Type II errors occur when which of the following biometric system rates is high?
QUESTION NO: 135 The following is not true:
5. Evaluate and manipulate flexible expressions based on communication and application derived state information
QUESTION NO: 141
Which of the following items should not be retained in an E-mail directory?
A. Drafts of documents.
B. Copies of documents.
C. Permanent records.
D. Temporary documents.
Answer: C
Explanation: This is another matter of common sense, the CISSP exam has many situations like this. Its not a good practice to have Permanent documents in your e-mail, this is because you don’t know if your –mail is always backed up, and maybe the document must be available in a corporate repository. There is not
problem to have Copies, draft or temporary documents in your e-mail. The important ones for the company are the Permanent documents.
QUESTION NO: 142
Which of the following department managers would be best suited to oversee the development of an information security policy?
A. Information systems B. Human resources C. Business operations D. Security administration
Answer: C
Explanation: He is the most appropriate manager, this is because he know the inns and outs of the business processes inside the company. Remember that he manages the business operations, and are those operations the ones that make the company live and generate the revenue. He knows who should access what and when.
Security administrators develop the policy with the information provided by persons like the Business operations manager. Human Resources is not appropriate in this case, and the Information systems manager know about the technology, but not the business needs of the company.
QUESTION NO: 143
Which of the following countermeasures is not appropriate for war dialing attacks?
A. Monitoring and auditing for such activity.
B. Disabling call forwarding.
C. Making sure only necessary phone numbers are made public.
D. Using completely different numbers for voice and data accesses.
Answer: B
Explanation: War dialing, or scanning, has been a common activity in the computer underground and computer security industry for decades. Hollywood made war dialing popular with the 1983 movie, War Games, in which a teenager searching for a videogame company ultimately uncovers a government nuclear war warning system. The act of war dialing is extremely simple – a host computer dials a given range of telephone numbers using a modem. Every telephone number that answers with a modem and successfully connects to the host is stored in a log. Disabling call forwarding is not a useful countermeasure because it’s the attacker machine the one who connects to the attacked system and forwarding is not an issue inside the attack. Answer A, C and D can be used as countermeasures to harder the war dial attack.
QUESTION NO: 144
Which of the following tools is less likely to be used by a hacker?
A. I0phtcrack B. Tripwire C. Crack
D. John the Ripper
Answer: B
Explanation: Tripwire is a tool that checks to see what has changed on your system. The program monitors key attributes of files that should not change, including binary signature, size, expected change of size, etc.
The hard part is doing it the right way, balancing security, maintenance, and functionality. This tool is not usually used by hackers to attack, its usually used to defend against hackers attacks. L0phtcrack is a hacker utility to get passwords, Crack and John the Ripper are also password crackers.
QUESTION NO: 145
Which of the following logical access exposures involves changing data before, or as it is entered into the computer?
A. Data diddling B. Salami techniques
C. Trojan horses D. Viruses
Answer: A
Explanation: This kind of attack involves altering the raw data just before it is processed by a computer and then changing it back after the processing is completed. This kind of attack was used in the past to steal small quantities of money and transfer them to the attackers account, there are many other uses too. Trojan horses open ports without the user knowledge to permit remote control and a Virus is a malicious piece of code that executed inside your computer.
QUESTION NO: 146
Which of the following computer aided software engineering (CASE) products is used for developing detailed designs, such as screen and report layouts?
A. Lower CASE B. Middle CASE C. Upper CASE D. I-CASE
Answer: B
Explanation: This is the proper name, you can search for “Middle CASE” on the Internet. “Middle CASE”
its a CASE flavor and UML design tool that provides the required functionality like screen and report layouts and detailed designs. There are many well known vendors providing this kind of tools for the development process of Software.
QUESTION NO: 147
What is called the number of columns in a table?
A. Schema B. Relation C. Degree D. Cardinality
Answer: C
Explanation: In database terminology, is the same to say that the number of Degrees is “X” and that the number of columns is “X” inside a Table. This question is just trying to test our knowledge of rare, difficult to fin terminology. You can check this in the knowledgebase of Oracle. When we talk about degrees, we are just talking about columns. The schema is the structure of the database, and the relations are the way each table relates to others.
QUESTION NO: 148
Which of the following is the most reliable authentication device?
A. Variable callback system B. Smart Card system C. Fixed callback system
D. Combination of variable and fixed callback system.
Answer: B
Explanation: The smart card, an intelligent token, is a credit card sized plastic card embedded with an integrated circuit chip. It provides not only memory capacity, but computational capability as well. The self-containment of smart card makes it resistant to attack as it does not need to depend upon potentially
vulnerable external resources. Because of this characteristic, smart cards are often used in different
applications which require strong security protection and authentication. Option B is the most correct option, this is because Callback systems are not considered very reliable in the CISSP examination, Smart cards can also provide 2 mode authentication.
QUESTION NO: 149
Which of the following firewall rules is less likely to be found on a firewall installed between and organization internal network and the Internet?
A. Permit all traffic to and from local host.
B. Permit all inbound ssh traffic C. Permit all inbound tcp connections.
D. Permit all syslog traffic to log-server.abc.org.
Answer: C
Explanation: Option “C” is a very bad practice in a firewall connecting one of its interfaces to a public network like Internet. Since in that rule you are allowing all inbound TCP traffic, the hackers can send all the attacks they want to any TCP port, they can make port scanning, Syn Attacks, and many other dangerous DoS activities to our private network. Permit the traffic from local host is a best practice, our firewall is the local host. Permit SSH (Secure Shell) is also good because this protocol use cryptography.
QUESTION NO: 150
The Internet can be utilized by either?
A. Public or private networks (with a Virtual Private Networks).
B. Private or public networks (with a Virtual Private Networks).
C. Home or private networks (with a Virtual Private Networks).
D. Public or home networks (with a Virtual Private Networks).
Answer: B
Explanation: This is true, you can utilize Internet from a Private network and get access through an access translation method that gives you a valid IP address to make the request. Or you can access the Internet directly from a routable, public IP address contained in a public network. To increase security, you can create VPN´s to pass information between two endpoints with confidentiality through the Internet.
QUESTION NO: 151
This backup method must be made regardless of whether Differential or Incremental methods are used.
A. Full Backup Method B. Incremental backup method C. Differential backup method D. Tape backup method
Answer: A
Explanation: Since the “Full” backup method provides a baseline for our systems for Restore, the full backup must be done at least once regardless of the method you are using. Its very common to use full backups in combination with incremental or differential ones to decrease the backup time (however you increment the restore time), but there is no way to maintain a system only with incremental or differential backups. You always need to begin from your restore baseline, the Full Backup.
QUESTION NO: 152
Why do buffer overflows happen?
A. Because buffers can only hold so much data.
B. Because input data is not checked for appropriate length at time of input.
C. Because they are an easy weakness to exploit.
D. Because of insufficient system memory.
Answer: D
Explanation: Buffer overflows are the most common type of DoS attack. Here, an attacker sends more data than the application’s buffer can hold. When the amount of data exceeds the buffer size, the extra data overflows under the stack, often causing the application or the whole system to crash. In some cases, the data can be carefully crafted to include machine code that will execute when it overflows onto the stack.
QUESTION NO: 153
Which of the following should not be performed by an operator?
A. Mounting disk or tape B. Backup and recovery C. Data entry
D. Handling hardware
Answer: C
Explanation: This is very obvious, the operators are responsible of making operative tasks that deals with the hardware and software implementations, they can handle the hardware and put t in condition for the user, be in charge of the backup and restore procedures and Mounting the disk or tapes for the backup. Those are all common tasks. When we talk about the data entry, is the user who has to make does, If the operator do that too, what is the user going to do?
QUESTION NO: 154
What security model is dependant on security labels?
A. Discretionary access control B. Label-based access control C. Mandatory access control D. Non-discretionary access control
Answer: C
Explanation: With mandatory controls, only administrators and not owners of resources may make decisions that bear on or derive from policy. Only an administrator may change the category of a resource, and no one may grant a right of access that is explicitly forbidden in the access control policy. This kind of access control method is based on Security labels. It is important to note that mandatory controls are prohibitive (i.e., all that is not expressly permitted is forbidden).
QUESTION NO: 155
Detection capabilities of Host-based ID systems are limited by the incompleteness of which of the following?
A. Audit log capabilities B. Event capture capabilities C. Event triage capabilities D. Audit notification capabilities
Answer: A
Explanation: This is one of the weakest point of IDS systems installed on the individual hosts. Since much of the malicious activity could be circulating through the network, and this kind of IDS usually have small logging capabilities and of local nature. So any activity happening in the network could go unnoticed, and intrusions can’t be tracked as in depth as we could with an enterprise IDS solution providing centralized logging capabilities.
QUESTION NO: 156
Computer crime is generally made possible by which of the following?
A. The perpetrator obtaining training & special knowledge.
B. Victim carelessness.
C. Collusion with others in information processing D. System design flaws.
Answer: B
Explanation: This is a real problem, nobody thinks that can be victim of a computer crime until it is. There is a big problem relating to the people thinking about this kind of attacks. Computer crimes can be very important and can make great damage to enterprises. Computer Crime will decrease once people begin to think about the Risks and begin to protect their systems from the most common attacks.
QUESTION NO: 157
The structures, transmission methods, transport formats, and security measures that are used to provide integrity, availability, authentication, and confidentiality for transmissions over private and public communications networks and media includes?
A. The Telecommunications and Network Security domain.
B. The Telecommunications and Netware Security domain.
C. The Technical communications and Network Security domain.
D. The Telnet and Network Security domain.
Answer: A
Explanation: This is pretty straight forward. The four principal pillars of computer security: integrity, authentication, confidentiality and availability are all part of the network security and telecommunication domain. Why? Because those pillars deal with that. We provide integrity through digital signatures,
authentication through passwords, confidentiality through encryption and availability by fault tolerance and disaster recovery. All of those are networking and telecommunication components.
QUESTION NO: 158
Which of the following is the lowest TCSEC class where in the system must protected against covert storage channels (but not necessarily covert timing channels)?
A. B2 B. B1 C. B3 D. A1
Answer: A
Explanation: The B2 class referenced in the orange book is the formal security policy model based on device labels that can use DAC (Discretionary access controls) and MAC (Mandatory Access Controls). It provides functionality about covert channel control. It does not require covert timing channels. You can review the B2 section of the Orange Book.
QUESTION NO: 159
Which type of control is concerned with avoiding occurrences of risks?
A. Deterrent controls B. Detective controls C. Preventive controls D. Compensating controls
Answer: C
Explanation: Preventive controls deals with the avoidance of risk through the diminution of probabilities. Is like the example we read earlier about the dogs. Just to remember, Since we want to prevent something from happening, we can go out and buy some Guard dogs to make the job. You are buying them because you want to prevent something from happening. The intruder will see the dogs and will maybe go back, this prevents an attack, this dogs are a form of preventive control.
QUESTION NO: 160
The basic function of an FRDS is to?
A. Protect file servers from data loss and a loss of availability due to disk failure.
B. Persistent file servers from data gain and a gain of availability due to disk failure.
C. Prudent file servers from data loss and a loss of acceptability due to disk failure.
D. Packet file servers from data loss and a loss of accountability due to disk failure.
Answer: A
Explanation: FRDS systems will give us the functionality to protect our servers from disk failure an allow us to have highly available file services in our production servers. FRDS provides high availability against many types of disk failures and well known problems, if one disk goes down, the others still work providing no downtime. FRDS solutions are the preferred way to protect file servers against data corruption and loss.
You can see more about FRDS in the Internet, search “FRDS System”.
QUESTION NO: 161
Which of the following protocols does not operate at the data link layer (layer 2)?
A. PPP