What mechanism does a system use to compare the security labels of a subject and an object?
Correct Answer: B
Section: Security Operation Adimnistration Explanation/Reference: Because the Reference Monitor is responsible for access control to the objects by the subjects it compares the security labels of a subject and an object. According to the OIG: The reference monitor is an access control concept referring to an abstract machine that mediates all accesses to objects by subjects based on information in an access control database. The reference monitor must mediate all access, be protected from modification, be verifiable as correct, and must always be invoked. The reference monitor, in accordance with the security policy, controls the checks that are made in the access control database. The following are incorrect: Validation Module. A Validation Module is typically found in application source code and is used to validate data being inputted. Clearance Check. Is a distractor, there is no such thing other than what someone would do when checking if someone is authorized to access a secure facility. Security Module. Is typically a general purpose module that prerforms a variety of security related functions. References: OIG CBK, Security Architecture and Design (page 324) AIO, 4th Edition, Security Architecture and Design, pp 328-328. Wikipedia - http://en.wikipedia.org/wiki/Reference_monitor
Question 993
When submitting a passphrase for authentication, the passphrase is converted into ...
Correct Answer: A
Passwords can be compromised and must be protected. In the ideal case, a password should only be used once. The changing of passwords can also fall between these two extremes. Passwords can be required to change monthly, quarterly, or at other intervals, depending on the criticality of the information needing protection and the password's frequency of use. Obviously, the more times a password is used, the more chance there is of it being compromised. It is recommended to use a passphrase instead of a password. A passphrase is more resistant to attacks. The passphrase is converted into a virtual password by the system. Often time the passphrase will exceed the maximum length supported by the system and it must be trucated into a Virtual Password. Reference(s) used for this question: http://www.itl.nist.gov/fipspubs/fip112.htm and KRUTZ, Ronald L. & VINES, Russel D., The CISSP Prep Guide: Mastering the Ten Domains of Computer Security, 2001, John Wiley & Sons, Page 36 & 37.
Question 994
Which of the following would provide the BEST stress testing environment taking under consideration and avoiding possible data exposure and leaks of sensitive data?
Correct Answer: B
Explanation/Reference: The best way to properly verify an application or system during a stress test would be to expose it to "live" data that has been sanitized to avoid exposing any sensitive information or Personally Identifiable Data (PII) while in a testing environment. Fabricated test data may not be as varied, complex or computationally demanding as "live" data. A production environment should never be used to test a product, as a production environment is one where the application or system is being put to commercial or operational use. It is a best practice to perform testing in a non-production environment. Stress testing is carried out to ensure a system can cope with production workloads, but as it may be tested to destruction, a test environment should always be used to avoid damaging the production environment. Hence, testing should never take place in a production environment. If only test data is used, there is no certainty that the system was adequately stress tested. Incorrect answers: Test environment using test data. This is incorrect because live data is typically more useful during stress testing Production environment using test data. This is incorrect because the production environment should not be used for testing. Production environment using live workloads. This is incorrect because the production environment should not be used for testing. Source: Information Systems Audit and Control Association, Certified Information Systems Auditor 2002 review manual, chapter 6: Business Application System Development, Acquisition, Implementation and Maintenance (page 299). And: KRUTZ, Ronald L. & VINES, Russel D., The CISSP Prep Guide: Mastering the Ten Domains of Computer Security, 2001, John Wiley & Sons, Page 251. And:
Question 995
Which of the following is NOT a true statement regarding the implementaton of the 3DES modes?
Correct Answer: A
Explanation/Reference: There is no DES mode call DES-EEE1. It does not exist. The following are the correct modes for triple-DES (3DES): DES-EEE3 uses three keys for encryption and the data is encrypted, encrypted, encrypted; DES-EDE3 uses three keys and encrypts, decrypts and encrypts data. DES-EEE2 and DES-EDE2 are the same as the previous modes, but the first and third operations use the same key. Reference(s) used for this question: Shon Harris, CISSP All In One (AIO) book, 6th edition , page 808 and Official ISC2 Guide to the CISSP CBK, 2nd Edition (2010) , page 344-345
Question 996
Which one of the following represents an ALE calculation?
Correct Answer: A
Section: Risk, Response and Recovery Explanation/Reference: Single Loss Expectancy (SLE) is the dollar amount that would be lost if there was a loss of an asset. Annualized Rate of Occurrence (ARO) is an estimated possibility of a threat to an asset taking place in one year (for example if there is a change of a flood occuring once in 10 years the ARO would be .1, and if there was a chance of a flood occuring once in 100 years then the ARO would be .01). The following answers are incorrect: gross loss expectancy x loss frequency. Is incorrect because this is a distractor. actual replacement cost - proceeds of salvage. Is incorrect because this is a distractor. asset value x loss expectancy. Is incorrect because this is a distractor.