What is called the percentage of valid subjects that are falsely rejected by a Biometric Authentication system?
Correct Answer: A
The percentage of valid subjects that are falsely rejected is called the False Rejection Rate (FRR) or Type I Error. Source: KRUTZ, Ronald L. & VINES, Russel D., The CISSP Prep Guide: Mastering the Ten Domains of Computer Security, 2001, John Wiley & Sons, Page 38.
Question 853
What protocol is used on the Local Area Network (LAN) to obtain an IP address from it's known MAC address?
Correct Answer: A
The reverse address resolution protocol (RARP) sends out a packet including a MAC address and a request to be informed of the IP address that should be assigned to that MAC. Diskless workstations do not have a full operating system but have just enough code to know how to boot up and broadcast for an IP address, and they may have a pointer to the server that holds the operating system. The diskless workstation knows its hardware address, so it broadcasts this information so that a listening server can assign it the correct IP address. As with ARP, Reverse Address Resolution Protocol (RARP) frames go to all systems on the subnet, but only the RARP server responds. Once the RARP server receives this request, it looks in its table to see which IP address matches the broadcast hardware address. The server then sends a message that contains its IP address back to the requesting computer. The system now has an IP address and can function on the network. The Bootstrap Protocol (BOOTP) was created after RARP to enhance the functionality that RARP provides for diskless workstations. The diskless workstation can receive its IP address, the name server address for future name resolutions, and the default gateway address from the BOOTP server. BOOTP usually provides more functionality to diskless workstations than does RARP. The evolution of this protocol has unfolded as follows: RARP evolved into BOOTP, which evolved into DHCP. The following are incorrect answers: NAT is a tool that is used for masking true IP addresses by employing internal addresses. ARP does the opposite of RARP, it finds the MAC address that maps with an existing IP address. Data Link layer The Data Link layer is not a protocol; it is represented at layer 2 of the OSI model. In the TCP/IP model, the Data Link and Physical layers are combined into the Network Access layer, which is sometimes called the Link layer or the Network Interface layer. Reference(s) used for this question: Harris, Shon (2012-10-25). CISSP All-in-One Exam Guide, 6th Edition, Telecommunications and Network Security, Page 584-585 and also 598. For Kindle users see Kindle Locations 12348-12357. McGraw-Hill. and KRUTZ, Ronald L. & VINES, Russel D., The CISSP Prep Guide: Mastering the Ten Domains of Computer Security, John Wiley & Sons, 2001, Chapter 3: Telecommunications and Network Security (page 87).
Question 854
Which type of algorithm is considered to have the highest strength per bit of key length of any of the asymmetric algorithms?
Correct Answer: C
Section: Cryptography Explanation/Reference: The other answers are not correct because: "Rivest, Shamir, Adleman (RSA)" is incorrect because RSA is a "traditional" asymmetric algorithm. While it is reasonably strong, it is not considered to be as strong as ECC based systems. "El Gamal" is incorrect because it is also a "traditional" asymmetric algorithm and not considered as strong as ECC based systems. "Advanced Encryption Standard (AES)" is incorrect because the question asks specifically about asymmetric algorithms and AES is a symmetric algorithm. References: Official ISC2 Guide page: 258 All in One Third Edition page: 638 The RSA Crypto FAQ: http://www.rsa.com/rsalabs/node.asp?id=2241
Question 855
Which of the following is NOT a correct notation for an IPv6 address?
Correct Answer: D
This is not a correct notation for an IPv6 address because the the "::" can only appear once in an address. The use of "::" is a shortcut notation that indicates one or more groups of 16 bits of zeros. 1 is the loopback address using the special notation Reference: IP Version 6 Addressing Architecture http://tools.ietf.org/html/rfc4291#section-2.1
Question 856
In a hierarchical PKI the highest CA is regularly called Root CA, it is also referred to by which one of the following term?
Correct Answer: B
Explanation/Reference: Reference: Arsenault, Turner, Internet X.509 Public Key Infrastructure: Roadmap, Chapter "Terminology". Also note that sometimes other terms such as Certification Authority Anchor (CAA) might be used within some government organization, Top level CA is another common term to indicate the top level CA, Top Level Anchor could also be used.