In biometric identification systems, at the beginning, it was soon apparent that truly positive identification could only be based on :
Correct Answer: B
Section: Access Control Explanation/Reference: Today implementation of fast, accurate reliable and user-acceptable biometric identification systems is already under way. From: TIPTON, Harold F. & KRAUSE, MICKI, Information Security Management Handbook, 4th Edition, Volume 1, Page 7.
Question 643
Which of the following service is not provided by a public key infrastructure (PKI)?
Correct Answer: D
A Public Key Infrastructure (PKI) provides confidentiality, access control, integrity, authentication and non-repudiation. It does not provide reliability services. Reference(s) used for this question: TIPTON, Hal, (ISC)2, Introduction to the CISSP Exam presentation.
Question 644
Which backup method copies only files that have changed since the last full backup, but does not clear the archive bit?
Correct Answer: A
One of the key item to understand regarding backup is the archive bit. The archive bit is used to determine what files have been backuped already. The archive bit is set if a file is modified or a new file is created, this indicates to the backup program that it has to be saved on the next backup. When a full backup is performed the archive bit will be cleared indicating that the files were backup. This allows backup programs to do an incremental or differential backup that only backs up the changes to the filesystem since the last time the bit was cleared Full Backup (or Reference Backup) A Full backup will backup all the files and folders on the drive every time you run the full backup. The archive bit is cleared on all files indicating they were all backuped. Advantages: All files from the selected drives and folders are backed up to one backup set. In the event you need to restore files, they are easily restored from the single backup set. Disadvantages: A full backup is more time consuming than other backup options. Full backups require more disk, tape, or network drive space. Incremental Backup An incremental backup provides a backup of files that have changed or are new since the last incremental backup. For the first incremental backup, all files in the file set are backed up (just as in a full backup). If you use the same file set to perform a incremental backup later, only the files that have changed are backed up. If you use the same file set for a third backup, only the files that have changed since the second backup are backed up, and so on. Incremental backup will clear the archive bit. Advantages: Backup time is faster than full backups. Incremental backups require less disk, tape, or network drive space. You can keep several versions of the same files on different backup sets. Disadvantages: In order to restore all the files, you must have all of the incremental backups available. It may take longer to restore a specific file since you must search more than one backup set to find the latest version of a file. Differential Backup A differential backup provides a backup of files that have changed since a full backup was performed. A differential backup typically saves only the files that are different or new since the last full backup. Together, a full backup and a differential backup include all the files on your computer, changed and unchanged. Differential backup do not clear the archive bits. Advantages: Differential backups require even less disk, tape, or network drive space than incremental backups. Backup time is faster than full or incremental backups. Disadvantages: Restoring all your files may take considerably longer since you may have to restore both the last differential and full backup. Restoring an individual file may take longer since you have to locate the file on either the differential or full backup. For more info see: http://support.microsoft.com/kb/136621 Source: KRUTZ, Ronald L. & VINES, Russel D., The CISSP Prep Guide: Mastering the Ten Domains of Computer Security, 2001, John Wiley & Sons, Page 69.
Question 645
Which of the following statements pertaining to protection rings is false?
Correct Answer: D
Section: Security Operation Adimnistration Explanation/Reference: In computer science, hierarchical protection domains, often called protection rings, are mechanisms to protect data and functionality from faults (fault tolerance) and malicious behaviour (computer security). This approach is diametrically opposite to that of capability-based security. Computer operating systems provide different levels of access to resources. A protection ring is one of two or more hierarchical levels or layers of privilege within the architecture of a computer system. This is generally hardware-enforced by some CPU architectures that provide different CPU modes at the hardware or microcode level. Rings are arranged in a hierarchy from most privileged (most trusted, usually numbered zero) to least privileged (least trusted, usually with the highest ring number). On most operating systems, Ring 0 is the level with the most privileges and interacts most directly with the physical hardware such as the CPU and memory. Special gates between rings are provided to allow an outer ring to access an inner ring's resources in a predefined manner, as opposed to allowing arbitrary usage. Correctly gating access between rings can improve security by preventing programs from one ring or privilege level from misusing resources intended for programs in another. For example, spyware running as a user program in Ring 3 should be prevented from turning on a web camera without informing the user, since hardware access should be a Ring 1 function reserved for device drivers. Programs such as web browsers running in higher numbered rings must request access to the network, a resource restricted to a lower numbered ring. "They provide strict boundaries and definitions on what the processes that work within each ring can access" is incorrect. This is in fact one of the characteristics of a ring protection system. "Programs operating in inner rings are usually referred to as existing in a privileged mode" is incorrect. This is in fact one of the characteristics of a ring protection system. "They support the CIA triad requirements of multitasking operating systems" is incorrect. This is in fact one of the characteristics of a ring protection system. Reference(s) used for this question: CBK, pp. 310-311 AIO3, pp. 253-256 AIOv4 Security Architecture and Design (pages 308 - 310) AIOv5 Security Architecture and Design (pages 309 - 312)
Question 646
The high availability of multiple all-inclusive, easy-to-use hacking tools that do NOT require much technical knowledge has brought a growth in the number of which type of attackers?
Correct Answer: C
Explanation/Reference: As script kiddies are low to moderately skilled hackers using available scripts and tools to easily launch attacks against victims. The other answers are incorrect because : Black hats is incorrect as they are malicious , skilled hackers. White hats is incorrect as they are security professionals. Phreakers is incorrect as they are telephone/PBX (private branch exchange) hackers. Reference : Shon Harris AIO v3 , Chapter 12: Operations security , Page : 830