What does the simple integrity axiom mean in the Biba model?
Correct Answer: B
The simple integrity axiom of the Biba access control model states that a subject at one level of integrity is not permitted to observe an object of a lower integrity (no read down). Source: KRUTZ, Ronald L. & VINES, Russel D., The CISSP Prep Guide: Mastering the Ten Domains of Computer Security, John Wiley & Sons, 2001, Chapter 5: Security Architectures and Models (page 205).
Question 302
Which of the following is the MOST common method of memory protection?
Correct Answer: A
Question 303
Cryptography does NOT help in:
Correct Answer: D
Cryptography is a detective control in the fact that it allows the detection of fraudulent insertion, deletion or modification. It also is a preventive control is the fact that it prevents disclosure, but it usually does not offers any means of detecting disclosure. Source: DUPUIS, Clement, CISSP Open Study Guide on domain 5, cryptography, April 1999.
Question 304
The key benefits of a signed and encrypted e-mail include
Correct Answer: A
Question 305
Which of the following is NOT a characteristic of a cryptographic hash function, H (m), where m denotes the message being hashed by the function H?
Correct Answer: B
For a cryptographic hash function, H (m) is relatively easy to compute for a given m. *Answer "H (m) is collision free" is a characteristic of a good cryptographic hash function, in that collision free means that for a given message, M, that produces H (M) = Z, it is computationally infeasible to find another message, M1, such that H (M1) = Z. *Answer "The output is of fixed length" is part of the definition of a hash function since it generates a fixed-length result that is independent of the length of the input message. This characteristic is useful for generating digital signatures since the signature can be applied to the fixed-length hash that is uniquely characteristic of the message instead of to the entire message, which is usually much longer than the hash. *Answer "H (m) is a one-way function" relates to answer "H (m) is difficult to compute for any given m" in that a one-way function is difficult or impossible to invert. This means that for a hash function H (M) = Z, it is computationally infeasible to reverse the process and find M given the hash Z and the function H.