-in database connectivity for billing and reporting purposes
D. Most RADIUS servers can work with DIAMETER servers.
Answer: D
QUESTION 310:
Which of the following is the weakest authentication mechanism?
A. Passphrases
B. Passwords
C. One-time passwords
D. Token devices
Answer: B
QUESTION 311:
What is the PRIMARY use of a password?
A. Allow access to files
B. Identify the user
C. Authenticate the user
D. Segregate various user’s accesses
Answer: C
QUESTION 312:
Software generated passwords have what drawbacks?
A. Passwords are not easy to remember.
B. Password are too secure.
C. None of the choices.
D. Passwords are unbreakable.
Answer: A
Explanation:
Passwords generated by a software package or some operating systems. These password
generators are good at producing unique and hard to guess passwords, however you must
ensure that they are not so hard that people can’t remember them. If you force your
users to write their passwords down then you are defeating the purpose of having strong
password management.
QUESTION 313:
What are the valid types of one time password generator?
A. All of the choices.
B. Transaction synchronous
C. Synchronous/PIN synchronous
D. Asynchronous/PIN asynchronous
Answer: A
Explanation:
One-time Passwords are changed after every use. Handheld password generator (tokens) 3
basic types: Synchronous/PIN synchronous, Transaction synchronous, Asynchronous/PIN
asynchronous.
QUESTION 314:
Which of the following will you consider as most secure?
A. Password
B. One time password
C. Login phrase
D. Login ID
Answer: B
Explanation:
Each time the user logs in, the token generates a unique password that is synchronized
with the network server. If anyone tries to reuse this dynamic password, access is
denied, the event is logged and the network remains secure.
QUESTION 315:
What type of password makes use of two totally unrelated words?
A. Login phrase
B. One time password
C. Composition
D. Login ID
Answer: C
Explanation:
Usage of two totally unrelated words or a series of unrelated characters, such as
pizza!wood for example. Such a password is easy to remember but very hard to guess. It
would require a cracker quite a bit of time to do a brute force attack on a password
that is that long and that uses an extended character as well.
QUESTION 316:
Which of the following is the correct account policy you should follow?
A. All of the choices.
B. All active accounts must have a password.
C. All active accounts must have a long and complex pass phrase.
D. All inactive accounts must have a password.
Answer: B
Explanation:
All active accounts must have a password. Unless you are using an application or
service designed to be accessed without the need of a proper ID and password. Such
service must however be monitored by other means (not a recommended practicE.)
QUESTION 317:
Which of the following are the advantages of using passphrase?
A. Difficult to crack using brute force.
B. Offers numerous characters.
C. Easier to remember.
D. All of the choices.
Answer: D
Explanation:
The use of passphrases is a good way of having very strong passwords. A passphrase is
easier to remember, it offers numerous characters, and it is almost impossible to crack
using brute force with today’s processing power. An example of a passphrase could be:
“Once upon a time in the CISSP world”
QUESTION 318:
Which of the following are the correct guidelines of password deployment?
A. Passwords must be masked.
B. All of the choices.
C. Password must have a minimum of 8 characters.
D. Password must contain a mix of both alphabetic and non-alphabetic characters.
Answer: B
Explanation:
Passwords must not be displayed in plain text while logging on. Passwords must be
masked. Password must have a minimum of 8 characters. Password must contain a mix of
both alphabetic and non-alphabetic characters. Passwords must be kept private, e.g. not
shared, coded into programs, or written down.
QUESTION 319:
Why would a 16 characters password not desirable?
A. Hard to remember
B. Offers numerous characters.
C. Difficult to crack using brute force.
D. All of the choices.
Answer: A
Explanation:
When the password is too hard to memorize, the user will actually write it down, which
is totally insecure and unacceptable.
QUESTION 320:
Which of the following is NOT a good password deployment guideline?
A. Passwords must not be he same as user id or login id.
B. Password aging must be enforced on all systems.
C. Password must be easy to memorize.
D. Passwords must be changed at least once every 60 days, depending on your environment.
Answer: C
Explanation:
Passwords must be changed at least once every 60 days (depending on your environment).
Password aging or expiration must be enforced on all systems. Upon password expiration,
if the password is not changed, only three grace logins must be allowed then the
account must be disable until reset by an administrator or the help desk. Password
reuse is not allowed (rotating passwords).
QUESTION 321:
Routing password can be restricted by the use of:
A. Password age
B. Password history
C. Complex password
D. All of the choices
Answer: B
Explanation:
Passwords must be changed at least once every 60 days (depending on your environment).
Password aging or expiration must be enforced on all systems. Upon password expiration,
if the password is not changed, only three grace logins must be allowed then the
account must be disable until reset by an administrator or the help desk. Password
reuse is not allowed (rotating passwords).
QUESTION 322:
What should you do immediately if the root password is compromised?
A. Change the root password.
B. Change all passwords.
C. Increase the value of password age.
D. Decrease the value of password history.
Answer: B
Explanation:
All passwords must be changed if the root password is compromised or disclosure is
suspected. (This is a separate case; the optimal solution would be to reload the
compromised computer. A computer that has been downgraded can never be upgraded to
higher security level)
QUESTION 323:
Which of the following is the most secure way to distribute password?
A. Employees must send in an email before obtaining a password.
B. Employees must show up in person and present proper identification before obtaining a
password.
C. Employees must send in a signed email before obtaining a password.
D. None of the choices.
Answer: B
Explanation:
Employees must show up in person and present proper identification before obtaining a
new or changed password (depending on your policy). After three unsuccessful attempts
to enter a password, the account will be locked and only an administrator or the help
desk can reactivate the involved user ID.
QUESTION 324:
Which of the following does not apply to system-generated passwords?
A. Passwords are harder to remember for users
B. If the password-generating algorithm gets to be known, the entire system is in jeopardy
C. Passwords are more vulnerable to brute force and dictionary attacks.
D. Passwords are harder to guess for attackers
Answer: C
QUESTION 325:
Passwords can be required to change monthly, quarterly, or any other intervals:
A. depending on the criticality of the information needing protection
B. depending on the criticality of the information needing protection and the password’s
frequency of use
C. depending on the password’s frequency of use
D. not depending on the criticality of the information needing protection but depending on the
password’s frequency of use
Answer: B
QUESTION 326:
In SSL/TLS protocol, what kind of authentication is supported?
A. Peer-to-peer authentication
B. Only server authentication (optional)
C. Server authentication (mandatory) and client authentication (optional)
D. Role based authentication scheme
Answer: C
“The server sends a message back to the client indicating that a secure session needs to be
established, and the client sends it security parameters. The server compares those security
parameters to its own until it finds a match. This is the handshaking phase. The server
authenticates to the client by sending it a digital certificate, and if the client decides to trust the
server the process continues. The server can require the client to send over a digital certificate
for mutual authentication, but that is rare.”
Pg. 523 Shon Harris: All-In-One CISSP Certification Exam Guide
QUESTION 327:
Which of the following correctly describe the difference between identification and
authentication?
A. Authentication is a means to verify who you are, while identification is what you are
authorized to perform.
B. Identification is a means to verify who you are, while authentication is what you are
authorized to perform.
C. Identification is another name of authentication.
D. Identification is the child process of authentication.
Answer: B
Explanation:
Identification is a means to verify who you are. Authentication is what you are
authorized to perform, access, or do. User identification enables accountability. It
enables you to trace activities to individual users that may be held responsible for
their actions. Identification usually takes the form of Logon ID or User ID. Some of
the Logon ID characteristics are: they must be unique, not shared, and usually non
descriptive of job function.
QUESTION 328:
Identification establishes:
A. Authentication
B. Accountability
C. Authorization
D. None of the choices.
Answer: B
Explanation:
Identification is a means to verify who you are. Authentication is what you are
authorized to perform, access, or do. User identification enables accountability. It
enables you to trace activities to individual users that may be held responsible for
their actions. Identification usually takes the form of Logon ID or User ID. Some of
the Logon ID characteristics are: they must be unique, not shared, and usually non
descriptive of job function.
QUESTION 329:
Identification usually takes the form of:
A. Login ID.
B. User password.
C. None of the choices.
D. Passphrase
Answer: A
Explanation:
Identification is a means to verify who you are. Authentication is what you are
authorized to perform, access, or do. User identification enables accountability. It
enables you to trace activities to individual users that may be held responsible for
their actions. Identification usually takes the form of Logon ID or User ID. Some of
the Logon ID characteristics are: they must be unique, not shared, and usually non
descriptive of job function
QUESTION 330:
What is called the act of a user professing an identity to a system, usually in the form of a
log-on ID?
A. Authentication
B. Identification
C. Integrity
D. Confidentiality
Answer: B
“Identification is the act of a user professing an identity to a system, usually in the form of a
logon ID to the system.” Pg 49 Krutz The CISSP Prep Guide.
“Identification describes a method of ensuring that a subject (user, program, or process) is the
entity it claims to be. Identification can be provided with the use of a username or account
number. To be properly authenticated, the subject is usually required to provide a second piece
to the credential set. This piece could be a password, passphrase, cryptographic key, personal
identification number (PIN), anatomical attribute, or token.” Pg 110 Shon Harris: All-in-One
CISSP Certification
QUESTION 331:
What is called the verification that the user’s claimed identity is valid and is usually
implemented through a user password at log-on time?
A. Authentication
B. Identification
C. Integrity
D. Confidentiality
Answer: A
QUESTION 332:
Identification and authentication are the keystones of most access control systems.
Identification establishes:
A. user accountability for the actions on the system
B. top management accountability for the actions on the system
C. EDP department accountability for the actions of users on the system
D. authentication for actions on the system
Answer: A
QUESTION 333:
Which one of the following authentication mechanisms creates a problem for mobile users?
A. address-based mechanism
B. reusable password mechanism
C. one-time password mechanism
D. challenge response mechanism

Answer: A
QUESTION 334:
Which of the following centralized access control mechanisms is not appropriate for mobile
workers access the corporate network over analog lines?
A. TACACS
B. Call-back
C. CHAP
D. RADIUS
Answer: B
QUESTION 335:
Authentication is typically based upon:
A. Something you have.
B. Something you know.
C. Something you are.
D. All of the choices.
Answer: D
Explanation:
Authentication is a means of verifying the eligibility of an entity to receive specific
categories of information. The entity could be individual user, machine, or software
component. Authentication is typically based upon something you know, something you
have, or something you are.
QUESTION 336:
A password represents:
A. Something you have.
B. Something you know.
C. All of the choices.
D. Something you are.
Answer: B
Explanation:
The canonical example of something you know is a password or pass phrase. You might
type or speak the value. A number of schemes are possible for obtaining what you know.
It might be assigned to you, or you may have picked the value yourself. Constraints may
exist regarding the form the value can take, or the alphabet from which you are allowed
to construct the value might be limited to letters only. If you forget the value, you
may not be able to authenticate yourself to the system.
QUESTION 337:
A smart card represents:
A. Something you are.
B. Something you know.
C. Something you have.
D. All of the choices.
Answer: C
Explanation:
Another form of authentication requires possession of something such as a key, a smart
card, a disk, or some other device. Whatever form it takes, the authenticating item
should be difficult to duplicate and may require synchronization with systems other
than the one to which you are requesting access. Highly secure environments may require
you to possess multiple things to guarantee authenticity.
QUESTION 338:
Which of the following is the most commonly used check on something you know?
A. One time password
B. Login phrase
C. Retinal
D. Password
Answer: D
Explanation:
Passwords even though they are always mentioned as being unsecured, necessary evils,
that put your infrastructure at risk, are still commonly used and will probably be used
for quite a few years. Good passwords can provide you with a good first line of
defense. Passwords are based on something the user knows. They are used to authenticate
users before they can access specific resources.
QUESTION 339:
Retinal scans check for:
A. Something you are.
B. Something you have.
C. Something you know.
D. All of the choices.
Answer: A
Explanation:
Something you are is really a special case of something you have. The usual examples
given include fingerprint, voice, or retinal scans.
QUESTION 340:
What type of authentication takes advantage of an individuals unique physical
characteristics in order to authenticate that persons identity?
A. Password
B. Token
C. Ticket Granting
D. Biometric
Answer: D
Explanation:
Biometric authentication systems take advantage of an individual’s unique physical
characteristics in order to authenticate that person’s identity. Various forms of
biometric authentication include face, voice, eye, hand, signature, and fingerprint,
each have their own advantages and disadvantages. When combined with the use of a PIN
it can provide two factors authentication.
QUESTION 341:
What is called an automated means of identifying or authenticating the identity of a living
person based on physiological or behavioral characteristics?
A. Biometrics
B. Micrometrics
C. Macrometrics
D. MicroBiometrics

Answer: A
QUESTION 342:
Which of the following forms of authentication would most likely apply a digital signature
algorithm to every bit of data that is sent from the claimant to the verifier?
A. Dynamic authentication
B. Continuous authentication
C. Encrypted authentication
D. Robust authentication
Answer: C
The correct answer is C. Unable to find any references to continuous encryption.
“A digital signature is the encrypted hash value of a message.” Pg 550 Shon Harris: CISSP
All-In-One Certification Exam Guide.
“There are other options to improve the security offered by password authentication:
Use the strongest form of one-way encryption available for password storage.
Never allow passwords to be transmitted in clear text or with weak encryption.” Pg. 9 Tittel:
CISSP Study Guide
“[Kerberos] A complicated exchange of tickets (i.e., cryptographic messages) between the client,
the server, and the TGS is used to prove identity and provide authentication between the client
and server. This allows the client to request resources from the server while having full
assurance that both entities are who they claim to be. The exchange of encrypted tickets also
ensures that no logon credentials, session keys, or authentication messages are ever transmitted
in the clear text.” Pg 14 Tittel: CISSP Study Guide
QUESTION 343:
In which situation would TEMPEST risks and technologies be of MOST interest?
A. Where high availability is vital.
B. Where the consequences of disclose are very high.
C. Where countermeasures are easy to implement
D. Where data base integrity is crucial
Answer: B
Emanation eavesdropping. Receipt and display of information, which is resident on computers or
terminals, through the interception of radio frequency (RF) signals generated by those computers
or terminals. The U.S. government established a program called TEMPEST that addressed this
problem by requiring a shielding and other emanation-reducing mechanisms to be employed on
computers processing sensitive and classified government information. . -Ronald Krutz The
CISSP PREP Guide (gold edition) pg 416
QUESTION 344:
Which one of the following addresses the protection of computers and components from electromagnetic
emissions?
A. TEMPEST
B. ISO 9000
C. Hardening
D. IEEE 802.2
Answer: A
Receipt and Display of information, which is resident on computers or terminals, thorugh the
interception of Radio Frequency (RF) signals generated by those computers or terminals. The
U.S. government established a program called Tempest that addressed this problem by requiring
shielding and other emanation-reducing mechanisms to be employed on computers processing
sensitive and classified government information. -Ronald Krutz The CISSP PREP Guide (gold
edition) pg 416
QUESTION 345:
Monitoring electromagnetic pulse emanations from PCs and CRTs provides a hacker with that significant
advantage?
A. Defeat the TEMPEST safeguard
B. Bypass the system security application.
C. Gain system information without trespassing
D. Undetectable active monitoring.
Answer: D
Tempest equipment is implemented to prevent intruders from picking up information through the
airwaves with listening devices. – Shon Harris All-in-one CISSP Certification Guide pg 192. In
Harris’s other book CISSP PASSPORT, she talks about tempest in terms of spy movies and how
a van outside is listening or monitoring to the activities of someone. This lends credence to the
answer of C (trespassing) but I think D is more correct. In that all the listener must do is listen to
the RF. Use your best judgment based on experience and knowledge.
QUESTION 346:
What name is given to the study and control of signal emanations from electrical and electromagnetic
equipment?
A. EMI
B. Cross Talk
C. EMP
D. TEMPEST
Answer: D
QUESTION 347:
TEMPEST addresses
A. The vulnerability of time-dependent transmissions.
B. Health hazards of electronic equipment.
C. Signal emanations from electronic equipment.
D. The protection of data from high energy attacks.
Answer: C
“Tempest is the study and control of spurious electrical signals that are emitted by electrical
equipment.” Pg 167 Shon Harris: All-In-One CISSP Certification Exam Guide
QUESTION 348:
Which one of the following is the MOST solid defense against interception of a network
transmission?
A. Frequency hopping
B. Optical fiber
C. Alternate routing
D. Encryption
Answer: B
An alternative to conductor-based network cabling is fiber-optic cable. Fiber-optic cables
transmit pulses of light rather than electricity. This has the advantage of being extremely fast and
near impervious to tapping.
Pg 85 Tittel: CISSP Study Guide.
QUESTION 349:
Which of the following media is MOST resistant to tapping?
A. Microwave
B. Twisted pair
C. Coaxial cable
D. Fiber optic
Answer: D
QUESTION 350:
What type of wiretapping involves injecting something into the communications?
A. Aggressive
B. Captive
C. Passive
D. Active
Answer: D
Most communications are vulnerable to some type of wiretapping or eavesdropping. It can usually be done
undetected and is referred to as a passive attack versus an active attack. – Shon Harris All-in-one CISSP
Certification Guide pg 649
“(I) An attack that intercepts and accesses data and other information contained in a flow in a
communication system. (C) Although the term originally referred to making a mechanical
connection to an electrical conductor that links two nodes, it is now used to refer to reading
information from any sort of medium used for a link or even directly from a node, such as
gateway or subnetwork switch. (C) “Active wiretapping” attempts to alter the data or otherwise
affect the flow; “passive wiretapping” only attempts to observe the flow and gain knowledge of
information it contains. (See: active attack, end-to-end encryption, passive attack.)”
http://www.linuxsecurity.com/dictionary/dict-455.html
QUESTION 351:
Why would an Ethernet LAN in a bus topology have a greater risk of unauthorized
disclosure than switched Ethernet in a hub-and-spoke or star topology?
A. IEEE 802.5 protocol for Ethernet cannot support encryption.
B. Ethernet is a broadcast technology.
C. Hub and spoke connections are highly multiplexed.
D. TCP/IP is an insecure protocol.
Answer: B
Ethernet is broadcast and the question asks about a bus topology vs a SWITCHED Ethernet.
Most switched Ethernet lans are divided by vlans which contain broadcasts to a single vlan, but
remember only a layer 3 device can stop a broadcast.
QUESTION 352:
What type of attacks occurs when a smartcard is operating under normal physical
conditions, but sensitive information is gained by examining the bytes going to and from
the smartcard?
A. Physical attacks.
B. Logical attacks.
C. Trojan Horse attacks.
D. Social Engineering attacks.
Answer: B
Explanation:
Logical attacks occur when a smartcard is operating under normal physical conditions,
but sensitive information is gained by examining the bytes going to and from the
smartcard. One example is the so-called “timing attack” described by Paul Kocher. In
this attack, various byte patterns are sent to the card to be signed by the private
key. Information such as the time required to perform the operation and the number of
zeroes and ones in the input bytes are used to eventually obtain the private key. There
are logical countermeasures to this attack but not all smartcard manufacturers have
implemented them. This attack does require that the PIN to the card be known, so that
many private key operations can be performed on chosen input bytes.
QUESTION 353:
What is an effective countermeasure against Trojan horse attack that targets smart cards?
A. Singe-access device driver architecture.
B. Handprint driver architecture.
C. Fingerprint driver architecture.
D. All of the choices.
Answer: A
Explanation:
The countermeasure to prevent this attack is to use “single-access device driver”
architecture. With this type of architecture, the operating system enforces that only
one application can have access to the serial device (and thus the smartcard) at any
given time. This prevents the attack but also lessens the convenience of the smartcard
because multiple applications cannot use the services of the card at the same time.
Another way to prevent the attack is by using a smartcard that enforces a “one private
key usage per PIN entry” policy model. In this model, the user must enter their PIN
every single time the private key is to be used and therefore the Trojan horse would
not have access to the key.
QUESTION 354:
Which of the following could illegally capture network user passwords?
A. Data diddling
B. Sniffing
C. Spoofing
D. Smurfing
Answer: B
QUESTION 355:
Which of the following statements is incorrect?
A. Since the early days of mankind humans have struggled with the problems of protecting
assets
B. The addition of a PIN keypad to the card reader was a solution to unreported card or lost
cards problems
C. There has never been a problem of lost keys
D. Human guard is an inefficient and sometimes ineffective method of protecting resources
Answer: C
QUESTION 356:
A system uses a numeric password with 1-4 digits. How many passwords need to be tried
before it is cracked?
A. 1024
B. 10000
C. 100000
D. 1000000
Answer: B
The largest 4 digit number is 9999. So 10,000 is the closest answer.
QUESTION 357:
Which of the following can be used to protect your system against brute force password
attack?
A. Decrease the value of password history.
B. Employees must send in a signed email before obtaining a password.
C. After three unsuccessful attempts to enter a password, the account will be locked.
D. Increase the value of password age.
Answer: C
Explanation:
Employees must show up in person and present proper identification before obtaining a
new or changed password (depending on your policy). After three unsuccessful attempts
to enter a password, the account will be locked and only an administrator or the help
desk can reactivate the involved user ID.
QUESTION 358:
Which of the following is an effective measure against a certain type of brute force
password attack?
A. Password used must not be a word found in a dictionary.
B. Password history is used.
C. Password reuse is not allowed.
D. None of the choices.
Answer: A
Explanation:
Password reuse is not allowed (rotating passwords). Password history must be used to
prevent users from reusing passwords. On all systems with such a facility the last 12
passwords used will be kept in the history. All computer system users must choose
passwords that cannot be easily guessed. Passwords used must not be a word found in a
dictionary.
QUESTION 359:
Which type of attack will most likely provide an attacker with multiple passwords to
authenticate to a system?
A. Password sniffing
B. Dictionary attack
C. Dumpster diving
D. Social engineering
Answer: A
QUESTION 360:
Which of the following are measures against password sniffing?
A. Passwords must not be sent through email in plain text.
B. Passwords must not be stored in plain text on any electronic media.
C. You may store passwords electronically if it is encrypted.
D. All of the choices.
Answer: D

Explanation:
Passwords must not be sent through email in plain text. Passwords must not be stored in
plain text on any electronic media. It is acceptable to store passwords in a file if it
is encrypted with PGP or equivalent strong encryption (once again depending on your
organization policy). All vendor supplied default passwords must be changed.
QUESTION 361:
Which one of the following conditions is NOT necessary for a long dictionary attack to succeed?
A. The attacker must have access to the target system.
B. The attacker must have read access to the password file.
C. The attacker must have write access to the password file.
D. The attacker must know the password encryption mechanism and key variable.
Answer: C
Explanation:
The program encrypts the combination of characters and compares them to the encrypted entries
in the password file. If a match is found, the program has uncovered a password. – Shon Harris
All-in-one CISSP Certification Guide pg 199
QUESTION 362:
What is an important factor affecting the time required to perpetrate a manual trial and error attack to gain
access to a target computer system?
A. Keyspace for the password.
B. Expertise of the person performing the attack.
C. Processing speed of the system executing the attack.
D. Encryption algorithm used for password transfer.
Answer: A
Explanation:
I am not sure of the answer on this question. B seems good but the reference below states that
Keyspace (or length of password) is the main deterrent. I did not come across something that
directly relates in my readings.
“If an attacker mounts a trial-and-error attack against your password, a longer password gives the
attacker a larger number of alternatives to try. If each character in the password may take on 96
different values (typical of printable ASCII characters) then each additional character presents
the attacker with 96 times as many passwords to try. If the number of alternatives is large
enough, the trial-and-error attack might discourage the attacker, or lead to the attacker’s
detection.” http://www.smat.us/sanity/riskyrules.html
QUESTION 363:
Which one of the following BEST describes a password cracker?
A. A program that can locate and read a password file.
B. A program that provides software registration passwords or keys.
C. A program that performs comparative analysis.
D. A program that obtains privileged access to the system.
Answer: C
Explanation:
In a dictionary crack, L0phtCrack encrypts (i.e., hashes) all the passwords in a dictionary file
you specify and compares every result with the password hash. If L0phtCrack finds any matches,
it knows the password is the dictionary word. L0phtCrack comes with a default dictionary file,
words-english. You can download additional files from the Internet or create a custom file. In the
Tools Options dialog box, you can choose to run the dictionary attack against the LANMAN
password hash, the NT LAN Manager (NTLM) password hash, or both (which is the default).
In a hybrid crack, L0phtCrack extends the dictionary crack by appending numbers or symbols to
each word in the dictionary file. For example, in addition to trying “Galileo,” L0phtCrack also
tries “Galileo24,” “13Galileo,” “?Galileo,” “Galileo!,” and so on. The default number of
characters L0phtCrack tries is two, and you can change this number in the Tools Options dialog
box.
In a brute-force crack, L0phtCrack tries every possible combination of characters in a character
set. L0phtCrack offers four character sets, ranging from alpha only to all alphanumeric plus all
symbol characters. You can choose a character set from the Character Set drop-down box in the
Tools Options dialog box or type a custom character set in the Character Set drop-down box.
L0phtCrack saves custom sets in files with an .lc extension. You can also specify a character set
in the password file, as the example in Figure 2 shows.
Not B: A key generator is what is being described by the registration password or key answer.
QUESTION 364:
If a token and 4-digit personal identification number (PIN) are used to access a computer system and the
token performs off-line checking for the correct PIN, what type of attack is possible?
A. Birthday
B. Brute force
C. Man-in-the-middle
D. Smurf
Answer: B
Explanation:
Brute force attacks are performed with tools that cycle through many possible character, number,
and symbol combinations to guess a password. Pg 134 Shon Harris CISSP All-In-One
Certification Exam Guide. Since the token allows offline checking of PIN, the cracker can keep
trying PINS until it is cracked.
QUESTION 365:
Which of the following actions can increase the cost of an exhaustive attack?
A. Increase the age of a password.
B. Increase the length of a password.
C. None of the choices.
D. Increase the history of a password.
Answer: B
Explanation:
Defenses against exhaustive attacks involve increasing the cost of the attack by
increasing the number of possibilities to be exhausted. For example, increasing the
length of a password will increase the cost of an exhaustive attack. Increasing the
effective length of a cryptographic key variable will make it more resistant to an
exhaustive attack.
QUESTION 366:
Which of the following attacks focus on cracking passwords?
A. SMURF
B. Spamming
C. Teardrop
D. Dictionary
Answer: D
Explanation:
Dictionaries may be used in a cracking program to determine passwords. A short
dictionary attack involves trying a list of hundreds or thousands of words that are
frequently chosen as passwords against several systems. Although most systems resist
such attacks, some do not. In one case, one system in five yielded to a particular
dictionary attack.
QUESTION 367:
Which of the following can best eliminate dial-up access through a Remote Access Server
as a hacking vector?
A. Using TACACS+ server
B. Installing the Remote Access Server outside the firewall and forcing legitimate users to
authenticate to the firewall.
C. Setting modem ring count to at least 5
D. Only attaching modems to non-networked hosts.
Answer: B
QUESTION 368:
What is known as decoy system designed to lure a potential attacker away from critical systems?
A. Honey Pots
B. Vulnerability Analysis Systems
C. File Integrity Checker
D. Padded Cells
Answer: A
Explanation:
Honey pots are decoy systems that are designed to lure a potential attacker away from
critical systems. Honey pots are designed to:
Divert an attacker from accessing critical systems,
Collect information about the attacker’s activity, and encourage the attacker to stay
on the system long enough for administrators to respond.
QUESTION 369:
Which of the following will you consider as a program that monitors data traveling over a
network?
A. Smurfer
B. Sniffer
C. Fragmenter
D. Spoofer
Answer: B
Explanation:
A sniffer is a program and/or device that monitor data traveling over a network.
Sniffers can be used both for legitimate network management functions and for stealing
information off a network. Unauthorized sniffers can be extremely dangerous to a
network’s security because they are virtually impossible to detect
QUESTION 370:
Which of the following is NOT a system-sensing wireless proximity card?
A. magnetically striped card
B. passive device
C. field-powered device
D. transponder
Answer: A
QUESTION 371:
Attacks on smartcards generally fall into what categories?
A. Physical attacks.
B. Trojan Horse attacks.
C. Logical attacks.
D. All of the choices, plus Social Engineering attacks.
Answer: D
Explanation:
Attacks on smartcards generally fall into four categories: Logical attacks, Physical
attacks, Trojan Horse attacks and Social Engineering attacks.
QUESTION 372:
Which of the following attacks could be the most successful when the security technology is
properly implemented and configured?
A. Logical attacks
B. Physical attacks
C. Social Engineering attacks
D. Trojan Horse attacks
Answer: C
Explanation:
Social Engineering attacks – In computer security systems, this type of attack is
usually the most successful, especially when the security technology is properly
implemented and configured. Usually, these attacks rely on the faults in human beings.
An example of a social engineering attack has a hacker impersonating a network service
technician. The serviceman approaches a low-level employee and requests their password
for network servicing purposes. With smartcards, this type of attack is a bit more
difficult. Most people would not trust an impersonator wishing to have their smartcard
and PIN for service purposes.
QUESTION 373:
What type of attacks occurs when normal physical conditions are altered in order to gain
access to sensitive information on the smartcard?
A. Physical attacks
B. Logical attacks
C. Trojan Horse attacks
D. Social Engineering attacks
Answer: A
Explanation:
Physical attacks occur when normal physical conditions, such as temperature, clock
frequency, voltage, etc, are altered in order to gain access to sensitive information
on the smartcard. Most smartcard operating systems write sensitive data to the EEPROM
area in a proprietary, encrypted manner so that it is difficult to obtain clear text
keys by directly hacking into the EEPROM. Other physical attacks that have proven to be
successful involve an intense physical fluctuation at the precise time and location
where the PIN verification takes place. Thus, sensitive card functions can be performed
even though the PIN is unknown. This type of attack can be combined with the logical
attack mentioned above in order to gain knowledge of the private key. Most physical
attacks require special equipment.
QUESTION 374:
Which one of the following is an example of electronic piggybacking?
A. Attaching to a communications line and substituting data.
B. Abruptly terminating a dial-up or direct-connect session.
C. Following an authorized user into the computer room.
D. Recording and playing back computer transactions.
Answer: C
Ok this is a weird little question. The term electronic is kinda of throwing me a bit. A lot of times piggybacking
can
be used in terms of following someone in a building.
Piggyback – Gaining unauthorized access to a system via another user’s legitimate connection. (see
between-the-lines entry)
Between-the-lines entry 0 Unauthorized access obtained by tapping the temporarily inactive terminal of a
legitimate
user. -Ronald Krutz The CISSP PREP Guide (gold edition) pg 914, 885
QUESTION 375:
A system using Discretionary Access Control (DAC) is vulnerable to which one of the
following attacks?
A. Trojan horse
B. Phreaking
C. Spoofing
D. SYN flood
Answer: C
An attempt to gain access to a system by posing as an authorized user. Synonymous with
impersonating, masquerading, or mimicking.-Ronald Krutz The CISSP PREP Guide (gold
edition) pg 921
“Spoofing – The act of replacing the valid source and/or destination IP address and node numbers
with false ones.
Spoofing attack – any attack that involves spoofed or modified packets.” – Ed Tittle CISSP Study
Guide (sybex)
QUESTION 376:
Which of the following is an example of an active attack?
A. Traffic analysis
B. Masquerading
C. Eavesdropping
D. Shoulder surfing
Answer: B
QUESTION 377:
What attack involves actions to mimic one’s identity?
A. Brute force
B. Exhaustive
C. Social engineering
D. Spoofing
Answer: D
Explanation:
Spoofing is an attack in which one person or process pretends to be a person or process
that has more privileges. For example, user A can mimic behavior to make process B
believe user A is user C. In the absence of any other controls, B may be duped into
giving to user A the data and privileges that were intended for user C.
QUESTION 378:
Which access control model enables the owner of the resource to specify what subjects can
access specific resources?
A. Discretionary Access Control
B. Mandatory Access Control
C. Sensitive Access Control
D. Role-based Access Control
Answer: A
QUESTION 379:
The type of discretionary access control that is based on an individual’s identity is called:
A. Identity-based access control
B. Rule-based access control
C. Non-Discretionary access control
D. Lattice-based access control
Answer: A
QUESTION 380:
Which of the following access control types gives “UPDATE” privileges on Structured Query Language
(SQL) database objects to specific users or groups?
A. Supplemental
B. Discretionary
C. Mandatory
D. System
Answer: C
Supplemental and System are not access control types. The most correct answer is mandatory
opposed to discretionary. The descriptions below sound typical of how a sql accounting database
controls access.
“In a mandatory access control (MAC) model, users and data owners do not have as much
freedom to determine who can access their files. Data owners can allow others to have access to
their files, but it is the operating system that will make the final decision and can override the
data owner’s wishes.” Pg. 154 Shon Harris CISSP All-In-One Certification Exam Guide
“Rule-based access controls are a variation of mandatory access controls. A rule based systems
uses a set of rules, restrictions or filters to determine what can and cannot occur on the system,
such as granting subject access, performing an action on an object, or accessing a resource. Pg
16 Tittle: CISSP Study Guide.
QUESTION 381:
With Discretionary access controls, who determines who has access and what privilege they
have?
A. End users.
B. None of the choices.
C. Resource owners.
D. Only the administrators.
Answer: C
Explanation:
Discretionary access controls can extend beyond limiting which subjects can gain what
type of access to which objects. Administrators can limit access to certain times of
day or days of the week. Typically, the period during which access would be permitted
is 9 a.m. to 5 p.m. Monday through Friday. Such a limitation is designed to ensure that
access takes place only when supervisory personnel are present, to discourage
unauthorized use of data. Further, subjects’ rights to access might be suspended when
they are on vacation or leave of absence. When subjects leave an organization
altogether, their rights must be terminated rather than merely suspended. Under this
type of control, the owner determines who has access and what privilege they have.
QUESTION 382:
What defines an imposed access control level?
A. MAC
B. DAC
C. SAC
D. CAC
Answer: A
Explanation:
MAC is defined as follows in the Handbook of Information Security Management: With
mandatory controls, only administrators and not owners of resources may make decisions
that bear on or derive from policy. Only an administrator may change the category of a
resource, and no one may grant a right of access that is explicitly forbidden in the
access control policy.
QUESTION 383:
Under MAC, who can change the category of a resource?
A. All users.
B. Administrators only.
C. All managers.
D. None of the choices.
Answer: B
Explanation:
MAC is defined as follows in the Handbook of Information Security Management: With
mandatory controls, only administrators and not owners of resources may make decisions
that bear on or derive from policy. Only an administrator may change the category of a
resource, and no one may grant a right of access that is explicitly forbidden in the
access control policy.
QUESTION 384:
Under MAC, who may grant a right of access that is explicitly forbidden in the access
control policy?
A. None of the choices.
B. All users.
C. Administrators only.
D. All managers.
Answer: A
Explanation:
MAC is defined as follows in the Handbook of Information Security Management: With
mandatory controls, only administrators and not owners of resources may make decisions
that bear on or derive from policy. Only an administrator may change the category of a
resource, and no one may grant a right of access that is explicitly forbidden in the
access control policy.
QUESTION 385:
You may describe MAC as:
A. Opportunistic
B. Prohibitive
C. None of the choices.
D. Permissive
Answer: B
Explanation:
It is important to note that mandatory controls are prohibitive (i.e., all that is not
expressly permitted is forbidden), not permissive. Only within that context do
discretionary controls operate, prohibiting still more access with the same
exclusionary principle. In this type of control system decisions are based on privilege
(clearance) of subject (user) and sensitivity (classification) of object (file). It
requires labeling.
QUESTION 386:
Under MAC, which of the following is true?
A. All that is expressly permitted is forbidden.
B. All that is not expressly permitted is forbidden.
C. All that is not expressly permitted is not forbidden.
D. None of the choices.
Answer: B
Explanation:
It is important to note that mandatory controls are prohibitive (i.e., all that is not
expressly permitted is forbidden), not permissive. Only within that context do
discretionary controls operate, prohibiting still more access with the same
exclusionary principle. In this type of control system decisions are based on privilege
(clearance) of subject (user) and sensitivity (classification) of object (file). It
requires labeling.
QUESTION 387:
Under MAC, a clearance is a:
A. Sensitivity
B. Subject
C. Privilege
D. Object
Answer: C
Explanation:
It is important to note that mandatory controls are prohibitive (i.e., all that is not
expressly permitted is forbidden), not permissive. Only within that context do
discretionary controls operate, prohibiting still more access with the same
exclusionary principle. In this type of control system decisions are based on privilege
(clearance) of subject (user) and sensitivity (classification) of object (file). It
requires labeling.
QUESTION 388:
Under MAC, a file is a(n):
A. Privilege
B. Subject
C. Sensitivity
D. Object
Answer: D
Explanation:
It is important to note that mandatory controls are prohibitive (i.e., all that is not
expressly permitted is forbidden), not permissive. Only within that context do
discretionary controls operate, prohibiting still more access with the same
exclusionary principle. In this type of control system decisions are based on privilege
(clearance) of subject (user) and sensitivity (classification) of object (file). It
requires labeling.
QUESTION 389:
Under MAC, classification reflects:
A. Sensitivity
B. Subject
C. Privilege
D. Object
Answer: A
Explanation:
It is important to note that mandatory controls are prohibitive (i.e., all that is not
expressly permitted is forbidden), not permissive. Only within that context do
discretionary controls operate, prohibiting still more access with the same
exclusionary principle. In this type of control system decisions are based on privilege
(clearance) of subject (user) and sensitivity (classification) of object (file). It
requires labeling.
QUESTION 390:
MAC is used for:
A. Defining imposed access control level.
Actualtests.com – The Power of Knowing
CISSP
B. Defining user preferences.
C. None of the choices.
D. Defining discretionary access control level.
Answer: A
Explanation:
As the name implies, the Mandatory Access Control defines an imposed access control
level. MAC is defined as follows in the Handbook of Information Security Management:
With mandatory controls, only administrators and not owners of resources may make
decisions that bear on or derive from policy. Only an administrator may change the
category of a resource, and no one may grant a right of access that is explicitly
forbidden in the access control policy.
QUESTION 391:
With MAC, who may make decisions that bear on policy?
A. None of the choices.
B. All users.
C. Only the administrator.
D. All users except guests.
Answer: C
Explanation:
As the name implies, the Mandatory Access Control defines an imposed access control
level. MAC is defined as follows in the Handbook of Information Security Management:
With mandatory controls, only administrators and not owners of resources may make
decisions that bear on or derive from policy. Only an administrator may change the
category of a resource, and no one may grant a right of access that is explicitly
forbidden in the access control policy.

QUESTION 392:
With MAC, who may NOT make decisions that derive from policy?
A. All users except the administrator.
B. The administrator.
C. The power users.
D. The guests.
Answer: A
Explanation:
As the name implies, the Mandatory Access Control defines an imposed access control
level. MAC is defined as follows in the Handbook of Information Security Management:
With mandatory controls, only administrators and not owners of resources may make
decisions that bear on or derive from policy. Only an administrator may change the
category of a resource, and no one may grant a right of access that is explicitly
forbidden in the access control policy.
QUESTION 393:
Under the MAC control system, what is required?
A. Performance monitoring
B. Labeling
C. Sensing
D. None of the choices
Answer: B
Explanation:
It is important to note that mandatory controls are prohibitive (i.e., all that is not
expressly permitted is forbidden), not permissive. Only within that context do
discretionary controls operate, prohibiting still more access with the same
exclusionary principle. In this type of control system decisions are based on privilege
(clearance) of subject (user) and sensitivity (classification) of object (file). It
requires labeling.
QUESTION 394:
Access controls that are not based on the policy are characterized as:
A. Secret controls
B. Mandatory controls
C. Discretionary controls
D. Corrective controls
Answer: C
Explanation:
Access controls that are not based on the policy are characterized as discretionary
controls by the U.S. government and as need-to-know controls by other organizations.
The latter term connotes least privilege – those who may read an item of data are
precisely those whose tasks entail the need.
QUESTION 395:
DAC are characterized by many organizations as:
A. Need-to-know controls
B. Preventive controls
C. Mandatory adjustable controls
D. None of the choices
Answer: A
Explanation:
Access controls that are not based on the policy are characterized as discretionary
controls by the U.S. government and as need-to-know controls by other organizations.
The latter term connotes least privilege – those who may read an item of data are
precisely those whose tasks entail the need.
QUESTION 396:
Which of the following correctly describe DAC?
A. It is the most secure method.
B. It is of the B2 class.
C. It can extend beyond limiting which subjects can gain what type of access to which objects.
D. It is of the B1 class.
Answer: C
Explanation:
With DAC, administrators can limit access to certain times of day or days of the week.
Typically, the period during which access would be permitted is 9 a.m. to 5 p.m. Monday
through Friday. Such a limitation is designed to ensure that access takes place only
when supervisory personnel are present, to discourage unauthorized use of data.
Further, subjects’ rights to access might be suspended when they are on vacation or
leave of absence. When subjects leave an organization altogether, their rights must be
terminated rather than merely suspended.
QUESTION 397:
Under DAC, a subjects rights must be ________ when it leaves an organization altogether.
A. recycled
B. terminated
C. suspended
D. resumed
Answer: B
Explanation:
Discretionary access controls can extend beyond limiting which subjects can gain what
type of access to which objects. Administrators can limit access to certain times of
day or days of the week. Typically, the period during which access would be permitted
is 9 a.m. to 5 p.m. Monday through Friday. Such a limitation is designed to ensure that
access takes place only when supervisory personnel are present, to discourage
unauthorized use of data. Further, subjects’ rights to access might be suspended when
they are on vacation or leave of absence. When subjects leave an organization
altogether, their rights must be terminated rather than merely suspended.
QUESTION 398:
In a discretionary mode, which of the following entities is authorized to grant information
access to other people?
A. manager
B. group leader
C. security manager
D. user
Answer: D
QUESTION 399:
With RBAC, each user can be assigned:
A. One or more roles.
B. Only one role.
C. A token role.
D. A security token.
Answer: A
Explanation:
With RBAC, security is managed at a level that corresponds closely to the
organization’s structure. Each user is assigned one or more roles, and each role is
assigned one or more privileges that are permitted to users in that role. Roles can be
hierarchical.
QUESTION 400:
With RBAC, roles are:
A. Based on labels.
B. All equal
C. Hierarchical
D. Based on flows.
Answer: C
Explanation:
With RBAC, security is managed at a level that corresponds closely to the
organization’s structure. Each user is assigned one or more roles, and each role is
assigned one or more privileges that are permitted to users in that role. Roles can be
hierarchical.
QUESTION 401:
With __________, access decisions are based on the roles that individual users have as part
of an organization.
A. Server based access control.
B. Rule based access control.
C. Role based access control.
D. Token based access control.
Answer: C
Explanation:
With role-based access control, access decisions are based on the roles that individual
users have as part of an organization. Users take on assigned roles (such as doctor,
nurse, teller, manager). The process of defining roles should be based on a thorough
analysis of how an organization operates and should include input from a wide spectrum
of users in an organization.
QUESTION 402:
Under Role based access control, access rights are grouped by:
A. Policy name
B. Rules
C. Role name
D. Sensitivity label
Answer: C
Explanation:
With role-based access control, access rights are grouped by role name, and the use of
resources is restricted to individuals authorized to assume the associated role. For
example, within a hospital system the role of doctor can include operations to perform
diagnosis, prescribe medication, and order laboratory tests; and the role of researcher
can be limited to gathering anonymous clinical information for studies.
QUESTION 403:
Which of the following will you consider as a “role” under a role based access control
system?
A. Bank rules
B. Bank computer
C. Bank teller
D. Bank network
Answer: C
Explanation:
With role-based access control, access rights are grouped by role name, and the use of
resources is restricted to individuals authorized to assume the associated role. For
example, within a hospital system the role of doctor can include operations to perform
diagnosis, prescribe medication, and order laboratory tests; and the role of researcher
can be limited to gathering anonymous clinical information for studies.
QUESTION 404:
Role based access control is attracting increasing attention particularly for what
applications?
A. Scientific
B. Commercial
C. Security
D. Technical
Answer: B
Explanation:
Role based access control (RBAC) is a technology that is attracting increasing
attention, particularly for commercial applications, because of its potential for
reducing the complexity and cost of security administration in large networked
applications.
QUESTION 405:
What is one advantage of deploying Role based access control in large networked
applications?
A. Higher security
B. Higher bandwidth
C. User friendliness
D. Lower cost
Answer: D
Explanation:
Role based access control (RBAC) is an alternative to traditional discretionary (DAC)
and mandatory access control (MAC) policies. The principle motivation behind RBAC is
the desire to specify and enforce enterprise-specific security policies in a way that
maps naturally to an organization’s structure. Traditionally, managing security has
required mapping an organization’s security policy to a relatively low-level set of
controls, typically access control lists.
QUESTION 406:
DAC and MAC policies can be effectively replaced by:
A. Rule based access control.
B. Role based access control.
C. Server based access control.
D. Token based access control
Answer: B
Explanation:
Role based access control (RBAC) is an alternative to traditional discretionary (DAC)
and mandatory access control (MAC) policies. The principle motivation behind RBAC is
the desire to specify and enforce enterprise-specific security policies in a way that
maps naturally to an organization’s structure. Traditionally, managing security has
required mapping an organization’s security policy to a relatively low-level set of
controls, typically access control lists.
QUESTION 407:
Which of the following correctly describe Role based access control?
A. It allows you to specify and enforce enterprise-specific security policies in a way that maps to
your user profile groups.
B. It allows you to specify and enforce enterprise-specific security policies in a way that maps to
your organizations structure.
C. It allows you to specify and enforce enterprise-specific security policies in a way that maps to
your ticketing system.
D. It allows you to specify and enforce enterprise-specific security policies in a way that maps to
your ACL.
Answer: B
Explanation:
Role based access control (RBAC) is an alternative to traditional discretionary (DAC)
and mandatory access control (MAC) policies. The principle motivation behind RBAC is
the desire to specify and enforce enterprise-specific security policies in a way that
maps naturally to an organization’s structure. Traditionally, managing security has
required mapping an organization’s security policy to a relatively low-level set of
controls, typically access control lists.
QUESTION 408:
Which of the following RFC talks about Rule Based Security Policy?
A. 1316
B. 1989
C. 2717
D. 2828
Answer: D
Explanation:
The RFC 2828 – Internet Security Glossary talks about Rule Based Security Policy: A
security policy based on global rules imposed for all users. These rules usually rely
on comparison of the sensitivity of the resource being accessed and the possession of
corresponding attributes of users, a group of users, or entities acting on behalf of
users.
QUESTION 409:
With Rule Based Security Policy, a security policy is based on:
A. Global rules imposed for all users.
B. Local rules imposed for some users.
C. Global rules imposed for no body.
D. Global rules imposed for only the local users.
Answer: A
Explanation:
The RFC 2828 – Internet Security Glossary talks about Rule Based Security Policy: A
security policy based on global rules imposed for all users. These rules usually rely
on comparison of the sensitivity of the resource being accessed and the possession of
corresponding attributes of users, a group of users, or entities acting on behalf of
users.
QUESTION 410:
With Rule Based Security Policy, global rules usually rely on comparison of the _______ of
the resource being accessed.
A. A group of users.
B. Users
C. Sensitivity
D. Entities
Answer: C
Explanation:
The RFC 2828 – Internet Security Glossary talks about Rule Based Security Policy: A
security policy based on global rules imposed for all users. These rules usually rely
on comparison of the sensitivity of the resource being accessed and the possession of
corresponding attributes of users, a group of users, or entities acting on behalf of
users.
QUESTION 411:
Which of the following is a facial feature identification product that can employ artificial
intelligence and can require the system to learn from experience?
A. All of the choices.
B. Digital nervous system.
C. Neural networking
D. DSV
Answer: C
Explanation:
There are facial feature identification products that are on the market that use other
technologies or methods to capture one’s face. One type of method used is neural
networking technology. This type of technology can employ artificial intelligence that
requires the system to “learn” from experience. This “learning” experience helps the
system to close in on an identification of an individual. Most facial feature
identification systems today only allow for two-dimensional frontal images of one’s
face.
Not DSV:
Signature biometrics are often referred to dynamic signature verification (DSV) and look at the
way we sign our names. [15] The dynamic nature differentiates it from the study of static
signatures on paper. Within DSV a number of characteristics can be extracted from the physical
signing process. Examples of these behavioral characteristics are the angle of the pen is held, the
time taken to sign, velocity and acceleration of the tip of the pen, number of times the pen is
lifted from the paper. Despite the fact that the way we sign is mostly learnt during the years it is
very hard to forge and replicate.
QUESTION 412:
Which option is NOT a benefit derived from the use of neural networks?
A. Linearity
B. Input-Output Mapping
C. Adaptivity
D. Fault Tolerance
Answer: D
Linearity: “If the sum of the weighted inputs then exceeds the threshold, the neuron will “fire”
and there will be an output from that neuron. An alternative approach would be to have the
output of the neuron be a linear function of the sum of the artificial neuron inputs.”
Input-Output Mapping: “For example, if a specific output vector was required for a specific input
where the relationship between input and output was non-linear, the neural network would be
trained by applying a set of input vector.”
Adaptivity: “The neural network would have then be said to have learned to provide the correct
response for each input vector.”
Pg. 261 Krutz: The CISSP Prep Guide
QUESTION 413:
Which of the following is a characteristic of a decision support system (DSS)?
A. DSS is aimed at solving highly structured problems
B. DSS emphasizes flexibility in the decision making approach of users
C. DSS supports only structured decision-making tasks
D. DSS combines the use of models with non-traditional data access and retrieval functions
Answer: B
QUESTION 414:
Which of the following is a communication mechanism that enables direct conversation
between two applications?
A. DDE
B. OLE
C. ODBC
D. DCOM

Answer: A
“Dynamic Data Exchange (DDE) enables applications to share data by providing IPC. It is based
on the client/server model and enables two programs to send commands to each other directly.
DDE is a communication mechanism that enables direct conversation between two applications.
The source of the data is called the server, and the receiver of the data is the client.” Pg. 718
Shon Harris: All-In-One CISSP Certification Exam Guide
QUESTION 415:
Which expert system operating mode allows determining if a given hypothesis is valid?
A. Vertical chaining
B. Lateral chaining
C. Forward chaining
D. Backward chaining
Answer: D
“The expert system operates in either a forward-chaining or backward-chaining mode. In a
forward-chaining mode, the expert system acquires information and comes to a conclusion based
on that information. Forward-chaining is the reasoning approach that can be used when there is a
small number of solutions relative to the number of inputs. In a backward-chaining mode, the
expert system backtracks to determine if a given hypothesis is valid. Backward-chaining is
generally used when there are a large number of possible solutions relative to the number of
inputs. Another type of expert system is the blackboard. A blackboard is an expert
system-reasoning methodology in which a solution is generated by the use of a virtual
“blackboard,” wherein information or portential solutions are placed on the blackboard by the
plurality of individuals or expert knowledge sources. As more information is placed on the
blackboard in an iterative process, a solution is generated.” Pg 354 Krutz: The CISSP Prep
Guide: Gold Edition
QUESTION 416:
Which one of the following is a security issue related to aggregation in a database?
A. Polyinstantiation
B. Inference
C. Partitioning
D. Data swapping
Answer: B
Inference is the ability of users to infer or deduce information about data at sensitivity levels for
which they do not have access privileges. -Ronald Krutz The CISSP PREP Guide (gold edition)
pg 358
The other security issue is inference, which is very similar to aggregation. – Shon Harris
All-in-one CISSP Certification Guide pg 727
Partitioning a database involves dividing the database into different parts, which makes it much
harder for an unauthorized individual to find connecting pieces of data that can be brought
together and other information that can be deduced or uncovered. – Shon Harris All-in-one
CISSP Certification Guide pg 726
Polyinstantiation- This enables a relation to contain multiple tuples with the same primary keys
with each instance distinguished by a security level. – Shon Harris All-in-one CISSP
Certification Guide pg 727
QUESTION 417:
How is polyinstantiation used to secure a multilevel database?
A. It prevents low-level database users from inferring the existence of higher level data.
B. It confirms that all constrained data items within the system conform to integrity
specifications.
C. It ensures that all mechanism in a system are responsible for enforcing the database security
policy.
D. Two operations at the same layer will conflict if they operate on the same data item and at
least one of them is an update.
Answer: A
“Polyinstantiation is the development of a detailed version of an object from another object using
different values in the new object. In the database information security, this term is concerned
with the same primary key for different relations at different classification levels being stored in
the same database. For example, in a relational database, the same of a military unit may be
classified Secret in the database and may have an identification number as the primary key. If
another user at a lower classification level attempts to create a confidential entry for another
military unit using the same identification number as a primary key, a rejection of this attempt
would imply to the lower level user that the same identification number existed at a higher level
of classification. To avoid this inference channel of information, the lower level user would be
issued the same identification number for their unit and the database management system would
manage this situation where the same primary key was used for different units.” Pg 352-353
Krutz: The CISSP Prep Guide: Gold Edition.
“Polyinstantiation occurs when to or more rows in the same table appear to have identical
primary key elements but contain different data for use at differing classification levels.
Polyinstantiation is often used as a defense against some types of inference attacks.
For example, consider a database table containing the location of various naval ships on patrol.
Normally, this database contains the exact position of each ship stored at the level with secret
classification. However, on particular ship, the USS UpToNoGood, is on an undercover mission
to a top-secret location. Military commanders do not want anyone to know that the ship deviated
from its normal patrol. If the database administrators simply change the classification of the
UpToNoGood’s location to top secret, a user with secret clearance would know that something
unusual was going on when they couldn’t query the location of the ship. However, if
polyinstantiation is used, two records could be inserted into the table. The first one, classified at
the top secret level, would reflect the true location of the ship and be available only to users with
the appropriate top secret security clearance. The second record, classified at the secret level,
would indicate that the ship was on routine patrol and would be returned to users with a secret
clearance.”
Pg. 191 Tittel: CISSP Study Guide Second Edition
QUESTION 418:
Which of the following defines the software that maintains and provides access to the
database?
A. database management system (DBMS)
B. relational database management systems (RDBMS)
C. database identification system (DBIS)
D. Interface Definition Language system (IDLS)
Answer: A
QUESTION 419:
Which of the following is not a responsibility of a database administrator?
A. Maintaining databases
B. Implementing access rules to databases
C. Reorganizing databases
D. Providing access authorization to databases
Answer: D
QUESTION 420:
SQL commands do not include which of the following?
A. Select, Update
B. Grant, Revoke
C. Delete, Insert
D. Add, Replace
Answer: D
“SQL commands include Select, Update, Delete, Insert, Grant, and Revoke.” Pg 62 Krutz:
CISSP Prep Guide: Gold Edition
QUESTION 421:
A persistent collection of interrelated data items can be defined as which of the following?
A. database
B. database management system
C. database security
D. database shadowing
Answer: A
QUESTION 422:
Which one of the following is commonly used for retrofitting multilevel security to a Database Management
System?
A. Trusted kernel
B. Kernel controller
C. Front end controller
D. Trusted front-end
Answer: D
QUESTION 423:
Which of the following is the marriage of object-oriented and relational technologies
combining the attributes of both?
A. object-relational database
B. object-oriented database
C. object-linking database
D. object-management database
Answer: A
QUESTION 424:
A department manager has read access to the salaries of the employees in his/her
department but not to the salaries of employees in other departments. A database security
mechanism that enforces this policy would typically be said to provide which of the
following?
A. content-dependent access control
B. context-dependent access control
C. least privileges access control
D. ownership-based access control
Answer: A
“Database security takes a different approach than operating system security. In an operating
system, the identity and authentication of the subject controls access. This is done through access
control lists (ACLs), capability tables, roles, and security labels. The operating system only
makes decisions about where a subject can access a file; it does not make this decisions based on
the contents of the file itself. If Mitch can access file A, it does not matter if that file contains
information about a cookie recipe or secret information from the Cold War. On the other hand,
database security does look at the contents of a file when it makes an access control decision,
which is referred to as content-dependent access control. This type of access control increases
processing overhead, but it provides higher granular control.” Pg. 677 Shon Harris: CISSP
Certification All-in-One Exam Guide
QUESTION 425:
Which of the following is an important part of database design that ensures that attributes
in a table depend only on the primary key?
A. Normalization
B. Assimilation
C. Reduction
D. Compaction
Answer: A
QUESTION 426:
Which of the following does not address Database Management Systems (DBMS) Security?
A. Perturbation
B. Cell suppression
C. Padded Cells
D. Partitioning
Answer: C
QUESTION 427:
Which of the following is commonly used for retrofitting multilevel security to a database
management system?
A. trusted front-end
B. trusted back-end
C. controller
D. kernel
Answer: A
QUESTION 428:
Normalizing data within a database includes all of the following except which?
A. Eliminating repeating groups by putting them into separate tables
B. Eliminating redundant data
C. Eliminating attributes in a table that are not dependent on the primary key of that table
D. Eliminating duplicate key fields by putting them into separate tables
Answer: D
“Data Normalization
Normalization is an important part of database design that ensures that attributes in a table
depend only on the primary key. This process makes it easier to maintain data and have
consistent reports.
Normalizing data in the database consists of three steps:
1.) Eliminating any repeating groups by putting them into separate tables
2.) Eliminating redundant data (occurring in more than one table)
3.) Eliminating attributes in a table that are not dependent on the primary key of that table”
Pg. 62 Krutz: The CISSP Prep Guide: Gold Edition
QUESTION 429:
SQL commands do not include which of the following?
A. Select, Update
B. Grant, Revoke
C. Delete, Insert
D. Add, Replace
Answer: D
“SQL commands include Select, Update, Delete, Grant, and Revoke.” Pg. 62 Krutz: The CISSP
Prep Guide: Gold Edition
“Developed by IBM, SQL is a standard data manipulation and relational database definition
language. The SQL Data Definition Language creates and deletes views and relations (tables).
SQL commands include Select, Update, Delete, Insert, Grant, and Revoke. The latter two
commands are used in access control to grant and revoke privileges to resources. Usually, the
owner of an object can withhold or transfer GRANT privileges to an object to another subject. If
the owner intentionally does not transfer the GRANT privileges, however, which are relative to
an object to the individual A, A cannot pass on the GRANT privileges to another subject. In
some instances, however, this security control can be circumvented. For example, if A copies the
object, A essentially becomes the owner of that object and thus can transfer the GRANT
privileges to another user, such as user B.
SQL security issues include the granularity of authorization and the number of different ways
you can execute the same query.
Pg. 63 Krutz: The CISSP Prep Guide: Gold Edition.
QUESTION 430:
SQL security issues include which of the following?
A. The granularity of authorizations
B. The size of databases
C. The complexity of key structures
D. The number of candidate key elements
Answer: A
Developed by IBM, SQL is a standard data manipulation and relational database definition
language. The SQL Data Definition Language creates and deletes views and relations (tables).
SQL commands include Select, Update, Delete, Insert, Grant, and Revoke. The latter two
commands are used in access control to grant and revoke privileges to resources. Usually, the
owner of an object can withhold or transfer GRANT privileges to an object to another subject. If
the owner intentionally does not transfer the GRANT privileges, however, which are relative to
an object to the individual A, A cannot pass on the GRANT privileges to another subject. In
some instances, however, this security control can be circumvented. For example, if A copies the
object, A essentially becomes the owner of that object and thus can transfer the GRANT
privileges to another user, such as user B.
SQL security issues include the granularity of authorization and the number of different ways
you can execute the same query.
Pg. 63 Krutz: The CISSP Prep Guide: Gold Edition.
QUESTION 431:
Which of the following are placeholders for literal values in a Structured Query Language
(SQL) query being sent to the database on a server?
A. Bind variables
B. Assimilation variables
C. Reduction variables
D. Resolution variables
Answer: A
QUESTION 432:
What ensures that attributes in a table depend only on the primary key?
A. Referential integrity
B. The database management system (DBMS)
C. Data Normalization
D. Entity integrity
Answer: C
QUESTION 433:
Which of the following represent the rows of the table in a relational database?
A. attributes
B. records or tuples
C. record retention
D. relation
Answer: B
QUESTION 434:
With regard to databases, which of the following has characteristics of ease of reusing code
and analysis and reduced maintenance?
A. Object-Oriented Data Bases (OODB)
B. Object-Relational Data Bases (ORDB)
C. Relational Data Bases
D. Data Base management systems (DBMS)
Answer: A
QUESTION 435:
Complex applications involving multimedia, computer aided design, video, graphics, and
expert systems are more suited to which of the following?
A. Object-Oriented Data Bases (OODB)
B. Object-Relational Data Bases
C. Relational Data Bases
D. Data base management systems (DBMS)
Answer: A
QUESTION 436:
Which of the following refers to the number of columns in a table?
A. Schema
B. Relation
C. Degree
D. Cardinality
Answer: C
QUESTION 437:
Which of the following refers to the number of rows in a relation?
A. cardinality
B. degree
C. depth
D. breadth
Answer: A
QUESTION 438:
Which of the following refers to the number of columns in a relation?
A. degree
B. cardinality
C. depth
D. breadth
Answer: A
QUESTION 439:
What is one disadvantage of content-dependent protection of information?
A. It increases processing overhead
B. It requires additional password entry
C. It exposes the system to data locking
D. It limits the user’s individual address space
Answer: A
Content-Dependent Access Control
“Just like the name sounds, access to objects is determined by the content within the object. This
is used many times in databases and the type of Web-based material a firewall allows…If a table
within the database contains information about employees’ salaries, the managers were not
allowed to view it, but they could view information about an employee’s work history. The
content of the database fields dictates which user can see specific information within the
database tables.” pg 161 Shon Harris: All-In-One CISSP Certification. Decisions will have to be
made about the content, therefore increasing processing overhead.
QUESTION 440:
Which one of the following control steps is usually NOT performed in data warehousing
applications?
A. Monitor summary tables for regular use.
B. Control meta data from being used interactively.
C. Monitor the data purging plan.
D. Reconcile data moved between the operations environment and data warehouse.
Answer: A
Not B: It is important to control meta data from being used interactively by unauthorized users.
“Data warehouses and data mining are significant to security professionals for two reasons. First,
as previously mentioned, data warehouses contain large amounts of potentially sensitive
information vulnerable to aggregation and inference attacks, and security practitioners must
ensure that adequate access controls and other security measures are in place to safeguard this
data.” Pg 192 Tittel: CISSP Study Guide
Not C: “The data in the data warehouse must be maintained to ensure that it is timely and valid.
The term data scrubbing refers to maintenance of the data warehouse by deleting information
that is unreliable or no longer relevant.” Pg 358-359 Krutz: The CISSP Prep Guide: Gold Edition
Not D: “To create a data warehouse, data is taken from an operational database, redundancies are
removed, and the data is “cleaned up” in general.” Pg 358 Krutz: The CISSP Prep Guide: Gold
Edition
QUESTION 441:
A storage information architecture does not address which of the following?
A. archiving of data
B. collection of data
C. management of data
D. use of data
Answer: A
QUESTION 442:
Which of the following can be defined as the set of allowable values that an attribute can
take?
A. domain of a relation
B. domain name service of a relation
C. domain analysis of a relation
D. domains, in database of a relation
Answer: A
QUESTION 443:
Programmed procedures which ensure that valid transactions are processed accurately and only once in the
current timescale are referred to as
A. Data installation controls
B. Application controls
C. Operation controls
D. Physical controls
Answer: B
QUESTION 444:
What is the most effective means of determining how controls are functioning within an
operating system?
A. Interview with computer operator
B. Review of software control features and/or parameters
C. Review of operating system manual
D. Interview with product vendor
Answer: B
QUESTION 445:
What is the most effective means of determining how controls are functioning within an
operating system?
A. Interview with computer operator
B. Review of software control features and/or parameters
C. Review of operating system manual
D. Interview with product vendor
Answer: B
QUESTION 446:
Program change controls must ensure that all changes are
A. Audited to verify intent.
B. Tested to ensure correctness.
C. Implemented into production systems.
D. Within established performance criteria.
Answer: B
Document of the change. Once the change is approved, it should be entered into a change log
and the log should be updated as the process continues toward completion.
Tested and presented. The change must be fully tested to uncover any unforeseen results.
Depending on the severity of the change and the company’s organization, the change and
implementation may need to be presented to a change control committee. This helps show
different sides to the purpose and outcome of the change and the possible ramifications. – Shon
Harris All-in-one CISSP Certification Guide pg 815
QUESTION 447:
Which question is NOT true concerning Application Control?
A. It limits end users use of applications in such a way that only particular screens are visible
B. Only specific records can be requested choice
C. Particular uses of application can be recorded for audit purposes
D. Is non-transparent to the endpoint applications so changes are needed to the applications
involved
Answer: D
QUESTION 448:
A computer program used to process the weekly payroll contains an instruction that the
amount of the gross pay cannot exceed $2,500 for any one employee. This instruction is an
example of a control that is referred to as a:
A. sequence check
B. check digit
C. limit check
D. record check
Answer: C
QUESTION 449:
What are edit controls?
A. Preventive controls
B. Detective controls
C. Corrective controls
D. Compensating controls
Answer: A
Explanation:
“Challenge Handshake Authentication Protocol (CHAP) One of the authentication protocols
used over PPP links. CHAP encrypts usernames and passwords.” Pg. 682 Glossary: Tittel:
CISSP Study Guide
QUESTION 450:
Which one of the following properties of a transaction processing system ensures that once a transaction
completes successfully (commits), the update service even if there is a system failure?
A. Atomicity
B. Consistency
C. Isolation
D. Durability
Answer: A
Atomicity is correct. Consistency is not a viable answer.
Atomicity states that database modifications must follow an “all or nothing” rule. Each
transaction is said to be “atomic.” If one part of the transaction fails, the entire transaction fails.
It is critical that the database management system maintain the atomic nature of transactions in
spite of any DBMS, operating system or hardware failure.
Consistency states that only valid data will be written to the database. If, for some reason, a
transaction is executed that violates the database’s consistency rules, the entire transaction will
be rolled back and the database will be restored to a state consistent with those rules. On the
other hand, if a transaction successfully executes, it will take the database from one state that is
consistent with the rules to another state that is also consistent with the rules.
Isolation requires that multiple transactions occurring at the same time not impact each other’s
execution. For example, if Joe issues a transaction against a database at the same time that Mary
issues a different transaction, both transactions should operate on the database in an isolated
manner. The database should either perform Joe’s entire transaction before executing Mary’s or
vice-versa. This prevents Joe’s transaction from reading intermediate data produced as a side
effect of part of Mary’s transaction that will not eventually be committed to the database. Note
that the isolation property does not ensure which transaction will execute first, merely that they
will not interfere with each other.
Durability ensures that any transaction committed to the database will not be lost. Durability is
ensured through the use of database backups and transaction logs that facilitate the restoration of
committed transactions in spite of any subsequent software or hardware failures.
QUESTION 451:
To ensure integrity, a payroll application program may record transactions in the appropriate
accounting period by using
A. Application checkpoints
B. Time and date stamps
C. Accrual journal entries
D. End of period journals
Answer: B
QUESTION 452:
What ensures that the control mechanisms correctly implement the security policy for the
entire life cycle of an information system?
A. Accountability controls
B. Mandatory access controls
C. Assurance procedures
D. Administrative controls
Answer: C
Assurance procedures ensure that the control mechanisms correctly implement the security
policy for the entire life cycle of an information system.
Pg 33 Krutz: The CISSP Prep Guide.
QUESTION 453:
Development staff should:
A. Implement systems
B. Support production data
C. Perform unit testing
D. Perform acceptance testing
Answer: C
QUESTION 454:
Which of the following is not used as a cost estimating technique during the project
planning stage?
A. Delphi technique
B. Expert Judgment
C. Program Evaluation Review Technique (PERT) charts
D. Function points (FP)
Answer: C
Explanation:
“Methods and techniques for cost estimation:
Experts’ evaluation
Delphi
Bottom-up approaches
Empirical models
COCOMO
Function Points
Combining Methods”
QUESTION 455:
Which of the following methodologies is appropriate for planning and controlling activities
and resources in a system project?
A. Gantt charts
B. Program evaluation review technique (PERT)
C. Critical path methodology (CPM)
D. Function point analysis (FP)
Answer: A
A Gantt chart is a popular type of bar chart showing the interrelationships of how projects,
schedules, and other time-related systems progress over time.
Not B:
Program Evaluation and Review Technique – (PERT) A method used to size a software product
and calculate the Standard Deviation (SD) for risk assessment. The PERT equation (beta
distribution) estimates the Equivalent Delivered Source Instructions (EDSIs) and the SD based
on the analyst’s estimates of the lowest possible size, the most likely size, and the highest
possible size of each computer program component (CPC).
http://computing-dictionary.thefreedictionary.com/
QUESTION 456:
Which of the following is an advantage of using a high-level programming language?
A. It decreases the total amount of code writters
B. It allows programmers to define syntax
C. It requires programmer-controlled storage management
D. It enforces coding standards
Answer: A
QUESTION 457:
The design phase in a system development life cycle includes all of the following EXCEPT
A. Determining sufficient security controls.
B. Conducting a detailed design review.
C. Developing an operations and maintenance manual.
D. Developing a validation, verification, and testing plan.
Answer: C
Systems Development Life Cycle
Conceptual Defintion
Functional Requirements Determination
Protection Specifications Development
Design Review
Code Review Walk-Through
System Test Review
Certification and Accreditation
Maintenance
Pg 224-228 Tittel: CISSP Study Guide.
QUESTION 458:
By far, the largest security exposure in application system development relates to
A. Maintenance and debugging hooks.
B. Deliberate compromise.
C. Change control.
D. Errors and lock of training
Answer: A
Maintenance hook – instructions within a program’s code that enable the developer or maintainer
to enter the program without having to go through the usual access control and authentication
processes. They should be removed from the code before being released for production;
otherwise, they can cause serious security risks. They are also referred to as trapdoors. – Shon
Harris All-in-one CISSP Certification Guide pg 933
QUESTION 459:
Which of the following is a 5th Generation Language?
A. LISP
B. BASIC
C. NATURAL
D. Assembly Language
Answer: A
QUESTION 460:
When considering the IT Development Life-Cycle, security should be:
A. Mostly considered during the initiation phase.
B. Mostly considered during the development phase.
C. Treated as an integral part of the overall system design.
D. Add once the design is completed.
Answer: C
QUESTION 461:
Which of the following represents the best programming?
A. Low cohesion, low coupling
B. Low cohesion, high coupling
C. High cohesion, low coupling
D. High cohesion, high coupling
Answer: C
QUESTION 462:
The INITIAL phase of the system development life cycle would normally include
A. Cost-benefit analysis
B. System design review
C. Executive project approval
D. Project status summary
Answer: C
Project management is an important part of product development and security management is an
important part of project management. – Shon Harris All-in-one CISSP Certification Guide pg
732
QUESTION 463:
Which of the following computer design approaches is based on the fact that in earlier
technologies, the instruction fetch was the longest part of the cycle?
A. Pipelining
B. Reduced Instruction Set Computers (RISC)
C. Complex Instruction Set Computers (CISC)
D. Scolar processors
Answer: C
Reference: pg 255 Krutz: CISSP Prep Guide: Gold Edition
QUESTION 464:
Which one of the following tests determines whether the content of data within an application program falls
within predetermined limits?
A. Parity check
B. Reasonableness check
C. Mathematical accuracy check
D. Check digit verification
Answer: B
Reasonableness check: A test to determine whether a value conforms to specified criteria. Note:
A reasonableness check can be used to eliminate questionable data points from subsequent
processing.
QUESTION 465:
Buffer overflow and boundary condition errors are subsets of:
A. Race condition errors
B. Access validation errors
C. Exceptional condition handling errors
D. Input validation errors
Answer: D
QUESTION 466:
Which of the following statements pertaining to software testing approaches is correct?
A. A bottom-up approach allows interface errors to be detected earlier
B. A top-down approach allows errors in critical modules to be detected earlier
C. The test plan and results should be retained as part of the system’s permanent documentation
D. Black box testing is predicated on a close examination of procedural detail
Answer: C
QUESTION 467:
Which of the following phases of a system development life-cycle is most concerned with
authenticating users and processes to ensure appropriate access control decisions?
A. Development/acquisition
B. Implementation
C. Operation/Maintenance
D. Initiation
Answer: C
QUESTION 468:
Which of the following would be the most serious risk where a systems development life
cycle methodology is inadequate?
A. The project will be completed late
B. The project will exceed the cost estimates
C. The project will be incompatible with existing systems
D. The project will fail to meet business and user needs
Answer: D
QUESTION 469:
Which of the following would best describe the difference between white-box testing and
black-box testing?
A. White-box testing is performed by an independent programmer team
B. Black-box testing uses the bottom-up approach
C. White-box testing examines the program internal logical structure
D. Black-box testing involves the business units
Answer: C
QUESTION 470:
Which of the following refers to the work product satisfying the real-world requirements
and concepts?
A. validation
B. verification
C. concurrence
D. accuracy
Answer: A
Reference: pg 820 Hansche: Official (ISC)2 Guide to the CISSP Exam
QUESTION 471:
Which model, based on the premise that the quality of a software product is a direct
function of the quality of it’s associated software development and maintenance processes,
introduced five levels with which the maturity of an organization involved in the software
process is evaluated?
A. The total Quality Model (TQM)
B. The IDEAL Model
C. The Software Capability Maturity Model
D. The Spiral Model
Answer: C
QUESTION 472:
Which of the following would provide the best stress testing environment?
A. Test environment using test data
B. Test environment using live workloads
C. Production environment using test data
D. Production environment using live workloads
Answer: B
QUESTION 473:
In a change control environment, which one of the following REDUCES the assurance of proper changes to
source programs in production status?
A. Authorization of the change.
B. Testing of the change.
C. Programmer access.
D. Documentation of the change.
Answer: C
I think I am going to disagree with the original answer (B testing of the change) here. The
question has REDUCES the assurance.
“Personnel separate from the programmers should conduct this testing.” -Ronald Krutz The
CISSP PREP Guide (gold edition) pg 345
QUESTION 474:
Why should batch files and scripts be stored in a protected area?
A. Because of the least privilege concept
B. Because they cannot be accessed by operators
C. Because they may contain credentials
D. Because of the need-to-know concept
Answer: C
QUESTION 475:
The PRIMARY purpose of operations security is
A. Protect the system hardware from environment damage.
B. Monitor the actions of vendor service personnel.
C. Safeguard information assets that are resident in the system.
D. Establish thresholds for violation detection and logging.
Answer: C
I think A or C could be the answers. I am leaning towards the C answer but use your best judgment.
“Operations Security can be described as the controls over the hardware in a computing facility, the data media
used
in a facility, and the operators using these resources in a facility…A Cissp candidate will be expected to know
the
resources that must be protected, the privileges that must be restricted, the control mechanisms that are
available,
the potential for access abuse, the appropriate controls, and the principles of good practice.” -Ronald Krutz The
CISSP PREP Guide (gold edition) pg 297
QUESTION 476:
Which of the following is not a component of a Operations Security “triples”?
A. Asset
B. Threat
C. Vulnerability
D. Risk
Answer: D
Reference: pg 298 Krutz: CISSP Study Guide: Gold Edition
QUESTION 477:
A periodic review of user account management should not determine:
A. Conformity with the concept of least privilege
B. Whether active accounts are still being used
C. Strength of user-chosen passwords
D. Whether management authorizations are up-to-date
Answer: C
QUESTION 478:
Which of the following functions is less likely to be performed by a typical security
administrator?
A. Setting user clearances and initial passwords
B. Adding and removing system users
C. Setting or changing file sensitivity labels
D. Reviewing audit data
Answer: B
QUESTION 479:
Who is responsible for setting user clearances to computer-based information?
A. Security administrators
B. Operators
C. Data owners
D. Data custodians
Answer: A
QUESTION 480:
Who is the individual permitted to add users or install trusted programs?
A. Database Administrator
B. Computer Manager
C. Security Administrator
D. Operations Manager
Answer: D
Typical system administrator or enhanced operator functions can include the following
Installing system software
Starting up (booting) and shutting down a system
Adding and removing system users
Performing back-ups and recovery
Handling printers and managing print queues -Ronald Krutz The CISSP PREP Guide (gold
edition) pg 305-304
QUESTION 481:
In Unix, which file is required for you to set up an environment such that every used on the
other host is a trusted user that can log into this host without authentication?
A. /etc/shadow
B. /etc/host.equiv
C. /etc/passwd
D. None of the choices.
Answer: B
Explanation:
The /etc/hosts.equiv file is saying that every user on the other host is a trusted user
and allowed to log into this host without authentication (i.e. NO PASSWORD). The only
thing that must exist for a user to log in to this system is an /etc/passwd entry by
the same login name the user is currently using. In other words, if there is a user
trying to log into this system whose login name is “bhope”, then there must be a
“bhope” listed in the /etc/passwd file.
QUESTION 482:
For what reason would a network administrator leverage promiscuous mode?
A. To screen out all network errors that affect network statistical information.
B. To monitor the network to gain a complete statistical picture of activity.
C. To monitor only unauthorized activity and use.
D. To capture only unauthorized internal/external use.
Answer: B
QUESTION 483:
Which of the following questions is less likely to help in assessing controls over hardware
and software maintenance?
A. In access to all program libraries restricted and controlled?
B. Are integrity verification programs used by applications to look for evidences of data
tampering, errors, and omissions?
C. Is there version control?
D. Are system components tested, documented, and approved prior to promotion to production?
Answer: B
QUESTION 484:
Which of the following correctly describe “good” security practice?
A. Accounts should be monitored regularly.
B. You should have a procedure in place to verify password strength.
C. You should ensure that there are no accounts without passwords.
D. All of the choices.
Answer: D
Explanation:
In many organizations accounts are created and then nobody ever touches those accounts
again. This is a very poor security practice. Accounts should be monitored regularly,
you should look at unused accounts and you should have a procedure in place to ensure
that departing employees have their rights revoke prior to leaving the company. You
should also have a procedure in place to verify password strength or to ensure that
there are no accounts without passwords.
QUESTION 485:
Access to the _________ account on a Unix server must be limited to only the system
administrators that must absolutely have this level of access.
A. Superuser of inetd.
B. Manager or root.
C. Fsf or root
D. Superuser or root.
Answer: D
Explanation:
Access to the superuser or root account on a server must be limited to only the system
administrators that must absolutely have this level of access. Use of programs such as
SUDO is recommended to give limited and controlled root access to administrators that
have a need for such access.
QUESTION 486:
Which of the following files should the security administrator be restricted to READ only
access?
A. Security parameters
B. User passwords
C. User profiles
D. System log
Answer: D
QUESTION 487:
Root login should only be allowed via:
A. Rsh
B. System console
C. Remote program
D. VNC
Answer: B
Explanation:
The root account must be the only account with a user ID of 0 (zero) that has open
access to the UNIX shell. It must not be possible for root to sign on directly except
at the system console. All other access to the root account must be via the ‘su’
command.
QUESTION 488:
What does “System Integrity” mean?
A. The software of the system has been implemented as designed.
B. Users can’t tamper with processes they do not own
C. Hardware and firmware have undergone periodic testing to verify that they are functioning
properly
D. Design specifications have been verified against the formal top-level specification
Answer: C
QUESTION 489:
Operations Security seeks to primarily protect against which of the following?
A. object reuse
B. facility disaster
C. compromising emanations
D. asset threats
Answer: D
QUESTION 490:
In order to avoid mishandling of media or information, you should consider using:
A. Labeling
B. Token
C. Ticket
D. SLL
Answer: A
Explanation:
In order to avoid mishandling of media or information, proper labeling must be used.
All tape, floppy disks, and other computer storage media containing sensitive
information must be externally marked with the appropriate sensitivity classification.
All tape, floppy disks, and other computer storage media containing unrestricted
information must be externally marked as such.
All printed copies, printouts, etc., from a computer system must be clearly labeled
with the proper classification.
QUESTION 491:
In order to avoid mishandling of media or information, which of the following should be
labeled?
A. All of the choices.
B. Printed copies
C. Tape
D. Floppy disks
Answer: A
Explanation:
In order to avoid mishandling of media or information, proper labeling must be used.
All tape, floppy disks, and other computer storage media containing sensitive
information must be externally marked with the appropriate sensitivity classification.
All tape, floppy disks, and other computer storage media containing unrestricted
information must be externally marked as such.
All printed copies, printouts, etc., from a computer system must be clearly labeled
with the proper classification.
As a rule of thumb, you should have an indication of the classification of the
document. The classification is based on the sensitivity of information. It is usually
marked at the minimum on the front and back cover, title, and first pages.
QUESTION 492:
Compact Disc (CD) optical media types is used more often for:
A. very small data sets
B. very small files data sets
C. larger data sets
D. very aggregated data sets
Answer: A
QUESTION 493:
At which temperature does damage start occurring to magnetic media?
A. 100 degrees
B. 125 degrees
C. 150 degrees
D. 175 degrees
Answer: A
QUESTION 494:
Which of the following statements pertaining to air conditioning for an information
processing facility is correct?
A. The AC units must be controllable from outside the area
B. The AC units must keep negative pressure in the room so that smoke and other gases are
forced out of the room
C. The AC units must be n the same power source as the equipment in the room to allow for
easier shutdown
D. The AC units must be dedicated to the information processing facilities
Answer: D
QUESTION 495:
Removing unnecessary processes, segregating inter-process communications, and reducing executing
privileges to increase system security is commonly called
A. Hardening
B. Segmenting
C. Aggregating
D. Kerneling
Answer: A
What is hardening? Naturally, there is more than one definition, but in general, one tightens
control using policies which affect authorization, authentication and permissions. Nothing
happens by default. You only give out permission after thinking about it, something like “deny
all” to everyone, then “allow” with justification. Shut off everything, then only turn on that
which must be turned on. It is not unlike locking every single door, window and access point in
your house, then unlocking only those that need to be. It is quite common for users to take all the
defaults when their new system gets turned on making for instant vulnerability. A major problem
is trying to figure out where all those details are that need to be turned off, without making the
system unusable.
QUESTION 496:
RAID levels 3 and 5 run:
A. faster on hardware
B. slower on hardware
C. faster on software
D.)at the same speed on software and hardware
Answer: A
QUESTION 497:
Which of the following RAID levels functions as a single virtual disk?
A. RAID Level 7
B. RAID Level 5
C. RAID Level 10
D. RAID Level 2
Answer: A
QUESTION 498:
Which of the following takes the concept of RAID 1 (mirroring) and applies it to a pair of
servers?
A. A redundant server implementation
B. A redundant client implementation
C. A redundant guest implementation
D. A redundant host implementation
Answer: A
QUESTION 499:
Which of the following enables the drive array to continue to operate if any disk or any
path to any disk fails?
A. RAID Level 7
B. RAID Level 1
C. RAID Level 2
D. RAID Level 5
Answer: A
“RAID Level 7 is a variation of RAID 5 wherein the array functions as a single virtual disk in
the hardware. This is sometimes simulated by software running over a RAID level 5 hardware
implementation, which enables the drive array to continue to operate if any disk or any path to
any disk fails. It also provides parity protection.” Pg 91 Krutz: CISSP Prep Guide: Gold Edition.
QUESTION 500:
Depending upon the volume of data that needs to be copied, full backups to tape can take:
A. an incredible amount of time
B. a credible amount of time
C. an ideal amount of time
D. an exclusive amount of time
Answer: A

Leave a Reply

Your email address will not be published. Required fields are marked *