Type II errors occur when which of the following biometric system rates is high?
QUESTION NO: 135 The following is not true:
A. PPP B. RARP
5. Evaluate and manipulate flexible expressions based on communication and application derived state information
QUESTION NO: 164
Guards are appropriate whenever the function required by the security program involves which of the following?
A. The use of discriminating judgment.
B. The use of physical force.
C. The operation of access control devices.
D. The need to detect unauthorized access.
Answer: A
Explanation: This is the correct answer, we don’t have guards only to use physical force, that is not the real functionality of them if your security policy is well oriented. They are not only there to operate control devices and to detect unauthorized access, as stated in CISSP documentation, the appropriate function of a guard inside a security program is the use of discriminating judgment.
QUESTION NO: 165
A server cluster looks like a?
A. Single server from the user’s point of view.
B. Dual server from the user’s point of view.
C. Tripe server from the user’s point of view.
D. Quardle server from the user’s point of view.
Answer: A
Explanation: A “Cluster” is a grouping of machines running certain services providing high availability and fault tolerance fro them. In other words, they are grouped together as a means of fail over support. From the users view, a cluster is a single server, but its only a logical one, you can have an array of 4 server in cluster all with the same IP address (/achieving correct resolution through ARP), there is no difference for the client.
QUESTION NO: 166
Which of the following are functions that are compatible in a properly segregated environment?
A. Application programming and computer operation.
B. System programming and job control analysis.
C. Access authorization and database administration.
D. System development and systems maintenance.
Answer: D
Explanation: If you think about it, System development and system maintenance are perfectly compatible, you can develop in the systems for certain time, and when it time for a maintenance, you stop the
development process an make the maintenance. It’s a pretty straight forward process. The other answer do not provide the simplicity and freedom of this option.
QUESTION NO: 167
Encryption is applicable to all of the following OSI/ISO layers except:
A. Network layer B. Physical layer C. Session layer D. Data link layer
Answer: B
Explanation: The Physical Layer describes the physical properties of the various communications media, as well as the electrical properties and interpretation of the exchanged signals. Ex: this layer defines the size of Ethernet coaxial cable, the type of BNC connector used, and the termination method. You cannot encrypt nothing at this layer because its physical, it is not protocol / software based. Network, Data link and transport layer supports encryption.
QUESTION NO: 168
The Computer Security Policy Model the Orange Book is based on is which of the following?
A. Bell-LaPadula
B. Data Encryption Standard C. Kerberos
D. Tempest
Answer: A
Explanation: Following the publication of the Anderson report, considerable research was initiated into formal models of security policy requirements and of the mechanisms that would implement and enforce those policy models as a security kernel. Prominent among these efforts was the ESD-sponsored
development of the Bell and LaPadula model, an abstract formal treatment of DoD security policy.[2] Using mathematics and set theory, the model precisely defines the notion of secure state, fundamental modes of access, and the rules for granting subjects specific modes of access to objects. Finally, a theorem is proven to demonstrate that the rules are security-preserving operations, so that the application of any sequence of the rules to a system that is in a secure state will result in the system entering a new state that is also secure.
This theorem is known as the Basic Security Theorem.
QUESTION NO: 169
Which type of attack would a competitive intelligence attack best classify as?
A. Business attack B. Intelligence attack C. Financial attack D. Grudge attack
Answer: A
Explanation: Since we are talking about a competitive intelligence attack, we can classify it as a Business attack because it is disrupting business activities. Intelligence attacks are one of the most commonly used to hurt a company where more it hurts, in its information. To see more about competitive intelligence attacks you can take a look at some CISSP study guide. It could be the CISSP gold edition guide.
QUESTION NO: 170
Which of the following is responsible for the most security issues?
A. Outside espionage B. Hackers
C. Personnel
D. Equipment failure
Answer: C
Explanation: As I stated earlier in the comments, the great part of the attacks to companies comes from the personnel. Hackers are out there and attack some targets, but should never forget that your worst enemy can be inside of your company. Is for that that we usually implement IDS and profundity security. It’s a very good practice to install Host based IDS to limit the ability of internal attackers through the machines.
Another problem with personal is the ignorance, there are time that they just don’t know what they are doing, and certainly are violating the security policy.
QUESTION NO: 171
Which of the following goals is NOT a goal of Problem Management?
A. To eliminate all problems.
B. To reduce failures to a manageable level.
C. To prevent the occurrence or re-occurrence of a problem.
D. To mitigate the negative impact of problems on computing services and resources.
Answer: A
Explanation: This is not possible, nobody can eliminate all problems, only god can, this is a reality and Problem Management Gurus know that. With problem management we can reduce failures, prevent reoccurrence of problems and mitigate negative impact as much as we can, but we cannot eliminate all problems, this is not a perfect world.
QUESTION NO: 172
Examples of types of physical access controls include all except which of the following?
A. badges B. locks C. guards D. passwords
Answer: D
Explanation: A password is not a physical thing, it’s a logical one. You can control physical access with armed guards, by locking doors and using badges to open doors, but you can’t relate password to a physical environment. Just to remember, Passwords are used to verify that the user of an ID is the owner of the ID.
The ID-password combination is unique to each user and therefore provides a means of holding users accountable for their activity on the system. They are related to software, not to hardware.
QUESTION NO: 173
Which of the following statements pertaining to the (ISC)2 Code of Ethics is incorrect?
A. All information systems security professionals who are certified by (ISC)2 recognize that such a certification is a privilege that must be both earned and maintained.
B. All information systems security professionals who are certified by (ISC)2 shall provide diligent and competent service to principals.
C. All information systems security professionals who are certified by (ISC)2 shall discourage such behavior as associating or preparing to associate with criminals or criminal behavior.
D. All information systems security professionals who are certified by (ISC)2 shall promote the understanding and acceptance of prudent information security measures.
Answer: C
Explanation: This is not one of the statements of the ISC2 code of Ethics, ISC2 certified people is free to get in association with any person and any party they want. ISC2 thinks that their certified people must have liberty of choice in their associations. However ISC2 ask the certified professionals to promote the
certification and the understanding and acceptance of security measures, they also ask the certified people to provide competent services and be proud of their exclusive ISC2 certified professional status.
I think is very fair, you are free to who where you want, with the people you want, but always be proud of your certification and your skills as a security professional.
QUESTION NO: 174
Which DES modes can best be used for authentication?
A. Cipher Block Chaining and Electronic Code Book.
B. Cipher Block Chaining and Output Feedback.
C. Cipher Block Chaining and Cipher Feedback.
D. Output Feedback and Electronic Code Book.
Answer: C
Explanation: Cipher Block Chaining (CBC) uses feedback to feed the result of encryption back into the encryption of the next block. The plain-text is XOR'ed with the previous cipher-text block before it is encrypted. The encryption of each block depends on all the previous blocks. This requires that the decryption side processes all encrypted blocks sequentially. This mode requires a random initialization vector which is XOR'ed with the first data block before it is encrypted. The initialization vector does not have to be kept secret. The initialization vector should be a random number (or a serial number), to ensure that each message is encrypted uniquely. In the Cipher Feedback Mode (CFB) is data encrypted in units smaller than the block size. This mode can be used to encrypt any number of bits e.g. single bits or single characters (bytes) before sending across an insecure data link.
Both of those method can be best used to provide user authentication capabilities.
QUESTION NO: 175
In the OSI / ISO model, at what layer are some of the SLIP, CSLIP, PPP control functions are provided?
A. Link B. Transport C. Presentation D. Application
Answer: A
Explanation: The Data Link layer takes raw data from the physical layer and gives it logical structure. This logic includes information about where the data is meant to go, which computer sends the data, and the overall validity of the bytes sent. The Data Link layer also controls functions of logical network topologies and physical addressing as well as data transmission synchronization and corrections. SLIP, CSLIP and PPP provide control functions at the Data Link Layer (layer 2 of the OSI model).
QUESTION NO: 176
Which of the following best describes the purpose of debugging programs?
A. To generate random data that can be used to test programs before implementing them B. To ensure that program coding flaws are detected and corrected.
C. To protect, during the programming phase, valid changes from being overwritten by other changes.
D. To compare source code versions before transferring to the test environment.
Answer: B
Explanation: A bug is a coding error in a computer program. The process of finding bugs before program final users is called debugging. Debugging starts after the code is first written and continues in successive stage as code is combined with other units of programming to form a software product, such as an operating system or application. The main reason to debug is to detect and correct errors in the program.
QUESTION NO: 177
With RAID Level 5 the spare drives that replace the failed drives are usually hot swappable, meaning the can be replaced on the server while the?
A. System is up and running.
B. System is down and running.
C. System is in-between and running.
D. System is centre and running.
Answer: A
Explanation: This is true, since RAID 5 uses parity to provide fault tolerance through the array, once of the disk in it can become corrupted, and you usually can just take it out without turning off the system (Hot SWAP) and plug a spare disk on the bay. Then the array will automatically begin to reconstruct the information in the new disk with the parity contained through the other disks in the array. This Hot Swap capability is usually present in enterprise servers that require high availability.
QUESTION NO: 178
What is the process that RAID Level 0 uses as it creates one large disk by using several disks?
A. Striping B. Mirroring C. Integrating D. Clustering
Answer: A
Explanation: This is the correct term, with stripping RAID 0 can evenly distribute the information through the disk that form the array in a transparent way for the final user. With RAID 0 you can be writing to 12 disk simultaneously and you see them as only one large logical partition. This level of RAID does not provide fault tolerance but provides an increase in performance because you are writing and reading from
many disks and heads. An example of this stripping is the software version that comes with Windows 2000, it supports up to 32 disks.
QUESTION NO: 179
Which of the following is used to create and delete views and relations within tables?
A. SQL Data Definition Language B. SQL Data Manipulation Language C. SQL Data Relational Language D. SQL Data Identification Language
Answer: A
Explanation: SQL supports the data definition language (DDL) for creating, altering, and deleting tables and indexes. SQL does not permit metadata object names to be represented by parameters in DDL statements. With this language you can create many of the objects used in SQL, this language is standard and is supported by most database vendors in its standard form. Many of them also extends its functionality for proprietary products.
QUESTION NO: 180
Which division of the Orange Book deals with discretionary protection (need-to-know)?
A. D B. C C. B D. A
Answer: B
Explanation: The C division of the Orange Book deals discretionary (need-to-know) protection and, through the inclusion of audit capabilities, for accountability of subjects and the actions they initiate.
This information can be checked in the orange book. Just make a search online through it with the words
“discretionary protection”.
QUESTION NO: 181
The Diffie-Hellman algorithm is used for?
A. Encryption B. Digital signature C. Key exchange
D. Non-repudiation
Answer: C
Explanation: Diffie Hellman is a Key exchange algorithm, its strength its in the difficulty of computing discrete logarithms in a finite field generated by a large primary number. Although RSA and Diffie Hellman are similar in mathematical theory, their implementation is somewhat different. This algorithm has been released to the public. It’s the primary alternative to the RSA algorithm for key exchange.
QUESTION NO: 182
Primary run when time and tape space permits, and is used for the system archive or baselined tape sets is the?
A. Full backup method.
B. Incremental backup method.
C. Differential backup method.
D. Tape backup method.
Answer: A
Explanation: “Full” backup method provides a baseline for our systems for Restore; the full backup must be done at least once regardless of the method you are using to make backups. It’s very common to use full backups in combination with incremental or differential ones to decrease the backup time (however you increment the restore time with incremental and differential) because it takes the largest time to complete.
You always need to begin a system restoration from your baseline, and this baseline is the Full Backup.
QUESTION NO: 183
Which of the following teams should not be included in an organization’s contingency plan?
A. Damage assessment team.
B. Hardware salvage team.
C. Tiger team.
D. Legal affairs team.
Answer: C
Explanation: In the computer industry, a tiger team is a group of programmers or users who volunteer or are hired to expose errors or security holes in new software or to find out why a computer network's security is being broken. In hiring or recruiting volunteers for a tiger team, some software developers advise others to be sure that tiger team members don't include crackers, who might use their special knowledge of the
software to disable or compromise it in the future. We don’t need a tiger team inside our contingency plan, however, we do need someone to assest the damage, the hardware and legal affairs.
QUESTION NO: 184
When an organization takes reasonable measures to ensure that it took precautions to protect its network and resources is called:
A. Reasonable Action B. Security Mandate C. Due Care