ISC SSCP Online Practice Questions and Exam Preparation

ISC SSCP Online Questions & Answers

• Question 851:

  Kerberos is vulnerable to replay in which of the following circumstances?

  A. When a private key is compromised within an allotted time window.
  B. When a public key is compromised within an allotted time window.
  C. When a ticket is compromised within an allotted time window.
  D. When the KSD is compromised within an allotted time window.
  C. When a ticket is compromised within an allotted time window.

  ---

  Replay can be accomplished on Kerberos if the compromised tickets are used within an allotted time window.

  The security depends on careful implementation:enforcing limited lifetimes for authentication credentials minimizes the threat of of replayed credentials, the KDC must be physically secured, and it should be hardened, not permitting any nonkerberos activities.

  Reference:

  Official ISC2 Guide to the CISSP, 2007 Edition, page 184

  also see:

  KRUTZ, Ronald L. and VINES, Russel D., The CISSP Prep Guide: Mastering the Ten Domains of Computer Security, 2001, John Wiley and Sons, Page 42.

• Question 852:

  Which of the following was developed as a simple mechanism for allowing simple network terminals to load their operating system from a server over the LAN?

  A. DHCP
  B. BootP
  C. DNS
  D. ARP
  B. BootP

  ---

  BootP was developed as a simple mechanism for allowing simple network terminals to load their operating system from a server over the LAN. Over time, it has expanded to allow centralized configuration of many aspects of a host's identity

  and behavior on the network. Note that DHCP, more complex, has replaced BootP over time.

  Source: STREBE, Matthew and PERKINS, Charles, Firewalls 24seven, Sybex 2000, Chapter 4:

  Sockets and Services from a Security Viewpoint.

• Question 853:

  Which of the following is most affected by denial-of-service (DOS) attacks?

  A. Confidentiality
  B. Integrity
  C. Accountability
  D. Availability
  D. Availability

  ---

  Denial of service attacks obviously affect availability of targeted systems.

  Source: KRUTZ, Ronald L. and VINES, Russel D., The CISSP Prep Guide: Mastering the Ten Domains of Computer Security, John Wiley and Sons, 2001, Chapter 3: Telecommunications and Network Security (page 61).

• Question 854:

  Which element must computer evidence have to be admissible in court?

  A. It must be relevant.
  B. It must be annotated.
  C. It must be printed.
  D. It must contain source code.
  A. It must be relevant.

  ---

  Source: TIPTON, Hal, (ISC)2, Introduction to the CISSP Exam presentation.

• Question 855:

  Controlling access to information systems and associated networks is necessary for the preservation of their:

  A. Authenticity, confidentiality and availability
  B. Confidentiality, integrity, and availability.
  C. integrity and availability.
  D. authenticity,confidentiality, integrity and availability.
  B. Confidentiality, integrity, and availability.

  ---

  Controlling access to information systems and associated networks is necessary for the preservation of their confidentiality, integrity and availability.

  Source: KRUTZ, Ronald L. and VINES, Russel D., The CISSP Prep Guide: Mastering the Ten Domains of Computer Security, 2001, John Wiley and Sons, Page 31.

• Question 856:

  Which OSI/ISO layers are TCP and UDP implemented at?

  A. Application layer
  B. Presentation layer
  C. Session layer
  D. Transport layer
  D. Transport layer

  ---

  TCP and UDP are implemented at the transport layer (layer 4).

  Source: KRUTZ, Ronald L. and VINES, Russel D., The CISSP Prep Guide: Mastering the Ten Domains of Computer Security, John Wiley and Sons, 2001, Chapter 3: Telecommunications and Network Security (page 82).

• Question 857:

  Which of the following was designed to support multiple network types over the same serial link?

  A. Ethernet
  B. SLIP
  C. PPP
  D. PPTP
  C. PPP

  ---

  The Point-to-Point Protocol (PPP) was designed to support multiple network types over the same serial link, just as Ethernet supports multiple network types over the same LAN. PPP replaces the earlier Serial Line Internet Protocol (SLIP)

  that only supports IP over a serial link. PPTP is a tunneling protocol. Source: STREBE, Matthew and PERKINS, Charles, Firewalls 24seven, Sybex 2000, Chapter 3:

  TCP/IP from a Security Viewpoint.

• Question 858:

  Which one of the following factors is NOT one on which Authentication is based?

  A. Type 1. Something you know, such as a PIN or password
  B. Type 2. Something you have, such as an ATM card or smart card
  C. Type 3. Something you are (based upon one or more intrinsic physical or behavioral traits), such as a fingerprint or retina scan
  D. Type 4. Something you are, such as a system administrator or security administrator
  D. Type 4. Something you are, such as a system administrator or security administrator

  ---

  Authentication is based on the following three factor types:

  Type 1. Something you know, such as a PIN or password

  Type 2. Something you have, such as an ATM card or smart card

  Type 3. Something you are (Unique physical characteristic), such as a fingerprint or retina scan

  Source: KRUTZ, Ronald L. and VINES, Russel D., The CISSP Prep Guide: Mastering the Ten Domains of Computer Security, 2001, John Wiley and Sons, Page 36.

  Also: HARRIS, Shon, All-In-One CISSP Certification Exam Guide, McGraw-Hill/Osborne, 2002, chapter 4:

  Access Control (pages 132-133).

• Question 859:

  Recovery Site Strategies for the technology environment depend on how much downtime an organization can tolerate before the recovery must be completed. What would you call a strategy where the alternate site is internal, standby ready, with all the technology and equipment necessary to run the applications?

  A. External Hot site
  B. Warm Site
  C. Internal Hot Site
  D. Dual Data Center
  C. Internal Hot Site

  ---

  Internal Hot Site--This site is standby ready with all the technology and equipment necessary to run the applications positioned there. The planner will be able to effectively restart an application in a hot site recovery without having to perform any bare metal recovery of servers. If this is an internal solution, then often the organization will run non-time sensitive processes there such as development or test environments, which will be pushed aside for recovery of production when needed. When employing this strategy, it is important that the two environments be kept as close to identical as possible to avoid problems with O/S levels, hardware differences, capacity differences, etc., from preventing or delaying recovery.

  Recovery Site Strategies Depending on how much downtime an organization has before the technology recovery must be complete, recovery strategies selected for the technology environment could be any one of the following:

  Dual Data Center--This strategy is employed for applications, which cannot accept any downtime without negatively impacting the organization. The applications are split between two geographically dispersed data centers and either load balanced between the two centers or hot swapped between the two centers. The surviving data center must have enough head room to carry the full production load in either case.

  External Hot Site--This strategy has equipment on the floor waiting, but the environment must be rebuilt for the recovery. These are services contracted through a recovery service provider. Again, it is important that the two environments be kept as close to identical as possible to avoid problems with O/S levels, hardware differences, capacity differences, etc., from preventing or delaying recovery. Hot site vendors tend to have the most commonly used hardware and software products to attract the largest number of customers to utilize the site. Unique equipment or software would generally need to be provided by the organization either at time of disaster or stored there ahead of time.

  Warm Site--A leased or rented facility that is usually partially configured with some equipment, but not the actual computers. It will generally have all the cooling, cabling, and networks in place to accommodate the recovery but the actual servers, mainframe, etc., equipment are delivered to the site at time of disaster.

  Cold Site--A cold site is a shell or empty data center space with no technology on the floor. All technology must be purchased or acquired at the time of disaster. Reference(s) used for this question:

  Hernandez CISSP, Steven (2012-12-21). Official (ISC)2 Guide to the CISSP CBK, Third Edition ((ISC)2 Press) (Kindle Locations 21265-21291). Auerbach Publications. Kindle Edition.

• Question 860:

  Which of the following access control models introduces user security clearance and data classification?

  A. Role-based access control
  B. Discretionary access control
  C. Non-discretionary access control
  D. Mandatory access control
  D. Mandatory access control

  ---

  The mandatory access control model is based on a security label system. Users are given a security clearance and data is classified. The classification is stored in the security labels of the resources. Classification labels specify the level of trust a user must have to access a certain file.

  Source: HARRIS, Shon, All-In-One CISSP Certification Exam Guide, McGraw-Hill/Osborne, 2002, Chapter

  4: Access Control (Page 154).