ISC SSCP Online Practice Questions and Exam Preparation

ISC SSCP Online Questions & Answers

• Question 111:

  The Terminal Access Controller Access Control System (TACACS) employs which of the following?

  A. a user ID and static password for network access
  B. a user ID and dynamic password for network access
  C. a user ID and symmetric password for network access
  D. a user ID and asymmetric password for network access
  A. a user ID and static password for network access

  ---

  For networked applications, the Terminal Access Controller Access Control System (TACACS) employs a user ID and a static password for network access. Source: KRUTZ, Ronald L. and VINES, Russel D., The CISSP Prep Guide: Mastering the Ten Domains of Computer Security, 2001, John Wiley and Sons, Page 44.

• Question 112:

  In a SSL session between a client and a server, who is responsible for generating the master secret that will be used as a seed to generate the symmetric keys that will be used during the session?

  A. Both client and server
  B. The client's browser
  C. The web server
  D. The merchant's Certificate Server
  B. The client's browser

  ---

  Once the merchant server has been authenticated by the browser client, the browser generates a master secret that is to be shared only between the server and client. This secret serves as a seed to generate the session (private) keys. The master secret is then encrypted with the merchant's public key and sent to the server. The fact that the master secret is generated by the client's browser provides the client assurance that the server is not reusing keys that would have been used in a previous session with another client.

  Source: ANDRESS, Mandy, Exam Cram CISSP, Coriolis, 2001, Chapter 6: Cryptography (page 112).

  Also: HARRIS, Shon, All-In-One CISSP Certification Exam Guide, McGraw-Hill/Osborne, 2001, page 569.

• Question 113:

  Which of the following statements pertaining to message digests is incorrect?

  A. The original file cannot be created from the message digest.
  B. Two different files should not have the same message digest.
  C. The message digest should be calculated using at least 128 bytes of the file.
  D. Messages digests are usually of fixed size.
  C. The message digest should be calculated using at least 128 bytes of the file.

  ---

  Source: KRUTZ, Ronald L. and VINES, Russel D., The CISSP Prep Guide: Mastering the Ten Domains of Computer Security, John Wiley and Sons, 2001, Chapter 4: Cryptography (page 160).

• Question 114:

  What can be defined as an abstract machine that mediates all access to objects by subjects to ensure that subjects have the necessary access rights and to protect objects from unauthorized access?

  A. The Reference Monitor
  B. The Security Kernel
  C. The Trusted Computing Base
  D. The Security Domain
  A. The Reference Monitor

  ---

  The reference monitor refers to abstract machine that mediates all access to objects by subjects.

  This question is asking for the concept that governs access by subjects to objects, thus the reference monitor is the best answer. While the security kernel is similar in nature, it is what actually enforces the concepts outlined in the reference

  monitor.

  In operating systems architecture a reference monitor concept defines a set of design requirements on a reference validation mechanism, which enforces an access control policy over subjects' (e.g., processes and users) ability to perform

  operations (e.g., read and write) on objects (e.g., files and sockets) on a system. The properties of a reference monitor are:

  The reference validation mechanism must always be invoked (complete mediation). Without this property, it is possible for an attacker to bypass the mechanism and violate the security policy.

  The reference validation mechanism must be tamperproof (tamperproof). Without this property, an attacker can undermine the mechanism itself so that the security policy is not correctly enforced.

  The reference validation mechanism must be small enough to be subject to analysis and tests, the completeness of which can be assured (verifiable). Without this property, the mechanism might be flawed in such a way that the policy is not

  enforced.

  For example, Windows 3.x and 9x operating systems were not built with a reference monitor, whereas the Windows NT line, which also includes Windows 2000 and Windows XP, was designed to contain a reference monitor, although it is not

  clear that its properties (tamperproof, etc.) have ever been independently verified, or what level of computer security it was intended to provide. The claim is that a reference validation mechanism that satisfies the reference monitor concept

  will correctly enforce a system's access control policy, as it must be invoked to mediate all security-sensitive operations, must not be tampered, and has undergone complete analysis and testing to verify correctness. The abstract model of a

  reference monitor has been widely applied to any type of system that needs to enforce access control, and is considered to express the necessary and sufficient properties for any system making this security claim.

  According to Ross Anderson, the reference monitor concept was introduced by James Anderson in an influential 1972 paper.

  Systems evaluated at B3 and above by the Trusted Computer System Evaluation Criteria (TCSEC) must enforce the reference monitor concept.

  The reference monitor, as defined in AIO V5 (Harris) is: "an access control concept that refers to an abstract machine that mediates all access to objects by subjects." The security kernel, as defined in AIO V5 (Harris) is: "the hardware,

  firmware, and software elements of a trusted computing based (TCB) that implement the reference monitor concept. The kernel must mediate all access between subjects and objects, be protected from modification, and be verifiable as

  correct."

  The trusted computing based (TCB), as defined in AIO V5 (Harris) is: "all of the protection mechanisms within a computer system (software, hardware, and firmware) that are responsible for enforcing a security policy."

  The security domain, "builds upon the definition of domain (a set of resources available to a subject) by adding the fact that resources withing this logical structure (domain) are working under the same security policy and managed by the

  same group."

  The following answers are incorrect:

  "The security kernel" is incorrect. One of the places a reference monitor could be implemented is in the security kernel but this is not the best answer.

  "The trusted computing base" is incorrect. The reference monitor is an important concept in the TCB but this is not the best answer.

  "The security domain is incorrect." The reference monitor is an important concept in the security domain but this is not the best answer.

  Reference(s) used for this question:

  Official ISC2 Guide to the CBK, page 324

  AIO Version 3, pp. 272 - 274

  AIOv4 Security Architecture and Design (pages 327 - 328)

  AIOv5 Security Architecture and Design (pages 330 - 331)

  Wikipedia article at https://en.wikipedia.org/wiki/Reference_monitor

• Question 115:

  Which of the following is the core of fiber optic cables made of?

  A. PVC
  B. Glass fibers
  C. Kevlar
  D. Teflon
  B. Glass fibers

  ---

  Fiber optic cables have an outer insulating jacket made of Teflon or PVC, Kevlar fiber, which helps to strengthen the cable and prevent breakage, plastic coatings, used to cushion the fiber center. The center (core) of the cable is made of glass or plastic fibers. Source: ANDRESS, Mandy, Exam Cram CISSP, Coriolis, 2001, Chapter 3: Telecommunications and Network Security (page 31).

• Question 116:

  Which of the following best describes what would be expected at a "hot site"?

  A. Computers, climate control, cables and peripherals
  B. Computers and peripherals
  C. Computers and dedicated climate control systems.
  D. Dedicated climate control systems
  A. Computers, climate control, cables and peripherals

  ---

  A Hot Site contains everything needed to become operational in the shortest amount of time.

  The following answers are incorrect:

  Computers and peripherals. Is incorrect because no mention is made of cables. You would not be fully operational without those.

  Computers and dedicated climate control systems. Is incorrect because no mention is made of peripherals.

  You would not be fully operational without those.

  Dedicated climate control systems. Is incorrect because no mentionis made of computers, cables and peripherals. You would not be fully operational without those. According to the OIG, a hot site is defined as a fully configured site with

  complete customer required hardware and software provided by the service provider. A hot site in the context of the CBK is always a RENTAL place. If you have your own site fully equipped that you make use of in case of disaster that would

  be called a redundant site or an alternate site.

  Wikipedia: "A hot site is a duplicate of the original site of the organization, with full computer systems as well as near-complete backups of user data."

  References:

  OIG CBK, Business Continuity and Disaster Recovery Planning (pages 367 - 368)

  AIO, 3rd Edition, Business Continuity Planning (pages 709 - 714)

  AIO, 4th Edition, Business Continuity Planning , p 790.

  Wikipedia - http://en.wikipedia.org/wiki/Hot_site#Hot_Sites

• Question 117:

  Who is ultimately responsible for the security of computer based information systems within an organization?

  A. The tech support team
  B. The Operation Team.
  C. The management team.
  D. The training team.
  C. The management team.

  ---

  If there is no support by management to implement, execute, and enforce security policies and procedure, then they won't work. Senior management must be involved in this because they have an obligation to the organization to protect the

  assests . The requirement here is for management to show "due diligence" in establishing an effective compliance, or security program.

  The following answers are incorrect:

  The tech support team. Is incorrect because the ultimate responsibility is with management for the security of computer-based information systems.

  The Operation Team. Is incorrect because the ultimate responsibility is with management for the security of computer-based information systems.

  The Training Team. Is incorrect because the ultimate responsibility is with management for the security of computer-based information systems.

  Reference(s) used for this question:

  OIG CBK Information Security Management and Risk Management (page 20 - 22)

• Question 118:

  What can be defined as: It confirms that users' needs have been met by the supplied solution ?

  A. Accreditation
  B. Certification
  C. Assurance
  D. Acceptance
  D. Acceptance

  ---

  Acceptance confirms that users' needs have been met by the supplied solution. Verification and Validation informs Acceptance by establishing the evidence set against acceptance criteria - to determine if the solution meets the users' needs.

  Acceptance should also explicitly address any integration or interoperability requirements involving other equipment or systems. To enable acceptance every user and system requirement must have a 'testable' characteristic.

  Accreditation is the formal acceptance of security, adequacy, authorization for operation and acceptance of existing risk. Accreditation is the formal declaration by a Designated Approving Authority (DAA) that an IS is approved to operate in a

  particular security mode using a prescribed set of safeguards to an acceptable level of risk.

  Certification is the formal testing of security safeguards and assurance is the degree of confidence that the implemented security measures work as intended. The certification is a Comprehensive evaluation of the technical and nontechnical

  security features of an IS and other safeguards, made in support of the accreditation process, to establish the extent to which a particular design and implementation meets a set of specified ecurity requirements.

  Assurance is the descriptions of the measures taken during development and evaluation of the product to assure compliance with the claimed security functionality. For example, an evaluation may require that all source code is kept in a

  change management system, or that full functional testing is performed. The Common Criteria provides a catalogue of these, and the requirements may vary from one evaluation to the next. The requirements for particular targets or types of

  products are documented in the Security Targets (ST) and Protection Profiles (PP), respectively.

  Source: ROTHKE, Ben, CISSP CBK Review presentation on domain 4, August 1999.

  and

  Official ISC2 Guide to the CISSP CBK, Second Edition, on page 211.

  and

  http://www.aof.mod.uk/aofcontent/tactical/randa/content/randaintroduction.htm

• Question 119:

  Which of the following is defined as a key establishment protocol based on the Diffie-Hellman algorithm proposed for IPsec but superseded by IKE?

  A. Diffie-Hellman Key Exchange Protocol
  B. Internet Security Association and Key Management Protocol (ISAKMP)
  C. Simple Key-management for Internet Protocols (SKIP)
  D. OAKLEY
  D. OAKLEY

  ---

  RFC 2828 (Internet Security Glossary) defines OAKLEY as a key establishment protocol (proposed for IPsec but superseded by IKE) based on the Diffie-Hellman algorithm and designed to be a compatible component of ISAKMP.

  ISAKMP is an Internet IPsec protocol to negotiate, establish, modify, and delete security associations, and to exchange key generation and authentication data, independent of the details of any specific key generation technique, key

  establishment protocol, encryption algorithm, or authentication mechanism.

  SKIP is a key distribution protocol that uses hybrid encryption to convey session keys that are used to encrypt data in IP packets.

  ISAKMP provides a framework for authentication and key exchange but does not define them. ISAKMP is designed to be key exchange independant; that is, it is designed to support many different key exchanges.

  Oakley and SKEME each define a method to establish an authenticated key exchange. This includes payloads construction, the information payloads carry, the order in which they are processed and how they are used.

  Oakley describes a series of key exchanges-- called modes and details the services provided by each (e.g. perfect forward secrecy for keys, identity protection, and authentication).

  SKEME describes a versatile key exchange technique which provides anonymity, repudiability, and quick key refreshment.

  RFC 2049 describes the IKE protocol using part of Oakley and part of SKEME in conjunction with ISAKMP to obtain authenticated keying material for use with ISAKMP, and for other security associations such as AH and ESP for the IETF

  IPsec DOI. While Oakley defines "modes", ISAKMP defines "phases". The relationship between the two is very straightforward and IKE presents different exchanges as modes which operate in one of two phases.

  Phase 1 is where the two ISAKMP peers establish a secure, authenticated channel with which to communicate. This is called the ISAKMP Security Association (SA). "Main Mode" and "Aggressive Mode" each accomplish a phase 1 exchange.

  "Main Mode" and "Aggressive Mode" MUST ONLY be used in phase 1.

  Phase 2 is where Security Associations are negotiated on behalf of services such as IPsec or any other service which needs key material and/or parameter negotiation. "Quick Mode" accomplishes a phase 2 exchange. "Quick Mode" MUST

  ONLY be used in phase 2.

  References:

  CISSP: Certified Information Systems Security Professional Study Guide By James Michael Stewart, Ed Tittel, Mike Chappl, page 397

  RFC 2049 at: http://www.ietf.org/rfc/rfc2409

  SHIREY, Robert W., RFC2828: Internet Security Glossary, may 2000.

  The All-in-one CISSP Exam Guide, 3rd Edition, by Shon Harris, page 674

  The CISSP and CAP Prep Guide, Platinum Edition, by Krutz and Vines

• Question 120:

  In a known plaintext attack, the cryptanalyst has knowledge of which of the following?

  A. the ciphertext and the key
  B. the plaintext and the secret key
  C. both the plaintext and the associated ciphertext of several messages
  D. the plaintext and the algorithm
  C. both the plaintext and the associated ciphertext of several messages

  ---

  In a known plaintext attack, the attacker has the plaintext and ciphertext of one or more messages. The goal is to discover the key used to encrypt the messages so that other messages can be deciphered and read.

  Source: HARRIS, Shon, All-In-One CISSP Certification Exam Guide, McGraw-Hill/Osborne, 3rd Ed., chapter 8: Cryptography (page 676). Also check out: Handbook of Applied Cryptography 4th Edition by Alfred J. Menezes, Paul C. van Oorschot and Scott A. Vanstone.