Which of the following questions is less likely to help in assessing identification and authentication controls?
Correct Answer: D
Section: Access Control Explanation/Reference: Identification and authentication is a technical measure that prevents unauthorized people (or unauthorized processes) from entering an IT system. Access control usually requires that the system be able to identify and differentiate among users. Reporting incidents is more related to incident response capability (operational control) than to identification and authentication (technical control). Source: SWANSON, Marianne, NIST Special Publication 800-26, Security Self-Assessment Guide for Information Technology Systems, November 2001 (Pages A-30 to A-32).
Question 583
The IP header contains a protocol field. If this field contains the value of 1, what type of data is contained within the IP datagram?
Correct Answer: B
Explanation/Reference: If the protocol field has a value of 1 then it would indicate it was ICMP. The following answers are incorrect: TCP. Is incorrect because the value for a TCP protocol would be 6. UDP. Is incorrect because the value for an UDP protocol would be 17. IGMP. Is incorrect because the value for an IGMP protocol would be 2.
Question 584
Which of the following is NOT an advantage that TACACS+ has over TACACS?
Correct Answer: A
Although TACACS+ provides better audit trails, event logging is a service that is provided with TACACS. Source: KRUTZ, Ronald L. & VINES, Russel D., The CISSP Prep Guide: Mastering the Ten Domains of Computer Security, John Wiley & Sons, 2001, Chapter 3: Telecommunications and Network Security (page 121).
Question 585
A momentary high voltage is a:
Correct Answer: A
Explanation/Reference: Too much voltage for a short period of time is a spike. Too much voltage for a long period of time is a surge. Not enough voltage for a short period of time is a sag or dip Not enough voltage for a long period of time is brownout A short power interruption is a fault A long power interruption is a blackout You MUST know all of the power issues above for the purpose of the exam. From: HARRIS, Shon, All-In-One CISSP Certification Exam Guide, 3rd. Edition McGraw-Hill/Osborne, 2005, page 368.
Question 586
A security evaluation report and an accreditation statement are produced in which of the following phases of the system development life cycle?
Correct Answer: D
Section: Security Operation Adimnistration Explanation/Reference: The Answer: "acceptance phase". Note the question asks about an "evaluation report" - which details how the system evaluated, and an "accreditation statement" which describes the level the system is allowed to operate at. Because those two activities are a part of testing and testing is a part of the acceptance phase, the only answer above that can be correct is "acceptance phase". The other answers are not correct because: The "project initiation and planning phase" is just the idea phase. Nothing has been developed yet to be evaluated, tested, accredited, etc. The "system design specification phase" is essentially where the initiation and planning phase is fleshed out. For example, in the initiation and planning phase, we might decide we want the system to have authentication. In the design specification phase, we decide that that authentication will be accomplished via username/ password. But there is still nothing actually developed at this point to evaluate or accredit. The "development & documentation phase" is where the system is created and documented. Part of the documentation includes specific evaluation and accreditation criteria. That is the criteria that will be used to evaluate and accredit the system during the "acceptance phase". In other words - you cannot evaluate or accredit a system that has not been created yet. Of the four answers listed, only the acceptance phase is dealing with an existing system. The others deal with planning and creating the system, but the actual system isn't there yet. Reference: Official ISC2 Guide Page: 558 - 559 All in One Third Edition page: 832 - 833 (recommended reading)