What enables users to validate each other's certificate when they are certified under different certification hierarchies?
Correct Answer: A
Cross-certification is the act or process by which two CAs each certifiy a public key of the other, issuing a public-key certificate to that other CA, enabling users that are certified under different certification hierarchies to validate each other's certificate. Source: SHIREY, Robert W., RFC2828: Internet Security Glossary, may 2000.
Question 138
CORRECT TEXT ______________ is a major component of an overall risk management program.
Correct Answer:
assessment
Question 139
Spoofing is a sophisticated technique of authenticating one computer to another by forging IP packets from a trusted source address(True / False)
Correct Answer: A
Spoofing can be achieved by exploiting trust and authentication.
Question 140
Which of the following is the most critical item from a disaster recovery point of view?
Correct Answer: A
Section: Risk, Response and Recovery Explanation/Reference: The most important point is ALWAYS the data. Everything else can be replaced or repaired. Data MUST be backed up, backups must be regularly tested, because once it is truly lost, it is lost forever. The goal of disaster recovery is to minimize the effects of a disaster or disruption. It means taking the necessary steps to ensure that the resources, personnel, and business processes are able to resume operation in a timely manner . This is different from continuity planning, which provides methods and procedures for dealing with longer-term outages and disasters. The goal of a disaster recovery plan is to handle the disaster and its ramifications right after the disaster hits; the disaster recovery plan is usually very information technology (IT)- focused. A disaster recovery plan (DRP) is carried out when everything is still in emergency mode, and everyone is scrambling to get all critical systems back online. Reference(s) used for this question: Harris, Shon (2012-10-18). CISSP All-in-One Exam Guide, 6th Edition (p. 887). McGraw-Hill. Kindle Edition. and Veritas eLearning CD - Introducing Disaster Recovery Planning, Chapter 1.
Question 141
Which of the following backup methods makes a complete backup of every file on the server every time it is run?
Correct Answer: A
The Full Backup Method makes a complete backup of every file on the server every time it is run. Source: KRUTZ, Ronald L. & VINES, Russel D., The CISSP Prep Guide: Mastering the Ten Domains of Computer Security, 2001, John Wiley & Sons, Page 69.