Complete the following sentence. A digital signature is a ____
Correct Answer: A
A digital signature is a hash value that has been encrypted with the senders private key. The act of signing means encrypting the messages hash value with the sender private key. The following answers are incorrect: hash value that has been encrypted with the senders public key Encrypting with a public key provide only one service, it is confidentiality. Only the receiver using the matching private key could get access to the clear text. hash value that has been encrypted with the senders Session key Session keys are Symmetric keys that have a short lifespan, they are used to encrypt the data while a session is ongoing and then destroyed. it is senders signature signed and scanned in a digital format This is only a distractor The following reference(s) were/was used to create this question: Harris, Shon (2012-10-18). CISSP All-in-One Exam Guide, 6th Edition (p. 829). McGraw-Hill . Kindle Edition.
Question 247
The top speed of ISDN BRI is 256 KBS.(True/False)
Correct Answer: B
The top speed of ISDN BRI is 128 KBS. Its two primary channels are each capable of carrying 64 KBS so the combined top speed is 128 KBS.
Question 248
What BEST describes the National Security Agency-developed Capstone?
Correct Answer: C
Capstone is a Very Large Scale Integration (VLSI) chip that employs the Escrowed Encryption Standard and incorporates the Skipjack algorithm, similar to the Clipper Chip. As such, it has a LEAf. Capstone also supports public key exchange and digital signatures. At this time, Capstone products have their LEAF function suppressed and a Certifying Authority provides for key recovery. *Answer "A device for intercepting electromagnetic emissions" is then, obviously, incorrect. For information purposes, though, the US Government program to study and control the interception of electromagnetic emissions that may compromise classified information is called TEMPEST. *Answer "The PC Card implementation of the Clipper Chip system" is also, obviously, incorrect. However, Capstone was first implemented on a PC card called Fortezza. *Answer "A one-way function for implementation of public key encryption" is incorrect since Capstone is not a mathematical function, but it incorporates mathematical functions for key exchange, authentication and encryption.
Question 249
Guards are appropriate whenever the function required by the security program involves which of the following?
Correct Answer: A
The answer: The use of discriminating judgment, a guard can make the determinations that hardware or other automated security devices cannot make due to its ability to adjust to rapidly changing conditions, to learn and alter recognizable patterns, and to respond to various conditions in the environment. Guards are better at making value decisions at times of incidents. They are appropriate whenever immediate, discriminating judgment is required by the security entity. The following answers are incorrect: The use of physical force This is not the best answer. A guard provides discriminating judgment, and the ability to discern the need for physical force. The operation of access control devices A guard is often uninvolved in the operations of an automated access control device such as a biometric reader, a smart lock, mantrap, etc. The need to detect unauthorized access The primary function of a guard is not to detect unauthorized access, but to prevent unauthorized physical access attempts and may deter social engineering attempts. The following reference(s) were/was used to create this question: Source: KRUTZ, Ronald L. & VINES, Russel D., The CISSP Prep Guide: Mastering the Ten Domains of Computer Security, John Wiley & Sons, 2001, Chapter 10: Physical security (page 339). Source: ISC2 Offical Guide to the CBK page 288-289.
Question 250
Which of the following binds a subject name to a public key value?
Correct Answer: B
Explanation/Reference: Explanation: A typical PKI consists of hardware, software, policies and standards to manage the creation, administration, distribution and revocation of keys and digital certificates. Digital certificates are at the heart of PKI as they affirm the identity of the certificate subject and bind that identity to the public key contained in the certificate. Incorrect Answers: A: A public-key certificate contains a public key. However, it is the PKI (in particular the certificate authority) that verifies the subject's identity and binds the subject name to the public key value. C: A secret key infrastructure is not a valid answer. A secret key can refer to a private key or more commonly to a shared key used in symmetric encryption. D: A private key (and its corresponding public key) is usually generated by a user or application. The public key is then validated and signed by a CA. A private key does not bind a subject name to a public key value. References: http://searchsecurity.techtarget.com/definition/PKI