When logging on to a workstation, the log-on process should:
Correct Answer: D
This approach is necessary to ensure that all the information required for a log-on has been submitted and to avoid providing information that would aid a cracker in trying to gain unauthorized access to the workstation or network. If a log-on attempt fails, information as to which part of the requested log-on information was incorrect should not be supplied to the user. Answer "Provide a Help mechanism that provides log-on assistance" is incorrect since a Help utility would provide help to a cracker trying to gain unauthorized access to the network. For answer "Place no limits on the time allotted for log-on or on the number of unsuccessful log-on attempts", maximum and minimum time limits should be placed on the log-on process. Also, the log-on process should limit the number of unsuccessful log-on attempts and temporarily suspend the log-on capability if that number is exceeded. One approach is to progressively increase the time interval allowed between unsuccessful log-on attempts. Answer "Not provide information on the previous successful log-on and on previous unsuccessful log-on attempts" is incorrect since providing such information will alert an authorized user if someone has been attempting to gain unauthorized access to the network from the user's workstation.
Question 132
Which type of security control is also known as "Logical" control?
Correct Answer: B
The following answers are incorrect: Physcial: This is a type of security control, but does not have an alternate name. Administrative: This is a type of security control, but doe not have an alternate name. Risk:This is not a type of security control. The following reference(s) were/was used to create this question: Shon Harris AIO 4th Edition, Chapter 3, Page 57
Question 133
Which of the following attributes could be used to describe a protection mechanism of an open design methodology?
Correct Answer: A
Question 134
In Mandatory Access Control, sensitivity labels attached to object contain what information?
Correct Answer: B
A Sensitivity label must contain at least one classification and one category set. Category set and Compartment set are synonyms, they mean the same thing. The sensitivity label must contain at least one Classification and at least one Category. It is common in some environments for a single item to belong to multiple categories. The list of all the categories to which an item belongs is called a compartment set or category set. The following answers are incorrect: the item's classification. Is incorrect because you need a category set as well. the item's category. Is incorrect because category set and classification would be both be required. The item's need to know. Is incorrect because there is no such thing. The need to know is indicated by the catergories the object belongs to. This is NOT the best answer. Reference(s) used for this question: OIG CBK, Access Control (pages 186 - 188) AIO, 3rd Edition, Access Control (pages 162 - 163) AIO, 4th Edittion, Access Control, pp 212-214. Wikipedia - http://en.wikipedia.org/wiki/Mandatory_Access_Control
Question 135
Which of the following tools is less likely to be used by a hacker?
Correct Answer: B
Explanation/Reference: Explanation: Tripwire is a tool that detects when files have been altered by regularly recalculating hashes of them and storing the hashes in a secure location. The product triggers when changes to the files have been detected. By using cryptographic hashes, tripwire is often able to detect subtle changes. Contrast: The simplistic form of tripwire is to check file size and last modification time. l0phtcrack, OphCrack and John the Ripper are password cracking tools and are therefore more likely to be used by hackers than Tripwire. Incorrect Answers: A: l0phtcrack is used to test password strength and sometimes to recover lost Microsoft Windows passwords, by using dictionary, brute-force, hybrid attacks, and rainbow tables. It is more likely to be used by a hacker than Tripwire. C: Ophcrack is a free Windows password cracker based on rainbow tables. It is more likely to be used by a hacker than Tripwire. D: John the Ripper is a fast password cracker, currently available for many flavors of Unix, Windows, DOS, BeOS, and OpenVMS. It is more likely to be used by a hacker than Tripwire. References: http://linux.about.com/cs/linux101/g/tripwire.htm