[Free] New Updated (October) ISC SSCP Real Exam 151-160

Ensurepass

 

QUESTION 151

Which of the following is most appropriate to notify an internal user that session monitoring is being conducted?

 

A.

Logon Banners

B.

Wall poster

C.

Employee Handbook

D.

Written agreement

 

Correct Answer: D

Explanation:

This is a tricky question, the keyword in the question is Internal users.

 

There are two possible answers based on how the question is presented, this question could either apply to internal users or ANY anonymous/external users.

 

Internal users should always have a written agreement first, then logon banners serve as a constant reminder.

Banners at the log-on time should be used to notify external users of any monitoring that is being conducted. A good banner will give you a better legal stand and also makes it obvious the user was warned about who should access the system, who is authorized and unauthorized, and if it is an unauthorized user then he is fully aware of trespassing. Anonymous/External users, such as those logging into a web site, ftp server or even a mail server; their only notification system is the use of a logon banner.

 

References used for this question:

 

KRUTZ, Ronald L.& VINES, Russel D., The CISSP Prep Guide: Mastering the Ten Domains of Computer Security, 2001, John Wiley & Sons, Page 50.

Shon Harris, CISSP All-in-one, 5th edition, pg 873

 

 

QUESTION 152

A central authority determines what subjects can have access to certain objects based on the organizational security policy is called:

 

A.

Mandatory Access Control

B.

Discretionary Access Control

C.

Non-Discretionary Access Control

D.

Rule-based Access control

 

Correct Answer: C

Explanation:

A central authority determines what subjects can have access to certain objects based on the organizational security policy.

 

The key focal point of this question is the ‘central authority’ that determines access rights.

 

Cecilia one of the quiz user has sent me feedback informing me that NIST defines MAC as:

“MAC Policy means that Access Control Policy Decisions are made by a CENTRAL AUTHORITY. Which seems to indicate there could be two good answers to this question.

 

However if you read the NISTR document mentioned in the references below, it is also mentioned that: MAC is the most mentioned NDAC policy. So MAC is a form of NDAC policy.

 

Within the same document it is also mentioned: “In general, all access control policies other than DAC are grouped in the category of non- discretionary access control (NDAC). As the name implies, policies in this category have rules that are not established at the discretion of the user. Non-discretionary policies establish controls that cannot be changed by users, but only through administrative action.”

 

Under NDAC you have two choices:

Rule Based Access control and Role Base Access Control

 

MAC is implemented using RULES which makes it fall under RBAC which is a form of NDAC. It is a subset of NDAC.

 

This question is representative of what you can expect on the real exam where you have more than once choice that seems to be right. However, you have to look closely if one of the choices would be higher level or if one of the choice falls under one of the other choice. In this case NDAC is a better choice because MAC is falling under NDAC through the use of Rule Based Access Control.

 

The following are incorrect answers:

 

MANDATORY ACCESS CONTROL

In Mandatory Access Control the labels of the object and the clearance of the subject determines access rights, not a central authority. Although a central authority (Better known as the Data Owner) assigns the label to the object, the system does the determination of access rights automatically by comparing the Object label with the Subject clearance. The subject clearance MUST dominate (be equal or higher) than the object being accessed.

 

The need for a MAC mechanism arises when the security policy of a system dictates that:

 

1. Protection decisions must not be decided by the object owner.

2. The system must enforce the protection decisions (i.e., the system enforces the security policy over the wishes or intentions of the object owner).

 

Usually a labeling mechanism and a set of interfaces are used to determine access based on the MAC policy; for example, a user who is running a process at the Secret classification should not be allowed to read a file with a label of Top Secret. This is known as the “simple security rule,” or “no read up.”

 

Conversely, a user who is running a process with a label of Secret should not be allowed to write to a file with a label of Confidential. This rule is called the “*-property” (pronounced “star property”) or “no write down.” The *-prope
rty is required to maintain system security in an automated environment.

 

DISCRETIONARY ACCESS CONTROL

In Discretionary Access Control the rights are determined by many different entities, each of the persons who have created files and they are the owner of that file, not one central authority.

 

DAC leaves a certain amount of access control to the discretion of the object’s owner or anyone else who is authorized to control the object’s access. For example, it is generally used to limit a user’s access to a file; it is the owner of the file who controls other users’ accesses to the file. Only those users specified by the owner may have some combination of read, write, execute, and other permissions to the file.

 

DAC policy tends to be very flexible and is widely used in the commercial and government sectors. However, DAC is known to be inherently weak for two reasons:

 

First, granting read access is transitive; for example, when Ann grants Bob read access to a file, nothing stops Bob from copying the contents of Ann’s file to an object that Bob controls. Bob may now grant any other user access to the copy of Ann’s file without Ann’s knowledge.

 

Second, DAC policy is vulnerable to Trojan horse attacks. Because programs inherit the identity of the invoking user, Bob may, for example, write a program for Ann that, on the surface, performs some useful function, while at the same time destroys the contents of Ann’s files. When investigating the problem, the audit files would indicate that Ann destroyed her own files. Thus, formally, the drawbacks of DAC are as follows:

 

Discretionary Access Control (DAC) Information can be copied from one object to another; therefore, there is no real assurance on the flow of information in a system. No restrictions apply to the usage of information when the user has received it. The privileges for accessing objects are decided by the owner of the object, rather than through a system-wide policy that reflects the organization’s security requirements.

 

ACLs and owner/group/other access control mechanisms are by far the most common mechanism for implementing DAC policies. Other mechanisms, even though not designed with DAC in mind, may have the capabilities to implement a DAC policy.

 

RULE BASED ACCESS CONTROL

In Rule-based Access Control a central authority could in fact determine what subjects can have access when assigning the rules for access. However, the rules ac
tually determine the access and so this is not the most correct answer.

 

RuBAC (as opposed to RBAC, role-based access control) allow users to access systems and information based on pre determined and configured rules. It is important to note that there is no commonly understood definition or formally defined standard for rule-based access control as there is for DAC, MAC, and RBAC. “Rule-based access” is a generic term applied to systems that allow some form of organization-defined rules, and therefore rule-based access control encompasses a broad range of systems. RuBAC may in fact be combined with other models, particularly RBAC or DAC. A RuBAC system intercepts every access request and compares the rules with the rights of the user to make an access decision. Most of the rule-based access control relies on a security label system, which dynamically composes a set of rules defined by a security policy. Security labels are attached to all objects, including files, directories, and devices. Sometime roles to subjects (based on their attributes) are assigned as well. RuBAC meets the business needs as well as the technical needs of controlling service access. It allows business rules to be applied to access control–for example, customers who have overdue balances may be denied service access. As a mechanism for MAC, rules of RuBAC cannot be changed by users. The rules can be established by any attributes of a system related to the users such as domain, host, protocol, network, or IP addresses. For example, suppose that a user wants to access an object in another network on the other side of a router. The router employs RuBAC with the rule composed by the network addresses, domain, and protocol to decide whether or not the user can be granted access. If employees change their roles within the organization, their existing authentication credentials remain in effect and do not need to be re configured. Using rules in conjunction with roles adds greater flexibility because rules can be applied to people as well as to devices. Rule-based access control can be combined with role-based access control, such that the role of a user is one of the attributes in rule setting. Some provisions of access control systems have rule- based policy engines in addition to a role-based policy engine and certain implemented dynamic policies [Des03]. For example, suppose that two of the primary types of software users are product engineers and quality engineers. Both groups usually have access to the same data, but they have different roles to perform in relation to the data and the application’s function. In addition, individuals within each group have different job responsibilities that may be identified using several types of attributes such as developing programs and testing areas. Thus, the access decisions can be made in real time by a scripted policy that regulates the access between the groups of product engineers and quality engineers, and each individual within these groups. Rules can either replace or complement role-based access control. However, the creation of rules and security policies is also a complex process, so each organization will need to strike the appropriate balance.

 

References used for this question:

http://csrc.nist.gov/publications/nistir/7316/NISTIR-7316.pdf

AIO v3 p162-167 and OIG (2007) p.186-191

KRUTZ, Ronald L.& VINES, Russel D., The CISSP Prep Guide: Mastering the Ten Domains of Computer Security, 2001, John Wiley & Sons, Page 33.

 

 

QUESTION 153

This is a common security issue that is extremely hard to control in large environments. It occurs when a user has more computer rights, permissions, and access than what is required for the tasks the user needs to fulfill. What best describes this scenario?

 

A.

Excessive Rights

B.

Excessive Access

C.

Excessive Permissions

D.

Excessive Privileges

 

Correct Answer: D

Explanation:

Even thou all 4 terms are very close to each other, the best choice is Excessive Privileges which would include the other three choices presented.

 

Reference(s) used for this question:

HARRIS, Shon, All-In-One CISSP Certification Exam Guide, McGraw-Hill/Osborne, 2001, Page 645.

 

 

QUESTION 154

What physical characteristic does a retinal scan biometric device measure?

 

A.

The amount of light reaching the retina

B.

The amount of light reflected by the retina

C.

The pattern of light receptors at the back of the eye

D.

The pattern of blood vessels at the back of the eye

 

Correct Answer: D

Explanation:

The retina, a thin nerve (1/50th of an inch) on the back of the eye, is the part of the eye which senses light and transmits impulses through the optic nerve to the brain – the equivalent of film in a camera. Blood vessels used for biometric identification are located along the neural retina, the outermost of retina’s four cell layers.

 

The following answers are incorrect:

 

The amount of light reaching the retina The amount of light reaching the retina is not used in the biometric scan of the retina.

The amount of light reflected by the retina The amount of light reflected by the retina is not used in the biometric scan of the retina.

The pattern of light receptors at the back of the eye This is a distractor

 

The following reference(s) were/was used to create this question:

 

Reference:

Retina Scan Technology.

ISC2 Official Guide to the CBK, 2007 (Page 161)

 

 

QUESTION 155

Which of the following security models does NOT concern itself with the flow of data?

 

A.

The information flow model

B.

The Biba model

C.

The Bell-LaPadula model

D.

The noninterference model

 

Correct Answer: D

Explanation:

The goal of a noninterference model is to strictly separate differing security levels to assure that higher-level actions do not determine what lower-level users can see. This is in contrast to other security models that control information flows between differing levels of users, By maintaining strict separation of security levels, a noninterference model minimizes leakages that might happen through a covert channel.

 

The Bell-LaPadula model is incorrect. The Bell-LaPadula model is concerned with confidentiality and bases access control decsions on the classfication of objects and the clearences of subjects.

 

The information flow model is incorrect. The information flow models have a similar framework to the Bell-LaPadula model and control how information may flow between objects based on security classes.

 

The Biba model is incorrect. The Biba model is concerned with integrity and is a complement to the Bell-LaPadula model in that higher levels of integrity are more trusted than lower levels. Access control us based on these integrity levels to assure that read/write operations do not decrease an object’s integrity.

 

References:

CBK, pp 325 – 326

AIO3, pp. 290 – 291

 

 

QUESTION 156

Which of the following is the most reliable authentication method for remote access?

 

A.

Variable callback system

B.

Synchronous token

C.

Fixed callback system

D.

Combination of callback and caller ID

 

Correct Answer: B

Explanation:

A Synchronous token generates a one-time password that is only valid for a short period of time. Once the password is used it is no longer valid, and it expires if not entered in the acceptable time frame.

 < /p>

The following answers are incorrect:

Variable callback system. Although variable callback systems are more flexible than fixed callback systems, the system assumes the identity of the individual unless two-factor authentication is also implemented. By itself, this method might allow an attacker access as a trusted user.

 

Fixed callback system. Authentication provides assurance that someone or something is who or what he/it is supposed to be. Callback systems authenticate a person, but anyone can pretend to be that person. They are tied to a specific place and phone number, which can be spoofed by implementing call-forwarding.

 

Combination of callback and Caller ID. The caller ID and callback functionality provides greater confidence and auditability of the caller’s identity. By disconnecting and calling back only authorized phone numbers, the system has a greater confidence in the location of the call. However, unless combined with strong authentication, any individual at the location could obtain access.

 

The following reference(s) were/was used to create this question:

 

Shon Harris AIO v3 p. 140, 548

ISC2 OIG 2007 p. 152-153, 126-127

 

 

QUESTION 157

Controls provide accountability for individuals who are accessing sensitive information. This accountability is accomplished:

 

A.

through access control mechanisms that require identification and authentication and through the audit function.

B.

through logical or technical controls involving the restriction of access to systems and the protection of information.

C.

through logical or technical controls but not involving the restriction of access to systems and the protection of information.

D.

through access control mechanisms that do not require identification and authentication and do not operate through the audit function.

 

Correct Answer: A

Explanation:

Controls provide accountability for individuals who are accessing sensitive information. This accountability is accomplished through access control mechanisms that require identification and authentication and through the audit function. These controls must be in accordance with and accurately represent the organization’s security policy. Assurance procedures ensure that the control mechanisms correctly implement the security policy for the entire life cycle of an information system.

Source: KRUTZ, Ronald L.& VINES, Russel D., The CISSP Prep Guide: Mastering the Ten Domains of Computer Security, 2001, John Wiley & Sons, Page 33.

 

 

QUESTION 158

The National Institute of Standards and Technology (NIST) standard pertaining to perimeter protection states that critical areas should be illuminated up to?

 

A.

Illiminated at nine feet high with at least three foot-candles

B.

Illiminated at eight feet high with at least three foot-candles

C.

Illiminated at eight feet high with at least two foot-candles

D.

Illuminated at nine feet high with at least two foot-candles

 

Correct Answer: B

Explanation:

The National Institute of Standards and Technology (NIST) standard pertaining to perimeter protection states that critical areas should be illuminated eight feet high with at least two foot-candles.

 

It can also be referred to as illuminating to a height of eight feet, with a BRIGHTNESS of two foot-candles.

 

One footcandle 10.764 lux. The footcandle (or lumen per square foot) is a non-SI unit of illuminance. Like the BTU, it is obsolete but it is still in fairly common use in the United States, particularly in construction-related engineering and in building codes. Because lux and footcandles are different units of the same quantity, it is perfectly valid to convert footcandles to lux and vice versa.

 

The name “footcandle” conveys “the illuminance cast on a surface by a one-candela source one foot away.” As natural as this sounds, this style of name is now frowned upon, because the dimensional formula for the unit is not foot ?candela, but lumens per square foot.

 

Some sources do however note that the “lux” can be thought of as a “metre-candle” (i.e. the illuminance cast on a surface by a one-candela source one meter away). A source that is farther away casts less illumination than one that is close, so one lux is less illuminance than one footcandle. Since illuminance follows the inverse-square law, and since one foot = 0.3048 m, one lux = 0.30482 footcandle 1/10.764 footcandle.

 

TIPS FROM CLEMENT:

Illuminance (light level) ?The amount of light, measured in foot-candles (US unit), that falls n a surface, either horizontal or vertical.

 

Parking lots lighting needs to be an average of 2 foot candles; uniformity of not more than

3:1, no area less than 1 fc.

 

All illuminance measurements are to be made on the horizontal plane with a certified light meter calibrated to NIST standards using traceable light sources.

 

The CISSP Exam Cram 2 from Michael Gregg says:

Lighting is a commonly used form of perimeter protection.

 

Some studies have found that up to 80% of criminal acts at businesses and shopping centers happen in adjacent parking lots. Therefore, it’s easy to see why lighting can be such an important concern.

 

Outside lighting discourages prowlers and thieves.

The National Institute of Standards and Technologies (NIST) states that, for effective perimeter control, buildings should be illuminated 8 feet high, with 2-foot candle power.

 

Reference used for this question:

 

HARRIS, Shon, All-In-One CISSP Certification Exam Guide, McGraw-Hill/Osborne, 2001, Page 325.

Shon’s AIO v5 pg 459

http://en.wikipedia.org/wiki/Foot-candle

 

 

QUESTION 159

Which integrity model defines a constrained data item, an integrity verification procedure and a transformation procedure?

 

A.

The Take-Grant model

B.

The Biba integrity model

C.

The Clark Wilson integrity model

D.

The Bell-LaPadula integrity model

 

Correct Answer: C

Explanation:

The Clark Wilson integrity model addresses the three following integrity goals: 1) data is protected from modification by unauthorized users; 2) data is protected from unauthorized modification by authorized users; and 3) data is internally and externally consistent. It also defines a Constrained Data Item (CDI), an Integrity Verification Procedure (IVP), a Transformation Procedure (TP) and an Unconstrained Data item. The Bell-LaPadula and Take-Grant models are not integrity models.

Source: KRUTZ, Ronald L.& VINES, Russel D., The CISSP Prep Guide: Mastering the Ten Domains of Computer Security, John Wiley & Sons, 2001, Chapter 5: Security Architecture and Models (page 205).

 

 

QUESTION 160

What does the Clark-Wilson security model focus on?

 

A.

Confidentiality

B.

Integrity

C.

Accountability

D.

Availability

 

Correct Answer: B

Explanation:

The Clark-Wilson model addresses integrity. It incorporates mechanisms to enforce internal and external consistency, a separation of duty, and a mandatory integrity policy.

Source: KRUTZ, Ronald L.& VINES, Russel D., The CISSP Prep Guide: Mastering the Ten Domains of Computer Security, John Wiley & Sons, 2001, Chapter 5: Security Architectures and Models (page 205).

Free VCE & PDF File for ISC SSCP Real Exam

Instant Access to Free VCE Files: ISC | ISC | SAP …
Instant Access to Free PDF Files: ISC | ISC | SAP …

This entry was posted in SSCP Real Exam (October) and tagged , , , , , , . Bookmark the permalink.