Which of the following computer crime is MORE often associated with INSIDERS?
Correct Answer: C
It refers to the alteration of the existing data , most often seen before it is entered into an application.This type of crime is extremely common and can be prevented by using appropriate access controls and proper segregation of duties. It will more likely be perpetrated by insiders, who have access to data before it is processed. The other answers are incorrect because : IP Spoofing is not correct as the questions asks about the crime associated with the insiders. Spoofing is generally accomplished from the outside. Password sniffing is also not the BEST answer as it requires a lot of technical knowledge in understanding the encryption and decryption process. Denial of service (DOS) is also incorrect as most Denial of service attacks occur over the internet. Reference : Shon Harris , AIO v3 , Chapter-10 : Law , Investigation & Ethics , Page : 758 760.
Question 698
Computer security should be first and foremost which of the following:
Correct Answer: B
Explanation/Reference: Computer security should be first and foremost cost-effective. As for any organization, there is a need to measure their cost-effectiveness, to justify budget usage and provide supportive arguments for their next budget claim. But organizations often have difficulties to accurately measure the effectiveness and the cost of their information security activities. The classical financial approach for ROI calculation is not particularly appropriate for measuring security-related initiatives: Security is not generally an investment that results in a profit. Security is more about loss prevention. In other terms, when you invest in security, you don't expect benefits; you expect to reduce the risks threatening your assets. The concept of the ROI calculation applies to every investment. Security is no exception. Executive decision-makers want to know the impact security is having on the bottom line. In order to know how much they should spend on security, they need to know how much is the lack of security costing to the business and what are the most cost-effective solutions. Applied to security, a Return On Security Investment (ROSI) calculation can provide quantitative answers to essential financial questions: Is an organization paying too much for its security? What financial impact on productivity could have lack of security? When is the security investment enough? Is this security product/organisation beneficial? The following are other concerns about computer security but not the first and foremost: The costs and benefits of security should be carefully examined in both monetary and non-monetary terms to ensure that the cost of controls does not exceed expected benefits. Security should be appropriate and proportionate to the value of and degree of reliance on the IT systems and to the severity, probability, and extent of potential harm. Requirements for security vary, depending upon the particular IT system. Therefore it does not make sense for computer security to cover all identified risks when the cost of the measures exceeds the value of the systems they are protecting. Reference(s) used for this question: SWANSON, Marianne & GUTTMAN, Barbara, National Institute of Standards and Technology (NIST), NIST Special Publication 800-14, Generally Accepted Principles and Practices for Securing Information Technology Systems, September 1996 (page 6). and http://www.enisa.europa.eu/activities/cert/other-work/introduction-to-return-on-security-investment
Question 699
Which of the following is a LAN transmission method?
Correct Answer: A
Section: Network and Telecommunications Explanation/Reference: LAN transmission methods refer to the way packets are sent on the network and are either unicast, multicast or broadcast. CSMA/CD is a common LAN media access method. Token ring is a LAN Topology. LAN transmission protocols are the rules for communicating between computers on a LAN. Common LAN transmission protocols are: polling and token-passing. A LAN topology defines the manner in which the network devices are organized to facilitate communications. Common LAN topologies are: bus, ring, star or meshed. LAN transmission methods refer to the way packets are sent on the network and are either unicast, multicast or broadcast. LAN media access methods control the use of a network (physical and data link layers). They can be Ethernet, ARCnet, Token ring and FDDI. Source: KRUTZ, Ronald L. & VINES, Russel D., The CISSP Prep Guide: Mastering the Ten Domains of Computer Security, John Wiley & Sons, 2001, Chapter 3: Telecommunications and Network Security (page 103). HERE IS A NICE OVERVIEW FROM CISCO: LAN Transmission Methods LAN data transmissions fall into three classifications: unicast, multicast, and broadcast. In each type of transmission, a single packet is sent to one or more nodes. In a unicast transmission, a single packet is sent from the source to a destination on a network. First, the source node addresses the packet by using the address of the destination node. The package is then sent onto the network, and finally, the network passes the packet to its destination. A multicast transmission consists of a single data packet that is copied and sent to a specific subset of nodes on the network. First, the source node addresses the packet by using a multicast address. The packet is then sent into the network, which makes copies of the packet and sends a copy to each node that is part of the multicast address. A broadcast transmission consists of a single data packet that is copied and sent to all nodes on the network. In these types of transmissions, the source node addresses the packet by using the broadcast address. The packet is then sent on to the network, which makes copies of the packet and sends a copy to every node on the network. LAN Topologies LAN topologies define the manner in which network devices are organized. Four common LAN topologies exist: bus, ring, star, and tree. These topologies are logical architectures, but the actual devices need not be physically organized in these configurations. Logical bus and ring topologies, for example, are commonly organized physically as a star. A bus topology is a linear LAN architecture in which transmissions from network stations propagate the length of the medium and are received by all other stations. Of the three most widely used LAN implementations, Ethernet/IEEE 802.3 networks-including 100BaseT-implement a bus topology Sources: KRUTZ, Ronald L. & VINES, Russel D., The CISSP Prep Guide: Mastering the Ten Domains of Computer Security, John Wiley & Sons, 2001, Chapter 3: Telecommunications and Network Security (page 104). http://www.cisco.com/univercd/cc/td/doc/cisintwk/ito_doc/introlan.htm
Question 700
In biometric identification systems, the parts of the body conveniently available for identification are:
Correct Answer: B
Explanation/Reference: Today implementation of fast, accurate, reliable, and user-acceptable biometric identification systems are already under way. Because most identity authentication takes place when a people are fully clothed (neck to feet and wrists), the parts of the body conveniently available for this purpose are hands, face, and eyes. From: TIPTON, Harold F. & KRAUSE, MICKI, Information Security Management Handbook, 4th Edition, Volume 1, Page 7.
Question 701
Which division of the Orange Book deals with discretionary protection (need-to-know)?
Correct Answer: B
Section: Access Control Explanation/Reference: C deals with discretionary protection. See matric below: TCSEC Matric The following are incorrect answers: D is incorrect. D deals with minimal security. B is incorrect. B deals with mandatory protection. A is incorrect. A deals with verified protection. Reference(s) used for this question: CBK, p. 329 - 330 and Shon Harris, CISSP All In One (AIO), 6th Edition , page 392-393