Which access control model provides upper and lower bounds of access capabilities for a subject?
Correct Answer: B
Explanation/Reference: In the lattice model, users are assigned security clearences and the data is classified. Access decisions are made based on the clearence of the user and the classification of the object. Lattice-based access control is an essential ingredient of formal security models such as Bell-LaPadula, Biba, Chinese Wall, etc. The bounds concept comes from the formal definition of a lattice as a "partially ordered set for which every pair of elements has a greatest lower bound and a least upper bound." To see the application, consider a file classified as "SECRET" and a user Joe with a security clearence of "TOP SECRET." Under Bell- LaPadula, Joe's "least upper bound" access to the file is "READ" and his least lower bound is "NO WRITE" (star property). Role-based access control is incorrect. Under RBAC, the access is controlled by the permissions assigned to a role and the specific role assigned to the user. Biba access control is incorrect. The Biba integrity model is based on a lattice structure but the context of the question disqualiifes it as the best answer. Content-dependent access control is incorrect. In content dependent access control, the actual content of the information determines access as enforced by the arbiter. References: CBK, pp. 324-325. AIO3, pp. 291-293. See aprticularly Figure 5-19 on p. 293 for an illustration of bounds in action.
Question 668
The concept of best effort delivery is best associated with?
Correct Answer: D
Explanation/Reference: The Internet Protocol (IP) is a data-oriented protocol used for communicating data across a packet- switched internetwork. IP provides an unreliable service (i.e., best effort delivery). This means that the network makes no guarantees about the packet. Low-level connectionless protocols such as DDP (under Appletalk) and IP usually provide best-effort delivery of data. Best-effort delivery means that the protocol attempts to deliver any packets that meet certain requirements, such as containing a valid destination address, but the protocol does not inform the sender when it is unable to deliver the data, nor does it attempt to recover from error conditions and data loss. Higher-level protocols such as TCP on the other hand, can provide reliable delivery of data. Reliable delivery includes error checking and recovery from error or loss of data. HTTP is the HyperText Transport Protocol used to establish connections to a web server and thus one of the higher level protocol using TCP to ensure delivery of all bytes between the client and the server. It was not a good choice according to the question presented. Here is another definition from the TCP/IP guide at: http://www.tcpipguide.com/free/ t_IPOverviewandKeyOperationalCharacteristics.htm Delivered Unreliably: IP is said to be an "unreliable protocol". That doesn't mean that one day your IP software will decide to go fishing rather than run your network. J It does mean that when datagrams are sent from device A to device B, device A just sends each one and then moves on to the next. IP doesn't keep track of the ones it sent. It does not provide reliability or service quality capabilities such as error protection for the data it sends (though it does on the IP header), flow control or retransmission of lost datagrams. For this reason, IP is sometimes called a best-effort protocol. It does what it can to get data to where it needs to go, but "makes no guarantees" that the data will actually get there.
Question 669
What is the greatest danger from DHCP?
Correct Answer: A
The greatest danger from BootP or DHCP (Dynamic Host Control Protocol) is from an intruder on the network impersonating a DHCP server and thereby misconfiguring the DHCP clients. Other choices are possible consequences of DHCP impersonation. Source: STREBE, Matthew and PERKINS, Charles, Firewalls 24seven, Sybex 2000, Chapter 4: Sockets and Services from a Security Viewpoint.
Question 670
The __________ is the most dangerous part of a virus program.
Correct Answer: B
Question 671
What works as an E-mail message transfer agent?
Correct Answer: A
Section: Network and Telecommunications Explanation/Reference: SMTP (Simple Mail Transfer Protocol) works as a message transfer agent. Source: HARRIS, Shon, All-In-One CISSP Certification Exam Guide, McGraw-Hill/Osborne, 2001, Page 821.