Which of the following is a BEST practice when traveling internationally with laptops containing Personally Identifiable Information (PII)?
Correct Answer: B
Question 227
What is a Type 2 authentication factor?
Correct Answer: C
A Type 2 authentication factor is something you have, such as a smart card, ATM card, token device, memory card, etc.
Question 228
Which of the following is required to determine classification and ownership?
Correct Answer: C
Question 229
The Transport Layer Security (TLS) 1.0 protocol is based on which Protocol Specification?
Correct Answer: A
The differences between TLS and SSL are not great, but there is enough of a difference such that TLS 1.0 and SSL 3.0 are not operationally compatible. If interoperability is desired, there is a capability in TLS that allows it to function as SSL. Question 5 provides additional discussion of the TLS protocol.
Question 230
Identity Management solutions include such technologies as Directories services, Single Sign-On and Web Access management. There are many reasons for management to choose an identity management solution. Which of the following is a key management challenge regarding identity management solutions?
Correct Answer: D
Any identity management system used in an environment where there are tens of thousands of users must be able to scale to support the volumes of data and peak transaction rates. The following answers are incorrect: Increasing number of points of failures. This is actually a potential negative impact of not implementing an identity management solution. Identity management is meant to decrease cost and inefficiencies that organizations struggle with so that failures can be managed more efficiently. Users will no longer be able to "recycle" their password for different applications. This is actually a function of an effective password management system. Consistency and efficiency are maintained by minimizing unique user authentication requirements. Costs increase as identity management technologies require significant resources. On the contrary, "When users access multiple systems, they may be presented with multiple log-in IDs, multiple passwords, and multiple sign-on screens. This complexity is burdensome to users, who consequently have problems accessing systems and incur productivity and support costs The following reference(s) were/was used to create this question: ISC2 Official Guide to the CISSP CBK 2007, pg 173 "Key management challenges regarding identity management solutions are:" [consistency, efficiency, usability, reliabliity and scalability.] "Scalability: Enterprises manage user profile data for large numbers of people. There are typically tens of thousands of internal users, and hundreds or thousands of partners or clients."