[Feb 12, 2024] CISSP PDF Dumps is essential on your CISSP Exam Questions Certain Success! [Q441-Q465]

[Feb 12, 2024] CISSP PDF Dumps is essential on your CISSP Exam Questions Certain Success!

CISSP PDF Questions - Perfect Prospect To Go With CISSP Practice Exam

ISC CISSP certification exam is a comprehensive exam that tests the knowledge and skills of experienced security professionals in various areas of information security. Certified Information Systems Security Professional certification is highly valued by employers and is recognized worldwide as a benchmark for excellence in information security. Individuals who possess this certification can demonstrate their expertise in the field and their commitment to ongoing professional development.

 

NEW QUESTION # 441
A security analyst for a large financial institution is reviewing network traffic related to an incident.
The analyst determines the traffic is irrelevant to the investigation but in the process of the review, the analyst also finds that an applications data, which included full credit card cardholder data, is transferred in clear text between the server and user's desktop. The analyst knows this violates the Payment Card Industry Data Security Standard (PCI-DSS). Which of the following is the analyst's next step?

• A. Ignore data as it is outside the scope of the investigation and the analyst's role.
• B. Include the full network traffic logs in the incident report
• C. Send the log file co-workers for peer review
• D. Follow organizational processes to alert the proper teams to address the issue.

Answer: D

NEW QUESTION # 442
What allows a relation to contain multiple rows with a same primary key?

• A. It is not possible
• B. Polyinstantiation
• C. RDBMS
• D. Polymorphism

Answer: B

Explanation:
In databases, polyinstantiation is database-related SQL (structured query language)
terminology. It allows a relation to contain multiple rows with the same primary key; the multiple
instances are distinguished by their security levels. It occurs because of mandatory policy.
Depending on the security level established, one record contains sensitive information, and the
other one does not, that is, a user will see the record's information depending on his/her level of
confidentiality previously dictated by the company's policy.
The following answers are incorrect:
An RDBMS is a DBMS in which data is stored in tables and the relationships among the data are
also stored in tables. The data can be accessed or reassembled in many different ways without
having to change the table forms.
Polymorphism based on the Greek roots "poly" and "morph," meaning many and forms, respectively): allows the ability to overload operators, performing different methods depending on the context of the input message.
It is not possible The following reference(s) were/was used to create this question: http://en.wikipedia.org/wiki/Polyinstantiation https://en.wikipedia.org/wiki/Relational_database_management_system https://en.wikipedia.org/wiki/Polymorphism_%28computer_science%29 http://my.safaribooksonline.com/book/certification/cissp/9781597495639

NEW QUESTION # 443
Which of the following provides the MOST comprehensive filtering of Peer-to-Peer (P2P) traffic?

• A. Network boundary router
• B. Access layer switch
• C. Port filter
• D. Application proxy

Answer: B

NEW QUESTION # 444
Which of the following is a canon of the (ISC)2 Code of Ethics?

• A. Provide diligent and competent service to principals.
• B. Cooperate with others in the interchange of knowledge and ideas for mutual security.
• C. Integrity first, association before serf, and excellence in all we do
• D. Perform all professional activities and duties in accordance with aM applicable laws and the highest ethical standards.

Answer: A

NEW QUESTION # 445
What can be defined as a batch process dumping backup data through communications lines to a server at an alternate location?

• A. Remote journaling
• B. Data clustering
• C. Database shadowing
• D. Electronic vaulting

Answer: D

Explanation:
Electronic vaulting refers to the transfer of backup data to an off-site location. This is primarily a batch process of dumping backup data through communications lines to a server at an alternate location.
Electronic vaulting is accomplished by backing up system data over a network. The backup location is usually at a separate geographical location known as the vault site. Vaulting can be used as a mirror or a backup mechanism using the standard incremental or differential backup cycle. Changes to the host system are sent to the vault server in real-time when the backup method is implemented as a mirror. If vaulting updates are recorded in real-time, then it will be necessary to perform regular backups at the off-site location to provide recovery services due to inadvertent or malicious alterations to user or system data.
The following are incorrect answers: Remote journaling refers to the parallel processing of transactions to an alternate site (as opposed to a batch dump process). Journaling is a technique used by database management systems to provide redundancy for their transactions. When a transaction is completed, the database management system duplicates the journal entry at a remote location. The journal provides sufficient detail for the transaction to be replayed on the remote system. This provides for database recovery in the event that the database becomes corrupted or unavailable.
Database shadowing uses the live processing of remote journaling, but creates even more redundancy by duplicating the database sets to multiple servers. There are also additional redundancy options available within application and database software platforms. For example, database shadowing may be used where a database management system updates records in multiple locations. This technique updates an entire copy of the database at a remote location.
Data clustering refers to the classification of data into groups (clusters). Clustering may also be used, although it should not be confused with redundancy. In clustering, two or more "partners" are joined into the cluster and may all provide service at the same time. For example, in an active-active pair, both systems may provide services at any time. In the case of a failure, the remaining partners may continue to provide service but at a decreased capacity.
The following resource(s) were used for this question: Hernandez CISSP, Steven (2012-12-21). Official (ISC)2 Guide to the CISSP CBK, Third Edition ((ISC)2 Press) (Kindle Locations 20403-20407 and 20411-20414 and 20375-20377 and 2028020283). Auerbach Publications. Kindle Edition.

NEW QUESTION # 446
An attack initiated by an entity that is authorized to access system resources but uses them in a way not approved by those who granted the authorization is known as a(n):

• A. outside attack.
• B. passive attack.
• C. inside attack.
• D. active attack.

Answer: C

Explanation:
Explanation/Reference:
Explanation:
An attack by an authorized user is known as an inside attack.
An insider attack is a malicious attack perpetrated on a network or computer system by a person with authorized system access.
Insiders that perform attacks have a distinct advantage over external attackers because they have authorized system access and also may be familiar with network architecture and system policies/ procedures. In addition, there may be less security against insider attacks because many organizations focus on protection from external attacks.
An insider attack is also known as an insider threat.
Incorrect Answers:
A: In an active attack, the attacker attempts to make changes to data on the target or data as it is transmitted to the target. An attack by an authorized user could be an active type of attack but it is not known as an active attack.
B: An attack by an authorized user is not known as an outside attack.
D: In a passive attack, the attacker attempts to learn information but does not affect resources. An attack by an authorized user could be passive in nature but it is not known as a passive attack.
References:
https://www.techopedia.com/definition/26217/insider-attack

NEW QUESTION # 447
What is called the percentage at which the False Rejection Rate equals the False
Acceptance Rate?

• A. False Rejection Rate (FRR) or Type I Error
• B. False Acceptance Rate (FAR) or Type II Error
• C. Failure to enroll rate (FTE or FER)
• D. Crossover Error Rate (CER)

Answer: D

Explanation:
The percentage at which the False Rejection Rate equals the False
Acceptance Rate is called the Crossover Error Rate (CER). Another name for the CER is the Equal Error Rate (EER), any of the two terms could be used.
Equal error rate or crossover error rate (EER or CER)
It is the rate at which both accept and reject errors are equal. The EER is a quick way to compare the accuracy of devices with different ROC curves. In general, the device with the lowest EER is most accurate.
The other choices were all wrong answers:
The following are used as performance metrics for biometric systems:
False accept rate or false match rate (FAR or FMR): the probability that the system incorrectly matches the input pattern to a non-matching template in the database. It measures the percent of invalid inputs which are incorrectly accepted. This is when an impostor would be accepted by the system false reject rate or false non-match rate (FRR or
FNMR): the probability that the system fails to detect a match between the input pattern and a matching template in the database. It measures the percent of valid inputs which are incorrectly rejected. This is when a valid company employee would be rejected by the system Failure to enroll rate (FTE or FER): the rate at which attempts to create a template from an input is unsuccessful. This is most commonly caused by low quality inputs.
Reference(s) used for this question:
KRUTZ, Ronald L. & VINES, Russel D., The CISSP Prep Guide: Mastering the Ten
Domains of Computer Security, 2001, John Wiley & Sons, Page 38
And
https://en.wikipedia.org/wiki/Biometrics

NEW QUESTION # 448
Compared to RSA, which of the following is true of Elliptic Curve Cryptography(ECC)?

• A. It has been mathematically proved to be more secure.
• B. It is believed to require shorter keys for equivalent security.
• C. It has been mathematically proved to be less secure.
• D. It is believed to require longer key for equivalent security.

Answer: B

Explanation:
The answer: It
is believed to require shorter keys for equivalent security. Some
experts believe that ECC with key length 160 bits is equivalent to RSA with key length 1024 bits.
The following answers are incorrect: It has been mathematically proved to be less secure. ECC
has not been proved to be more or less secure than RSA. Since ECC is newer than RSA, it is
considered riskier by some, but that is just a general assessment, not based on mathematical
arguments.
It has been mathematically proved to be more secure. ECC has not been proved to be more or
less secure than RSA. Since ECC is newer than RSA, it is considered riskier by some, but that is
just a general assessment, not based on mathematical arguments.
It is believed to require longer key for equivalent security. On the contrary, it is believed to require
shorter keys for equivalent security of RSA.
Shon Harris, AIO v5 pg719 states:
"In most cases, the longer the key, the more protection that is provided, but ECC can provide the
same level of protection with a key size that is shorter that what RSA requires"
The following reference(s) were/was used to create this question:
ISC2 OIG, 2007 p. 258
Shon Harris, AIO v5 pg719

NEW QUESTION # 449
Which access control model would a lattice-based access control model be an example of?

• A. Mandatory access control.
• B. Non-discretionary access control.
• C. Rule-based access control.
• D. Discretionary access control.

Answer: A

Explanation:
Explanation/Reference:
Explanation:
A lattice-based access control model, which is a type of label-based mandatory access control model, is used to define the levels of security that an object may have and that a subject may have access to.
Incorrect Answers:
B: Access in a DAC model is restricted based on the authorization granted to the users, not on their security labels.
C: Non-discretionary access control is when the system administrator or a single management body within an organization centrally controls access to all resources for everybody on a network, not on their security labels.
D: Rule-based access control makes use of explicit rules that specify what can and cannot happen between a subject and an object, not on their security labels.
References:
Harris, Shon, All In One CISSP Exam Guide, 6th Edition, McGraw-Hill, 2013, pp. 220-228
https://en.wikipedia.org/wiki/Lattice-based_access_control

NEW QUESTION # 450
What is defined as inference of information from other, intermediate, relevant facts?

• A. Secondary evidence
• B. Circumstantial evidence
• C. Conclusive evidence
• D. Hearsay evidence

Answer: B

Explanation:
Circumstantial evidence is defined as inference of information from other, intermediate, relevant facts. Secondary evidence is a copy of evidence or oral description of its contents. Conclusive evidence is incontrovertible and overrides all other evidence and hearsay evidence is evidence that is not based on personal, first-hand knowledge of the witness, but was obtained from another source. Computer-generated records normally fall under the category of hearsay evidence. Source: KRUTZ, Ronald L. & VINES, Russel D., The CISSP Prep Guide: Mastering the Ten Domains of Computer Security, John Wiley & Sons, 2001, Chapter 9: Law, Investigation, and Ethics (page 310).

NEW QUESTION # 451
The Orange Book states that "Hardware and software features shall be provided that can be used to periodically validate the correct operation of the on-site hardware and firmware elements of the TCB
[Trusted Computing Base]." This statement is the formal requirement for:

• A. Design Verification.
• B. System Architecture Specification.
• C. Security Testing.
• D. System Integrity.

Answer: D

Explanation:
Explanation/Reference:
Explanation:
Orange Book Pages 15 states:
2.1.3.1.2 System Integrity:
Hardware and/or software features shall be provided that can be used to periodically validate the correct operation of the on-site hardware and firmware elements of the TCB.
Incorrect Answers:
A: The requirement for security testing: The security mechanisms of the ADP system shall be tested and found to work as claimed in the system documentation. Testing shall be done to assure that there are no obvious ways for an unauthorized user to bypass or otherwise defeat the security protection mechanisms of the TCB. This is not what is described in the question.
B: There are five requirements defined for design verification. The statement in the question is not one of those five requirements.
D: The statement in the question is not one of the requirements for System Architecture Specification.
References:
http://csrc.nist.gov/publications/history/dod85.pdf, pp. 15, 101

NEW QUESTION # 452
What is the MOST important criterion that needs to be adhered to during the data collection process of an active investigation?

• A. Complying with the organization's security policy
• B. Capturing an image of the system
• C. Maintaining the chain of custody
• D. Outlining all actions taken during the investigation

Answer: B

NEW QUESTION # 453
Which of the following Service Organization Control (SOC) report types should an organization request if they require a period of time report covering security and availability for a particular system?

• A. SOC 1 Type 2
• B. SOC 1 Type 1
• C. SOC 2 Type 2
• D. SOC 2 Type 1

Answer: C

Explanation:
Section: Mixed questions

NEW QUESTION # 454
How many times should a diskette be formatted to comply with TCSEC
Orange Book object reuse recommendations?

• A. Nine
• B. Five
• C. Three
• D. Seven

Answer: D

Explanation:
The correct answer is 7. Most computer certification and accreditation standards recommend that diskettes be formatted seven times to prevent any possibility of data remanence .

NEW QUESTION # 455
Which of the following security-focused protocols operates at a layer different from the others?

• A. Simple Key Management for Internet Protocols (SKIP)
• B. Secure HTTP
• C. Secure socket layer (SSL)
• D. Secure shell (SSH-2)

Answer: B

NEW QUESTION # 456
What does the simple security (ss) property mean in the Bell-LaPadula model?

• A. No read up
• B. No write down
• C. No read down
• D. No write up

Answer: A

Explanation:
Explanation/Reference:
Explanation:
Three main rules are used and enforced in the Bell-LaPadula model:
The simple security (SS) rule, the *-property (star property) rule, and the strong star property rule. The simple security rule states that a subject at a given security level cannot read data that reside at a higher security level.
The *-property rule (star property rule) states that a subject in a given security level cannot write information to a lower security level. The simple security rule is referred to as the "no read up" rule, and the
*-property rule is referred to as the "no write down" rule.
The third rule, the strong star property rule, states that a subject that has read and write capabilities can only perform those functions at the same security level; nothing higher and nothing lower. So, for a subject to be able to read and write to an object, the clearance and classification must be equal.
Incorrect Answers:
B: The simple security rule is referred to as the "no read up" rule, not the "no write down" rule. The *- property rule is referred to as the "no write down" rule.
C: The simple security rule is referred to as the "no read up" rule, not the "no read down" rule.
D: The simple security rule is referred to as the "no read up" rule, not the "no write up" rule.
References:
Harris, Shon, All In One CISSP Exam Guide, 6th Edition, McGraw-Hill, New York, 2013, pp. 369-370

NEW QUESTION # 457
CORRECT TEXT
ICMP and IGMP belong to which layer of the OSI Model? (Fill in the blank)

Answer:

NEW QUESTION # 458
What can be defined as a list of subjects along with their access rights that are authorized to access a specific object?

• A. An access control matrix
• B. A role-based matrix
• C. An access control list
• D. A capability table

Answer: C

Explanation:
Explanation/Reference:
Explanation:
Access control lists defines subjects that are authorized to access a specific object, and includes the level of authorization that subjects are granted.
Incorrect Answers:
A: A capability table stipulates the access rights that a specified subject has in relation to detailed objects.
C: An access control matrix is a table of subjects and objects that specifies the actions individual subjects can take upon individual objects.
D: A role-based matrix is not a valid answer with regards to this question.
References:
Harris, Shon, All In One CISSP Exam Guide, 6th Edition, McGraw-Hill, 2013, pp. 229-231

NEW QUESTION # 459
Which of the following rules is least likely to support the concept of least privilege?

• A. Only data to and from critical systems and applications should be allowed through the firewall.
• B. The number of administrative accounts should be kept to a minimum.
• C. Administrators should use regular accounts when performing routine operations like reading mail.
• D. Permissions on tools that are likely to be used by hackers should be as restrictive as possible.

Answer: A

Explanation:
Only data to and from critical systems and applications should be allowed through the firewall is a detractor. Critical systems or applications do not necessarily need to have traffic go through a firewall. Even if they did, only the minimum required services should be allowed. Systems that are not deemed critical may also need to have traffic go through the firewall.
Least privilege is a basic tenet of computer security that means users should be given only those rights required to do their jobs or tasks. Least privilege is ensuring that you have the minimum privileges necessary to do a task. An admin NOT using his admin account to check email is a clear example of this.
Reference(s) used for this question:
National Security Agency, Systems and Network Attack Center (SNAC), The 60 Minute
Network Security Guide, February 2002, page 9.

NEW QUESTION # 460
In the access control matrix, the rows are:

• A. Capability lists.
• B. Tuples.
• C. Access Control Lists (ACLs).
• D. Domains.

Answer: A

Explanation:
The correct answer is Capability lists.
*Answer "Access Control Lists (ACLs)" is incorrect because the access control list is not a row in the access control matrix.
*Answer Tuples is incorrect because a tuple is a row in the table of a relational database.
*Answer Domains is incorrect because a domain is the set of allowable values a column or attribute can take in a relational database.

NEW QUESTION # 461
Which of the following is a trusted, third party authentication protocol that was developed under Project Athena at MIT?

• A. NetSP
• B. KryptoKnight
• C. Kerberos
• D. SESAME

Answer: C

Explanation:
"Kerberos is an authentication protocol and was designed in the mid-1980s as part of MIT's Project Athena." Pg 129 Shon Harris: All-in-One CISSP Certification

NEW QUESTION # 462
What is the MOST effective method for gaining unauthorized access to a file protected with a long complex password?

• A. Frequency analysis
• B. Brute force attack
• C. Social engineering
• D. Dictionary attack

Answer: C

NEW QUESTION # 463
Which of the following is a straightforward approach that provides access rights to subjects for objects?

• A. Take-Grant Model
• B. Biba Model
• C. Bell-LaPadula Model
• D. Access Matrix model

Answer: D

Explanation:
"The access matrix is a straightforward approach that provides access rights to subjects for objects. Access rights are of the type read, write, and execute. A subject is an active entity that is seeking rights to a resource or object. A subject can be a person, a program, or a process. An object is a passive entity, such as a file or a storage resource." Pg 272 Krutz: CISSP Prep Guide: Gold Edition.

NEW QUESTION # 464
In the Bell-LaPadula model, the Star-property is also called:

• A. The simple security property
• B. The confinement property
• C. The tranquility property
• D. The confidentiality property

Answer: B

Explanation:
The Bell-LaPadula model focuses on data confidentiality and access to classified information, in contrast to the Biba Integrity Model which describes rules for the protection of data integrity.
In this formal model, the entities in an information system are divided into subjects and objects.
The notion of a "secure state" is defined, and it is proven that each state transition preserves security by moving from secure state to secure state, thereby proving that the system satisfies the security objectives of the model.
The Bell-LaPadula model is built on the concept of a state machine with a set of allowable states in a system. The transition from one state to another state is defined by transition functions.
A system state is defined to be "secure" if the only permitted access modes of subjects to objects are in accordance with a security policy.
To determine whether a specific access mode is allowed, the clearance of a subject is compared to the classification of the object (more precisely, to the combination of classification and set of compartments, making up the security level) to determine if the subject is authorized for the specific access mode.
The clearance/classification scheme is expressed in terms of a lattice. The model defines two mandatory access control (MAC) rules and one discretionary access control (DAC) rule with three security properties:
The Simple Security Property - a subject at a given security level may not read an object at a higher security level (no read-up).
The *-property (read "star"-property) - a subject at a given security level must not write to any object at a lower security level (no write-down). The *-property is also known as the
Confinement property.
The Discretionary Security Property - use an access control matrix to specify the discretionary access control.
The transfer of information from a high-sensitivity document to a lower-sensitivity document may happen in the Bell-LaPadula model via the concept of trusted subjects. Trusted
Subjects are not restricted by the *-property. Untrusted subjects are.
Trusted Subjects must be shown to be trustworthy with regard to the security policy. This security model is directed toward access control and is characterized by the phrase: "no read up, no write down." Compare the Biba model, the Clark-Wilson model and the
Chinese Wall.
With Bell-LaPadula, users can create content only at or above their own security level (i.e.
secret researchers can create secret or top-secret files but may not create public files; no write-down). Conversely, users can view content only at or below their own security level
(i.e. secret researchers can view public or secret files, but may not view top-secret files; no read-up).
Strong * Property
The Strong * Property is an alternative to the *-Property in which subjects may write to objects with only a matching security level. Thus, the write-up operation permitted in the usual *-Property is not present, only a write-to-same level operation. The Strong * Property is usually discussed in the context of multilevel database management systems and is motivated by integrity concerns.
Tranquility principle
The tranquility principle of the Bell-LaPadula model states that the classification of a subject or object does not change while it is being referenced. There are two forms to the tranquility principle: the "principle of strong tranquility" states that security levels do not change during the normal operation of the system and the "principle of weak tranquility" states that security levels do not change in a way that violates the rules of a given security policy.
Another interpretation of the tranquility principles is that they both apply only to the period of time during which an operation involving an object or subject is occurring. That is, the strong tranquility principle means that an object's security level/label will not change during an operation (such as read or write); the weak tranquility principle means that an object's security level/label may change in a way that does not violate the security policy during an operation.
Reference(s) used for this question:
http://en.wikipedia.org/wiki/Biba_Model
http://en.wikipedia.org/wiki/Mandatory_access_control
http://en.wikipedia.org/wiki/Discretionary_access_control
http://en.wikipedia.org/wiki/Clark-Wilson_model
http://en.wikipedia.org/wiki/Brewer_and_Nash_model

NEW QUESTION # 465
......

CISSP Exam with Accurate Certified Information Systems Security Professional PDF Questions: https://actualtests.vceengine.com/CISSP-vce-test-engine.html