ISC SSCP Online Practice Questions and Exam Preparation

ISC SSCP Online Questions & Answers

• Question 541:

  Controls like guards and general steps to maintain building security, securing of server rooms or laptops, the protection of cables, and usage of magnetic switches on doors and windows are some of the examples of:

  A. Administrative controls
  B. Logical controls
  C. Technical controls
  D. Physical controls
  D. Physical controls

  ---

  Controls like guards and general steps to maintain building security, securing of server rooms or laptops, the protection of cables, and usage of magnetic switches on doors and windows are all examples of Physical Security.

  Reference(s) used for this question:

  KRUTZ, Ronald L. and VINES, Russel D., The CISSP Prep Guide: Mastering the Ten Domains of Computer Security, 2001, John Wiley and Sons, Page 33.

• Question 542:

  You are running a packet sniffer on a network and see a packet containing a long string of "0x90 0x90 0x90 0x90...." in the middle of it traveling to an x86-based machine as a target. This could be indicative of what activity being attempted?

  A. Over-subscription of the traffic on a backbone.
  B. A source quench packet.
  C. A FIN scan.
  D. A buffer overflow attack.
  D. A buffer overflow attack.

  ---

  A series of the same control characters, hexadecimal code, imbedded in the string is usually an indicator of a buffer overflow attack.

  The Intel x86 processors use the hexadecimal number 90 to represent NOP (no operation). Many buffer overflow attacks use long strings of control characters and this is representative of that type of attack.

  A buffer overflow takes place when too much data are accepted as input to a specific process. A buffer is an allocated segment of memory. A buffer can be overflowed arbitrarily with too much data, but for it to be of any use to an attacker, the

  code inserted into the buffer must be of a specific length, followed up by commands the attacker wants executed. So, the purpose of a buffer overflow may be either to make a mess, by shoving arbitrary data into various memory segments, or

  to accomplish a specific task, by pushing into the memory segment a carefully crafted set of data that will accomplish a specific task. This task could be to open a command shell with administrative privilege or execute malicious code.

  Common threats to system availability, integrity, and confidentiality include hardware failure, misuse of system privileges, buffer overflows and other memory attacks, denial of service, reverse engineering, and system hacking.

  Since many vulnerabilities result from insecure design and most threats are well known, it is the responsibility of the security architect to ensure that their designs are addressing security requirements appropriately while also ensuring that the

  system can continue to perform its intended function.

  The following answers are incorrect:

  Over-subscription of the traffic on a backbone. Is incorrect because if there was Over- subscription of the traffic on a backbone, that would typically result in not being able to send or receive any packets, more commonly known as Denial of

  Service or DoS.

  A source quench packet. This is incorrect because a source quench packet is an ICMP message that contains the internet header plus 64 bits of the original datagram.

  A FIN scan. This is incorrect because a FIN scan is when a packet with the FIN flag set is sent to a specific port and the results are then analyzed.

  Reference(s) used for this question:

  Harris, Shon (2012-10-25). CISSP All-in-One Exam Guide, 6th Edition, Security Architecture and Design, Page 332, for people using the Kindle edition you will find it at Kindle Locations 7310-7315.

  Schneiter, Andrew (2013-04-15). Official (ISC)2 Guide to the CISSP CBK, Third Edition :

  Security Architecture and Design (Kindle Locations 1403-1407). . Kindle Edition.

  Wikipedia http://en.wikipedia.org/wiki/Port_scanner

  ICMP http://security.maruhn.com/iptables-tutorial/x1078.html

  Wikipedia http://en.wikipedia.org/wiki/Buffer_overflow

• Question 543:

  What is the main focus of the Bell-LaPadula security model?

  A. Accountability
  B. Integrity
  C. Confidentiality
  D. Availability
  C. Confidentiality

  ---

  The Bell-LaPadula model is a formal model dealing with confidentiality.

  The BellLaPadula Model (abbreviated BLP) is a state machine model used for enforcing access control in government and military applications. It was developed by David Elliott Bell and Leonard J. LaPadula, subsequent to strong guidance

  from Roger R. Schell to formalize the U.S. Department of Defense (DoD) multilevel security (MLS) policy. The model is a formal state transition model of computer security policy that describes a set of access control rules which use security

  labels on objects and clearances for subjects. Security labels range from the most sensitive (e.g."Top Secret"), down to the least sensitive (e.g., "Unclassified" or "Public").

  The BellLaPadula model focuses on data confidentiality and controlled access to classified information, in contrast to the Biba Integrity Model which describes rules for the protection of data integrity. In this formal model, the entities in an

  information system are divided into subjects and objects.

  The notion of a "secure state" is defined, and it is proven that each state transition preserves security by moving from secure state to secure state, thereby inductively proving that the system satisfies the security objectives of the model. The

  BellLaPadula model is built on the concept of a state machine with a set of allowable states in a computer network system. The transition from one state to another state is defined by transition functions. A system state is defined to be

  "secure" if the only permitted access modes of subjects to objects are in accordance with a security policy. To determine whether a specific access mode is allowed, the clearance of a subject is compared to the classification of the object

  (more precisely, to the combination of classification and set of compartments, making up the security level) to determine if the subject is authorized for the specific access mode.

  The clearance/classification scheme is expressed in terms of a lattice. The model defines two mandatory access control (MAC) rules and one discretionary access control (DAC) rule with three security properties:

  The Simple Security Property - a subject at a given security level may not read an object at a higher security level (no read-up).

  The -property (read "star"-property) - a subject at a given security level must not write to any object at a lower security level (no write-down). The -property is also known as the Confinement property.

  The Discretionary Security Property - use of an access matrix to specify the discretionary access control.

  The following are incorrect answers:

  Accountability is incorrect. Accountability requires that actions be traceable to the user that performed them and is not addressed by the Bell-LaPadula model.

  Integrity is incorrect. Integrity is addressed in the Biba model rather than Bell-Lapadula.

  Availability is incorrect. Availability is concerned with assuring that data/services are available to authorized users as specified in service level objectives and is not addressed by the Bell- Lapadula model.

  References:

  CBK, pp. 325-326

  AIO3, pp. 279 - 284

  AIOv4 Security Architecture and Design (pages 333 - 336)

  AIOv5 Security Architecture and Design (pages 336 - 338)

  Wikipedia at https://en.wikipedia.org/wiki/Bell-La_Padula_model

• Question 544:

  Making sure that the data is accessible when and where it is needed is which of the following?

  A. confidentiality
  B. integrity
  C. acceptability
  D. availability
  D. availability

  ---

  Availability is making sure that the data is accessible when and where it is needed.

  Source: KRUTZ, Ronald L. and VINES, Russel D., The CISSP Prep Guide: Mastering the Ten Domains of Computer Security, 2001, John Wiley and Sons, Page 59.

• Question 545:

  One of the following assertions is NOT a characteristic of Internet Protocol Security (IPsec)

  A. Data cannot be read by unauthorized parties
  B. The identity of all IPsec endpoints are confirmed by other endpoints
  C. Data is delivered in the exact order in which it is sent
  D. The number of packets being exchanged can be counted.
  C. Data is delivered in the exact order in which it is sent

  ---

  IPSec provide replay protection that ensures data is not delivered multiple times, however IPsec does not ensure that data is delivered in the exact order in which it is sent. IPSEC uses TCP and packets may be delivered out of order to the receiving side depending which route was taken by the packet.

  Internet Protocol Security (IPsec) has emerged as the most commonly used network layer security control for protecting communications. IPsec is a framework of open standards for ensuring private communications over IP networks. Depending on how IPsec is implemented and configured, it can provide any combination of the following types of protection:

  Confidentiality. IPsec can ensure that data cannot be read by unauthorized parties. This is accomplished by encrypting data using a cryptographic algorithm and a secret key a value known only to the two parties exchanging data. The data can only be decrypted by someone who has the secret key.

  Integrity. IPsec can determine if data has been changed (intentionally or unintentionally) during transit. The integrity of data can be assured by generating a message authentication code (MAC) value, which is a cryptographic checksum of the data. If the data is altered and the MAC is recalculated, the old and new MACs will differ.

  Peer Authentication. Each IPsec endpoint confirms the identity of the other IPsec endpoint with which it wishes to communicate, ensuring that the network traffic and data is being sent from the expected host.

  Replay Protection. The same data is not delivered multiple times, and data is not delivered grossly out of order. However, IPsec does not ensure that data is delivered in the exact order in which it is sent.

  Traffic Analysis Protection. A person monitoring network traffic does not know which parties are communicating, how often communications are occurring, or how much data is being exchanged. However, the number of packets being

  exchanged can be counted.

  Access Control. IPsec endpoints can perform filtering to ensure that only authorized IPsec users can access particular network resources. IPsec endpoints can also allow or block certain types of network traffic, such as allowing Web server

  access but denying file sharing.

  The following are incorrect answers because they are all features provided by IPSEC:

  "Data cannot be read by unauthorized parties" is wrong because IPsec provides confidentiality through the usage of the Encapsulating Security Protocol (ESP), once encrypted the data cannot be read by unauthorized parties because they

  have access only to the ciphertext. This is accomplished by encrypting data using a cryptographic algorithm and a session key, a value known only to the two parties exchanging data. The data can only be decrypted by someone who has a

  copy of the session key.

  "The identity of all IPsec endpoints are confirmed by other endpoints" is wrong because IPsec provides peer authentication: Each IPsec endpoint confirms the identity of the other IPsec endpoint with which it wishes to communicate, ensuring

  that the network traffic and data is being sent from the expected host.

  "The number of packets being exchanged can be counted" is wrong because although IPsec provides traffic protection where a person monitoring network traffic does not know which parties are communicating, how often communications

  are occurring, or how much data is being exchanged, the number of packets being exchanged still can be counted.

  Reference(s) used for this question:

  NIST 800-77 Guide to IPsec VPNs . Pages 2-3 to 2-4

• Question 546:

  All of the following can be considered essential business functions that should be identified when creating a Business Impact Analysis (BIA) except one. Which of the following would not be considered an essential element of the BIA but an important TOPIC to include within the BCP plan:

  A. IT Network Support
  B. Accounting
  C. Public Relations
  D. Purchasing
  C. Public Relations

  ---

  Public Relations, although important to a company, is not listed as an essential business function that should be identified and have loss criteria developed for.

  All other entries are considered essential and should be identified and have loss criteria developed.

  Source: HARRIS, Shon, All-In-One CISSP Certification Exam Guide, McGraw-Hill/Osborne, 2002, chapter

  9: Disaster Recovery and Business continuity (page 598).

• Question 547:

  Which of the following DoD Model layer provides non-repudiation services?

  A. network layer.
  B. application layer.
  C. transport layer.
  D. data link layer.
  B. application layer.

  ---

  The Application Layer determines the identity of the communication partners and this is where Non- Repudiation service would be provided as well. See the layers below:

  

  DOD Model DoD Model

  The following answers are incorrect:

  network layer. Is incorrect because the Network Layer mostly has routing protocols, ICMP, IP, and IPSEC. It it not a layer in the DoD Model. It is called the Internet Layer within the DoD model. transport layer. Is incorrect because the Transport layer provides transparent transfer of data between end users. This is called Host-to-Host on the DoD model but sometimes some books will call it Transport as well on the DoD model.

  data link layer. Is incorrect because the Data Link Layer defines the protocols that computers must follow to access the network for transmitting and receiving messages. It is part of the OSI Model. This does not exist on the DoD model, it is called the Link Layer on the DoD model.

• Question 548:

  Which of the following terms can be described as the process to conceal data into another file or media in a practice known as security through obscurity?

  A. Steganography
  B. ADS - Alternate Data Streams
  C. Encryption
  D. NTFS ADS
  A. Steganography

  ---

  It is the art and science of encoding hidden messages in such a way that no one, apart from the sender and intended recipient, suspects the existence of the message or could claim there is a message.

  It is a form of security through obscurity.

  The word steganography is of Greek origin and means "concealed writing." It combines the Greek words steganos (), meaning "covered or protected," and graphei () meaning "writing."

  The first recorded use of the term was in 1499 by Johannes Trithemius in his Steganographia, a treatise on cryptography and steganography, disguised as a book on magic. Generally, the hidden messages will appear to be (or be part of)

  something else: images, articles, shopping lists, or some other cover text. For example, the hidden message may be in invisible ink between the visible lines of a private letter.

  The advantage of steganography over cryptography alone is that the intended secret message does not attract attention to itself as an object of scrutiny. Plainly visible encrypted messages, no matter how unbreakable, will arouse interest,

  and may in themselves be incriminating in countries where encryption is illegal. Thus, whereas cryptography is the practice of protecting the contents of a message alone, steganography is concerned with concealing the fact that a secret

  message is being sent, as well as concealing the contents of the message.

  It is sometimes referred to as Hiding in Plain Sight. This image of trees blow contains in it another image of a cat using Steganography.

  ADS Tree with Cat inside

  

  This image below is hidden in the picture of the trees above:

  

  Hidden Kitty As explained here the image is hidden by removing all but the two least significant bits of each color component and subsequent normalization. ABOUT MSF and LSF One of the common method to perform steganography is by hiding bits within the Least Significant Bits of a media (LSB) or what is sometimes referred to as Slack Space. By modifying only the least significant bit, it is not possible to tell if

  there is an hidden message or not looking at the picture or the media. If you would change the Most Significant Bits (MSB) then it would be possible to view or detect the changes just by looking at the picture. A person can perceive only up to

  6 bits of depth, bit that are changed past the first sixth bit of the color code would be undetectable to a human eye.

  If we make use of a high quality digital picture, we could hide six bits of data within each of the pixel of the image. You have a color code for each pixel composed of a Red, Green, and Blue value. The color code is 3 sets of 8 bits each for each of the color. You could change the last two bit to hide your data. See below a color code for one pixel in binary format. The bits below are not real they are just example for illustration purpose: RED GREEN BLUE 0101 0101 1100 1011 1110 0011 MSB LSB MSB LSB MSB LSB Let's say that I would like to hide the letter A uppercase within the pixels of the picture. If we convert the letter "A" uppercase to a decimal value it would be number 65 within the ASCII table , in binary format the value 65 would translet to

  You can break the 8 bits of character A uppercase in group of two bits as follow: 01 00 00 01 Using the pixel above we will hide those bits within the last two bits of each of the color as follow: RED GREEN BLUE 0101 0101 1100 1000 1110 0000 MSB LSB MSB LSB MSB LSB As you can see above, the last two bits of RED was already set to the proper value of 01, then we move to the GREEN value and we changed the last two bit from 11 to 00, and finally we changed the last two bits of blue to 00. One pixel

  allowed us to hide 6 bits of data. We would have to use another pixel to hide the remaining two bits. The following answers are incorrect:

  -

  ADS - Alternate Data Streams: This is almost correct but ADS is different from steganography in that ADS hides data in streams of communications or files while Steganography hides data in a single file.

  -

  Encryption: This is almost correct but Steganography isn't exactly encryption as much as using space in a file to store another file.

  -

  NTFS ADS: This is also almost correct in that you're hiding data where you have space to do so. NTFS, or New Technology File System common on Windows computers has a feature where you can hide files where they're not viewable under normal conditions. Tools are required to uncover the ADS-hidden files. The following reference(s) was used to create this question: The CCCure Security+ Holistic Tutorial at http://www.cccure.tv and Steganography tool

  and http://en.wikipedia.org/wiki/Steganography

• Question 549:

  Which of the following division is defined in the TCSEC (Orange Book) as minimal protection?

  A. Division D
  B. Division C
  C. Division B
  D. Division A
  A. Division D

  ---

  The criteria are divided into four divisions: D, C, B, and A ordered in a hierarchical manner with the highest division (A) being reserved for systems providing the most comprehensive security.

  Each division represents a major improvement in the overall confidence one can place in the system for the protection of sensitive information.

  Within divisions C and B there are a number of subdivisions known as classes. The classes are also ordered in a hierarchical manner with systems representative of division C and lower classes of division B being characterized by the set of

  computer security mechanisms that they possess. Assurance of correct and complete design and implementation for these systems is gained mostly through testing of the security- relevant portions of the system. The security-relevant

  portions of a system are referred to throughout this document as the Trusted Computing Base (TCB).

  Systems representative of higher classes in division B and division A derive their security attributes more from their design and implementation structure. Increased assurance that the required features are operative, correct, and tamperproof

  under all circumstances is gained through progressively more rigorous analysis during the design process.

  TCSEC provides a classification system that is divided into hierarchical divisions of assurance levels:

  Division D - minimal security

  Division C - discretionary protection

  Division B - mandatory protection

  Division A - verified protection

  Reference: page 358 AIO V.5 Shon Harris

  also

  Source: KRUTZ, Ronald L. and VINES, Russel D., The CISSP Prep Guide: Mastering the Ten Domains of Computer Security, page 197.

  Also:

  THE source for all TCSEC "level" questions:

  http://csrc.nist.gov/publications/secpubs/rainbow/std001.txt

• Question 550:

  Which of the following is needed for System Accountability?

  A. Audit mechanisms.
  B. Documented design as laid out in the Common Criteria.
  C. Authorization.
  D. Formal verification of system design.
  A. Audit mechanisms.

  ---

  Is a means of being able to track user actions. Through the use of audit logs and other tools the user actions are recorded and can be used at a later date to verify what actions were performed.

  Accountability is the ability to identify users and to be able to track user actions.

  The following answers are incorrect:

  Documented design as laid out in the Common Criteria. Is incorrect because the Common Criteria is an international standard to evaluate trust and would not be a factor in System Accountability.

  Authorization. Is incorrect because Authorization is granting access to subjects, just because you have authorization does not hold the subject accountable for their actions.

  Formal verification of system design. Is incorrect because all you have done is to verify the system design and have not taken any steps toward system accountability.

  References:

  OIG CBK Glossary (page 778)