Which of the following can be defined as the process of rerunning a portion of the test scenario or test plan to ensure that changes or corrections have not introduced new errors?
Correct Answer: C
Explanation/Reference: Regression testing is the process of rerunning a portion of the test scenario or test plan to ensure that changes or corrections have not introduced new errors. The data used in regression testing should be the same as the data used in the original test. Unit testing refers to the testing of an individual program or module. Pilot testing is a preliminary test that focuses only on specific and predetermined aspects of a system. Parallel testing is the process of feeding test data into two systems and comparing the results. Source: Information Systems Audit and Control Association, Certified Information Systems Auditor 2002 review manual, Chapter 6: Business Application System Development, Acquisition, Implementation and Maintenance (page 300).
Question 193
Network-based Intrusion Detection systems:
Correct Answer: A
Section: Analysis and Monitoring Explanation/Reference: Network-based ID systems: - Commonly reside on a discrete network segment and monitor the traffic on that network segment - Usually consist of a network appliance with a Network Interface Card (NIC) that is operating in promiscuous mode and is intercepting and analyzing the network packets in real time "A passive NIDS takes advantage of promiscuous mode access to the network, allowing it to gain visibility into every packet traversing the network segment. This allows the system to inspect packets and monitor sessions without impacting the network, performance, or the systems and applications utilizing the network." NOTE FROM CLEMENT: A discrete network is a synonym for a SINGLE network. Usually the sensor will monitor a single network segment, however there are IDS today that allow you to monitor multiple LAN's at the same time. References used for this question: KRUTZ, Ronald L. & VINES, Russel D., The CISSP Prep Guide: Mastering the Ten Domains of Computer Security, 2001, John Wiley & Sons, Page 62. and Official (ISC)2 Guide to the CISSP CBK, Hal Tipton and Kevin Henry, Page 196 and Additional information on IDS systems can be found here: http://en.wikipedia.org/wiki/ Intrusion_detection_system
Question 194
Physically securing backup tapes from unauthorized access is obviously a security concern and is considered a function of the:
Correct Answer: A
Physically securing the tapes from unauthorized access is obviously a security concern and is considered a function of the Operations Security Domain. Source: KRUTZ, Ronald L. & VINES, Russel D., The CISSP Prep Guide: Mastering the Ten Domains of Computer Security, 2001, John Wiley & Sons, Page 71.
Question 195
Which of the following is true of two-factor authentication?
Correct Answer: D
It relies on two independent proofs of identity. Two-factor authentication refers to using two independent proofs of identity, such as something the user has (e.g. a token card) and something the user knows (a password). Two-factor authentication may be used with single sign-on. The following answers are incorrect: It requires two measurements of hand geometry. Measuring hand geometry twice does not yield two independent proofs. It uses the RSA public-key signature based on integers with large prime factors. RSA encryption uses integers with exactly two prime factors, but the term "two-factor authentication" is not used in that context. It does not use single sign-on technology. This is a detractor. The following reference(s) were/was used to create this question: Shon Harris AIO v.3 p.129 ISC2 OIG, 2007 p. 126
Question 196
____________ is a file system that was poorly designed and has numerous security flaws.