Type II errors occur when which of the following biometric system rates is high?
QUESTION NO: 13 Due are is not related to:
A. RPC B. IGMP
C. LDP D. SPX
Answer: A
Explanation: The socket method of network use is a message-based system, in which one process writes a message to another. This is a long way from the procedural model.
The remote procedure call is intended to act like a procedure call, but to act across the network
transparently. The process makes a remote procedure call by pushing its parameters and a return address onto the stack, and jumping to the start of the procedure. The procedure itself is responsible for accessing and using the network. After the remote execution is over, the procedure jumps back to the return address.
The calling process then continues. RPC works at the Session layer of the OSI model.
QUESTION NO: 64
Which of the following are NOT a countermeasure to traffic analysis?
A. Padding messages B. Eavesdropping C. Sending noise
D. Covert channel analysis
Answer: B
Explanation: Lets do this with a elimination process. With padding messages you can countermeasure traffic analysis because you add garbage information to the message to let in end in a fixed length, this can confuse the analyzer. Sending noise on the communication line could also countermeasure analysis because the analyzer don’t now how to differentiate between real information and noise. You can also covert channel analysis. Eavesdropping does not apply in this situation, its not considered a counter measure to traffic analysis.
QUESTION NO: 65
Which of the following layers of the ISO/OSI model do packet filtering firewalls operate at?
A. Application layer B. Session layer C. Network layer
D. Presentation layer
Answer: C
Explanation: Packet filtering firewalls work at the network level of the OSI model, or the IP layer of TCP/IP. These firewalls are normally part of a router, which is a device that receives and forwards packets to networks. “In a packet filtering firewall each packet is compared to a set of criteria before it is forwarded.
Depending on the packet and the criteria, the firewall can drop the packet, forward it, or send a message to the originator.” The criteria used to evaluate a packet include source, destination IP address, destination port, and protocol used. These types of firewalls are low in cost and don’t have much of an impact on the network’s performance.
QUESTION NO: 66
A prolonged high voltage is?
A. Spike B. Blackout C. Surge D. Fault
Answer: C
Explanation: A surge is a prolonged spike, it occur when the power level rises above normal levels and then drop back to normal in less than one second. A Spike occurs when the power level rises above normal levels and stays there for more than 1 or 2 seconds.. A blackout is the total loss of power and a fault is the opposite of a Spike, it’s a lowering in the voltage, its usually around one second. The surge is the most dangerous from the listed above.
QUESTION NO: 67
How do the Information Labels of Compartmented Mode Workstation differ from the Sensitivity Levels of B3 evaluated systems?
A. Information Labels in CMW are homologous to Sensitivity Labels, but a different term was chosen to emphasize that CMW’s are not described in the Orange Book.
B. Information Labels contain more information than Sensitivity Labels, thus allowing more granular access decisions to be made.
C. Sensitivity Labels contain more information than Information Labels because B3+ systems should store more sensitive data than workstations.
D. Information Labels contain more information than Sensitivity Labels, but are not used by the Reference Monitor to determine access permissions.
Answer: D
Explanation: The primary goal of the compartmented mode workstation (CMW) project was to articulate the security requirements that workstations must meet to process highly classified intelligence data. As a basis for the validity of the requirements developed, a prototype was implemented which demonstrated that workstations could meet the requirements in an operationally useful manner while still remaining binary compatible with off-the-shelf software. The security requirements not only addressed traditional security concerns but also introduced concepts in areas such as labeling and the use of a trusted window management system. The CMW labeling paradigm is based on associating two types of security labels with objects:
sensitivity levels and information labels. Sensitivity levels describe the levels at which objects must be protected. Information labels are used to prevent data over classification and also provide a mechanism for associating with data those markings that are required for accurate data labeling, but which play no role in access control decisions. The use of a trusted window manager allows users to easily operate at multiple sensitivity levels and provides a convenient mechanism for communicating security information to users in a relatively unobtrusive manner. Information labels are not used by reference monitor, permissions are
referenced in Sensibility labels.
QUESTION NO: 68
In what security mode can a system be operating if all users have the clearance or authorization and need-to-know to all data processed within the system?
A. Dedicated security mode.
B. System-high security mode.
C. Compartmented security mode.
D. Multilevel security mode.
Answer: A
Explanation: An information-system (IS) security mode of operation wherein each user with direct or indirect access to the system, its peripherals, remote terminals, or remote hosts, has all of the following: (a) a valid security clearance for all information within the system; (b) formal access approval and signed
nondisclosure agreements for all the information stored and/or processed (including all compartments, sub compartments, and/or special access programs); and (c) a valid need-to-know for all information contained within the IS. When in the dedicated security mode, a system is specifically and exclusively dedicated to and controlled for the processing of one particular type or classification of information, either for full-time operation or for a specified period of time.
QUESTION NO: 69
What are the three conditions that must be met by the reference monitor?
A. Confidentiality, availability and integrity.
B. Policy, mechanism and assurance.
C. Isolation, layering and abstraction.
D. Isolation, completeness and verifiability.
Answer: D
Explanation: These are three of the main characteristics of a Reference Monitor. You need Isolation, because it cant be of public access, the less access the better. It must have a sense of completeness to provide the whole information and process cycles. It must be verifiable, to provide security, audit and accounting functions.
QUESTION NO: 70
While referring to Physical Security, what does Positive pressurization means?
A. The pressure inside your sprinkler system is greater than zero.
B. The air goes out of a room when a door is opened and outside air does not go into the room.
C. Causes the sprinkler system to go off.
D. A series of measures that increase pressure on employees in order to make them more productive.
Answer: B
Explanation: Positive Pressurization is a condition that exists when more air is supplied to a space than is exhausted, so the air pressure within that space is greater than that in surrounding areas. This condition can cause the situation mentioned above in the answer B, you can make air go out of a room but not enter to it from the outside.
QUESTION NO: 71
The baseline sets certain thresholds for specific errors or mistakes allowed and the amount of these occurrences that can take place before it is considered suspicious?
A. Checkpoint level B. Ceiling level C. Clipping level D. Threshold level
Answer: C
Explanation: According to CISSP documentation, this is the proper term, The Clipping level is used to determine suspicious occurrences that are a production of errors or mistakes. Checkpoint level is not a related term. Ceiling level is not related to baselines. Threshold level is attractive, but is not the correct term. Take a look at your CISSP documentation.
QUESTION NO: 72
The most prevalent cause of computer center fires is which of the following?
A. AC equipment
B. Electrical distribution systems.
C. Heating systems D. Natural causes
Answer: B
Explanation: According to static’s, this is the greatest cause, Electrical distribution systems, specially those not installed through standards are very prone to fail and make fire inside places. AC equipment its not very prone to make fire. Natural causes it’s a possibility but is definitively not the most prevalent cause. Heating systems are a very rare case of Fire beginners.
QUESTION NO: 73
An offsite backup facility intended to operate an information processing facility, having no computer or communications equipment, but having flooring, electrical writing, air conditioning, etc. Is better known as a?
A. Hot site
B. Duplicate processing facility C. Cold site
D. Warm site
Answer: C
Explanation: A cold site has all the appropriate power requirements, and floor space to install the hardware and to enable you to recreate your computer environment, but does not provide the actual equipment. Many of the companies that provide hot sites also provide cold sites. It may be reasonable for your company to consider creating its won cold site if your company has floor space available in another location than the home site. They require much more outage than Hot sites before operations can be restored.
QUESTION NO: 74
Which of the following are necessary components of a Multi-Level Security Policy?
A. Sensitivity Labels and a “system high” evaluation.
B. Sensitivity Labels and Discretionary Access Control.
C. Sensitivity Labels and Mandatory Access Control.
D. Object Labels and a “system high” evaluation.
Answer: C
Explanation: First implemented in Military organizations (and I think even today it's implemented there only), this model was a significant improvement in terms of security policy implementation. This model made implementation of complex security policies very simple. It's specifications are present in the orange book from DoD. In this model, every object is assigned a sensitivity label. Also, every user is assigned a sensitivity label. If a user's sensitivity label is greater than or equal to the sensitivity label, he is allowed access to the object, otherwise, he is denied access. This methodology is used for creating a hierarchy of access. We can say that this method is used for partitioning the organization hierarchy horizontally.
Multi-Level Security is considered a Mandatory Access Control method.
QUESTION NO: 75
Which of the following, used to extend a network, has a storage capacity to store frames and act as a store-and-forward device?
A. Bridge B. Router C. Repeater D. Gateway
Answer: A
Explanation: A bridge is a network device that connects two similar network segments together. The primary function of a bridge is to keep traffic separated on both sites of the bridge. Traffic is allowed to pass through the bridge only if the transmission is intended for a station in the opposite side. Bridges operate at the data link layer of the OSI model an provides two different collision domains in Ethernet, but they only provide one broadcast domain for layer 3 an up of the OSI model. The bridge can store frames and forward them in many forms like Cut-through and Store and Forward.
QUESTION NO: 76
Which of the following is addressed by Kerberos?
A. Authorization and authentication.
B. Validation and integrity.
C. Confidentiality and integrity.
Answer: C
Explanation: Kerberos is a network authentication protocol. It is designed to provide strong authentication for client/server applications by using secret-key cryptography. A free implementation of this protocol is available from the Massachusetts Institute of Technology. Kerberos is available in many commercial products as well. Kerberos was created by MIT as a solution to these network security problems. The Kerberos protocol uses strong cryptography so that a client can prove its identity to a server (and vice versa)
across an insecure network connection. After a client and server has used Kerberos to prove their identity, they can also encrypt (confidentiality) all of their communications to assure privacy and data integrity as they go about their business.
QUESTION NO: 77
Access Control techniques do not include which of the following choices?
A. Relevant Access Controls B. Discretionary Access Control C. Mandatory Access Control D. Lattice Based Access Control
Answer: A
Explanation: Relevant Access Controls are not included as a Access Control Technique.
Lattice-based access control models were developed in the early 1970s to deal with the confidentiality of military information. In the late 1970s and early 1980s, researchers applied these models to certain integrity concerns. Later, application of the models to the Chinese Wall policy, a confidentiality policy unique to the commercial sector, was demonstrated.
Discretionary control is the most common type of access control mechanism implemented in computer systems today. The basis of this kind of security is that an individual user, or program operating on the user's behalf, is allowed to specify explicitly the types of access other users (or programs executing on their behalf) may have to information under the user's control. Discretionary Access control security differs from
mandatory access control security in that it implements the access control decisions of the user. Mandatory controls are driven by the results of a comparison between the user's trust level or clearance and the
sensitivity designation of the information.
QUESTION NO: 78
Why is public key cryptography recommended for use in the process of securing facsimiles during transmission?
A. Keys are never transmitted over the network.
B. Data compression decreases key change frequency.
C. Key data is not recognizable from facsimile data.
D. The key is securely passed to the receiving machine.
Answer: D
Explanation: In this method of cryptography we use 2 keys, one to encrypt the data, and another to decrypt it. In Public Key Cryptography, the users have a public and a private key, the public key is of free
distribution and is usually published in a directory, while the private keys must be keep secure. This allows the keys to pass in a secure fashion to the receiving machine, its because the public key is not confidential
and can be send through a secure channel. You need to use a certification authority to make this kind of cryptography work.
QUESTION NO: 79
Database views are not used to:
A. Implement referential integrity.
B. Implement least privilege.
C. To implement content-dependent access restrictions.
D. Implement need-to-know.
Answer: A
Explanation: A View is a display of one or more table shows that shows the table data. You can even retrieve part of the table and display the same to the user. Before a user is able to use a view, they must have both, permission on the view and all dependent objects. Views can also be used to implement security, for example you can create a view that only shows 3 of 5 columns contained in a table. Views are not used to provide integrity you can use constraints, rule or other components of database systems.
QUESTION NO: 80
Which of the following is most concerned with personnel security?
A. Management controls B. Operational controls C. Technical controls
D. Human resources controls.
Answer: B
Explanation: Personnel security always have to deal more with Operational controls, Operational controls provide the guidelines and the correct procedures to implement the different operations. Management controls are usually used only by managers. Human resources and Technical Controls are not related to personal security as the question states. See the different control definitions in your CISSP documentation.
QUESTION NO: 81
Which of the following statements pertaining to the Trusted Computer System Evaluation Criteria (TCSEC) is incorrect?
A. With TCSEC, functionality and assurance are evaluated separately.
B. TCSEC provides a means to evaluate the trustworthiness of an information system.
C. The Orange book does not cover networks and communications.
D. Data base management systems are not covered by the TCSEC.
Answer: A
Explanation: TCSEC does not separate functionality and assurance from evaluation. It makes them a combined criteria. Just to remember, The Trusted Computer System Evaluation Criteria (TCSEC) is a collection of criteria used to grade or rate the security offered by a computer system product. The TCSEC is sometimes referred to as "the Orange Book" because of its orange cover (Orange Book deals with networks and communications). The current version is dated 1985 (DOD 5200.28-STD, Library No.S225,711) The TCSEC, its interpretations and guidelines all have different color covers, and are sometimes known as the
"Rainbow Series". Database management is also covered in TCSEC.
QUESTION NO: 82
Which of the following could illegally capture network user passwords?
A. Data diddling B. Sniffing C. Spoofing D. Smurfing
Answer: B
Explanation: Sniffing is the action of capture the information going over the network.
Most popular way of connecting computers is through Ethernet. Ethernet protocol works by sending packet information to all the hosts on the same circuit. The packet header contains the proper address of the destination machine. Only the machine with the matching address is suppose to accept the packet. A machine that is accepting all packets, no matter what the packet header says, is said to be in promiscuous mode. Because, in a normal networking environment, account and password information is passed along Ethernet in clear-text, it is not hard for an intruder to put a machine into promiscuous mode and by sniffing, compromise all the machines on the net by capturing password in an illegal fashion.
QUESTION NO: 83
Which trusted facility management concept implies that two operators must review and approve the work of each other?
A. Two-man control B. Dual control C. Double control D. Segregation control
Answer: A
Explanation: The proper term for this trusted facility management concept is “Two-man Control”, it means that two people must work and approve each others work to provide increased security and eliminate the possibility of one of them to hurt the company. For example they can only make changes to the system if both of them authenticate with their retina at the same time at the data center and enter their secret password This kind of work fashion is only used in highly secure environments, its not very common.
QUESTION NO: 84
There are more than 20 books in the Rainbow Series. Which of the following covers password management guidelines?
A. Orange Book B. Green Book C. Red Book D. Lavender Book
Answer: B
Explanation: The DoD Password Management Guideline was published at 12 April 1985, it is also called the “Green Book” because of the color of its cover. Here is the password definition according to it: “A character string used to authenticate an identity. Knowledge of the password that is associated with a user ID is considered proof of authorization to use the capabilities associated with that user ID.”
QUESTION NO: 85
Which of the following is an ip address that is private? (i.e. reserved for internal networks, and not a valid address to use on the Internet)?
A. 172.5.42.5 B. 172.76.42.5 C. 172.90.42.5 D. 172.16.42.5
Answer: D
Explanation: The IP address 172.16.42.5 is contained in a class B reserved network, IANA reserved the 172.16.0.0 through 172.31.255.255 networks for internal use, this network its not routable in Internet and its commonly used in intranets. Class B networks are used in medium-sized networks. In class B networks, the two high order bits are always 10, and then remaining bits are used to define 16.384 networks, each with as many as 65.534 hosts attached. Examples of valid Class B networks include Microsoft and Exxon.
QUESTION NO: 86
How fast is private key cryptography compared to public key cryptography?
A. 10 to 100 times faster.
B. 100 to 1000 times faster.
C. 1000 to 10000 times faster.
D. 10000 to 20000 times faster.
Answer: C
Explanation: Since Private Key encryption (Symmetric) only has one key for encrypt-decrypt, you need to use an alternative way to pass the shared secret in a secure manner, in our days, it’s usually done by
telephone or some secure methods that not involve the channel you are trying to secure. Also, since you
telephone or some secure methods that not involve the channel you are trying to secure. Also, since you