[Free] New Updated (October) ISC SSCP Real Exam 231-240

Ensurepass

 

QUESTION 231

What is the main focus of the Bell-LaPadula security model?

 

A.

Accountability

B.

Integrity

C.

Confidentiality

D.

Availability

 

Correct Answer: C

Explanation:

The Bell-LaPadula model is a formal model dealing with confidentiality.

 

The Bell-LaPadula Model (abbreviated BLP) is a state machine model used for enforcing access control in government and military applications. It was developed by David Elliott Bell and Leonard

J.LaPadula, subsequent to strong guidance from Roger R. Schell to formalize the U.S. Department of Defense (DoD) multilevel security (MLS) policy. The model is a formal state transition model of computer security policy that describes a set of access control rules which use security labels on objects and clearances for subjects. Security labels range from the most sensitive (e.g.”Top Secret”), down to the least sensitive (e.g., “Unclassified” or “Public”).

 

The Bell-LaPadula model focuses on data confidentiality and controlled access to classified information, in contrast to the Biba Integrity Model which describes rules for the protection of data integrity. In this formal model, the entities in an information system are divided into subjects and objects.

 

The notion of a “secure state” is defined, and it is proven that each state transition preserves security by moving from secure state to secure state, thereby inductively proving that the system satisfies the security objectives of the model. The Bell-LaPadula model is built on the concept of a state machine with a set of allowable states in a computer network system. The transition from one state to another state is defined by transition functions.

 

A system state is defined to be “secure” if the only permitted access modes of subjects to objects are in accordance with a security policy. To determine whether a specific access mode is allowed, the clearance of a subject is compared to the classification of the object (more precisely, to the combination of classification and set of compartments, making up the security level) to determine if the subject is authorized for the specific access mode.

 

The clearance/classification scheme is expressed in terms of a lattice. The model defines two mandatory access control (MAC) rules and one discretionary access control (DAC) rule with three security properties:

 

The Simple Security Property – a subject at a given security level may not read an object at a higher security level (no read-up).

 

The -property (read “star”-property) – a subject at a given security level must not write to any object at a lower security level (no write-down). The -property is also known as the Confinement property.

The Discretionary Security Property – use of an access matrix to specify the discretionary access control.

 

The following are incorrect answers:

 

Accountability is incorrect. Accountability requires that actions be traceable to the user that performed them and is not addressed by the Bell-LaPadula model.

 

Integrity is incorrect. Integrity is addressed in the Biba model rather than Bell-Lapadula. Availability is incorrect. Availability is concerned with assuring that data/services are available to authorized users as specified in service level objectives and is not addressed by the Bell-Lapadula model.

 

References:

CBK, pp. 325-326

AIO3, pp. 279 – 284

AIOv4 Security Architecture and Design (pages 333 – 336) AIOv5 Security Architecture and Design (pages 336 – 338)

Wikipedia at https://en.wikipedia.org/wiki/Bell-La_Padula_model

 

 

QUESTION 232

The Computer Security Policy Model the Orange Book is based on is which of the following?

 

A.

Bell-LaPadula

B.

Data Encryption Standard

C.

Kerberos

D.

Tempest

 

Correct Answer: A

Explanation:

The Computer Security Policy Model Orange Book is based is the Bell- LaPadula Model. Orange Book Glossary.

The Data Encryption Standard (DES) is a cryptographic algorithm. National Information Security Glossary.

TEMPEST is related to limiting the electromagnetic emanations from electronic equipment.

Reference:

U.S. Department of Defense, Trusted Computer System Evaluation Criteria (Orange Book), DOD 5200.28-STD. December 1985 (also available here).

 

 

QUESTION 233

Which of the following was developed to address some of the weaknesses in Kerberos and uses public key cryptography for the distribution of secret keys and provides additional access control support?

 

A.

SESAME

B.

RADIUS

C.

KryptoKnight

D.

TACACS+

 

Correct Answer: A

Explanation:

Secure European System for Applications in a Multi-vendor Environment (SESAME) was developed to address some of the weaknesses in Kerberos and uses public key cryptography for the distribution of secret keys and provides additional access control support.

 

Reference:

TIPTON, Harold, Official (ISC)2 Guide to the CISSP CBK (2007), page 184.

ISC OIG Second Edition, Access Controls, Page 111

 

 

QUESTION 234

Which of the following statements pertaining to using Kerberos without any extension is false?

 

A.

A client can be impersonated by password-guessing.

B.

Kerberos is mostly a third-party authentication protocol.

C.

Kerberos uses public key cryptography.

D.

Kerberos provides robust authentication.

 

Correct Answer: C

Explanation:

Kerberos is a trusted, credential-based, third-party authentication protocol that uses symmetric (secret) key cryptography to provide robust authentication to clients accessing services on a network.

 

Because a client’s password is used in the initiation of the Kerberos request for the service protocol, password guessing can be used to impersonate a client.

 

Here is a nice overview of HOW Kerberos is implement as described in RFC 4556:

 

1. Introduction

The Kerberos V5 protocol [RFC4120] involves use of a trusted third party known as the Key Distribution Center (KDC) to negotiate shared session keys between clients and services and provide mutual authentication between them.

 

The corner-stones of Kerberos V5 are the Ticket and the Authenticator. A Ticket encapsulates a symmetric key (the ticket session key) in an envelope (a public message) intended for a specific service. The contents of the Ticket are encrypted with a symmetric key shared between the service principal and the issuing KDC. The encrypted part of the Ticket contains the client principal name, among other items. An Authenticator is a record that can be shown to have been recently generated using the ticket session key in the associated Ticket. The ticket session key is known by the client who requested the ticket. The contents of the Authenticator are encrypted with the associated ticket session key. The encrypted part of an Authenticator contains a timestamp and the client principal name, among other items.

 

As shown in Figure 1, below, the Kerberos V5 protocol consists of the following message exchanges between the client and the KDC, and the client and the application service:

 

The Authentication Service (AS) Exchange

 

The client obtains an “initial” ticket from the Kerberos authentication server (AS), typically a Ticket Granting Ticket (TGT). The AS-REQ message and the AS-REP message are the request and the reply message, respectively, between the client and the AS.

 

The Ticket Granting Service (TGS) Exchange

 

The client subsequently uses the TGT to authenticate and request a service ticket for a particular service, from the Kerberos ticket-granting server (TGS). The TGS-REQ message and the TGS-REP message are the request and the reply message respectively between the client and the TGS.

 

The Client/Server Authentication Protocol (AP) Exchange

 

The client then makes a request with an AP-REQ message, consisting of a service ticket and an authenticator that certifies the client’s possession of the ticket session key. The server may optionally reply with an AP-REP message. AP exchanges typically negotiate session-specific symmetric keys.

 

Usually, the AS and TGS are integrated in a single device also known as the KDC.

 

+————–+

+———>| KDC |

AS-REQ / +——-| |

/ / +————–+

/ / ^ |

/ |AS-REP / |

| | / TGS-REQ + TGS-REP

| | / /

| | / /

| | / +———+

| | / /

| | / /

| | / /

| v / v

++——-+——+ +—————–+

| Client +————>| Application |

| | AP-REQ | Server |

| |<————| |

+—————+ AP-REP +—————–+

 

Figure 1: The Message Exchanges in the Kerberos V5 Protocol

 

In the AS exchange, the KDC reply contains the ticket session key, among other items, that is encrypted using a key (the AS reply key) shared between the client and the KDC. The AS reply key is typically derived from the client’s password for human users. Therefore, for human users, the attack resistance strength of the Kerberos protocol is no stronger than the strength of their passwords.

 

Source: KRUTZ, Ronald L.& VINES, Russel D., The CISSP Prep Guide: Mastering the Ten Domains of Computer Security, John Wiley & Sons, 2001, Chapter 2: Access control systems (page 40).

HARRIS, Shon, All-In-One CISSP Certification Exam Guide, McGraw-Hill/Osborne, 2002, chapter 4: Access Control (pages 147-151).

http://www.ietf.org/rfc/rfc4556.txt

 

 

QUESTION 235

What is one disadvantage of content-dependent protection of information?

 

A.

It increases processing overhead.

B.

It requires additional password entry.

C.

It exposes the system to data locking.

D.

It limits the user’s individual address space.

 

Correct Answer: A

Explanation:

Source: TIPTON, Hal, (ISC)2, Introduction to the CISSP Exam presentation.

 

 

QUESTION 236

In Mandatory Access Control, sensitivity labels attached to object contain what information?

 

A.

The item’s classification

B.

The item’s classification and category set

C.

The item’s category

D.

The items’s need to know

 

Correct Answer: B

Explanation:

A Sensitivity label must contain at least one classification and one category set.

Category set and Compartment set are synonyms, they mean the same thing. The sensitivity label must contain at least one Classification and at least one Category. It is common in some environments for a single item to belong to multiple categories. The list of all the categories to which an item belongs is called a compartment set or category set.

 

The following answers are incorrect:

 

The item’s classification. Is incorrect because you need a category set as well. the item’s category. Is incorrect because category set and classification would be both be required.

The item’s need to know. Is incorrect because there is no such thing. The need to know is indicated by the catergories the object belongs to. This is NOT the best answer.

 

Reference(s) used for this question:

OIG CBK, Access Control (pages 186 – 188)

AIO, 3rd Edition, Access Control (pages 162 – 163)

AIO, 4th Edittion, Access Control, pp 212-214.

Wikipedia – http://en.wikipedia.org/wiki/Mandatory_Access_Control

 

 

 

 

QUESTION 237

Which of the following statements pertaining to biometrics is false?

 

A.

Increased system sensitivity can cause a higher false rejection rate

B.

The crossover error rate is the point at which false rejection rate equals the false acceptance rate.

C.

False acceptance rate is also known as Type II error.

D.

Biometrics are based on the Type 2 authentication mechanism.

 

Correct Answer: D

Explanation:

Authentication is based on three factor types: type 1 is something you know, type 2 is something you have and type 3 is something you are. Biometrics are based on the Type 3 authentication mechanism.

Source: KRUTZ, Ronald L.& VINES, Russel D., The CISSP Prep Guide: Mastering the Ten Domains of Computer Security, John Wiley & Sons, 2001, Chapter 2: Access control systems (page 37).

 

 

QUESTION 238

Which of following is not a service provided by AAA servers (Radius, TACACS and DIAMETER)?

 

A.

Authentication

B.

Administration

C.

Accounting

D.

Authorization

 

Correct Answer: B

Explanation:

Radius, TACACS and DIAMETER are classified as authentication, authorization, and accounting (AAA) servers.

Source: TIPTON, Harold F.& KRAUSE, MICKI, Information Security Management Handbook, 4th Edition, Volume 2, 2001, CRC Press, NY, Page 33.

 

also see:

The term “AAA” is often used, describing cornerstone concepts [of the AIC triad] Authentication, Authorization, and Accountability. Left out of the AAA acronym is Identification which is required before the three “A’s” can follow. Identity is a claim, Authentication proves an identity, Authorization describes the action you can perform on a system once you have been identified and authenticated, and accountability holds users accountable for their actions.

Reference:

CISSP Study Guide, Conrad Misenar, Feldman p. 10-11, (c) 2010 Elsevier.

 

 

QUESTION 239

The type of discretionary access control (DAC) that is based on an individual’s identity is also called:

 

A.

Identity-based Access control

B.

Rule-based Access control

C.

Non-Discretionary Access Control

D.

Lattice-based Access control

 

Correct Answer: A

Explanation:

An identity-based access control is a type of Discretionary Access Control (DAC) that is based on an individual’s identity.

 

DAC is good for low level security environment. The owner of the file decides who has access to the file.

 

If a user creates a file, he is the owner of that file. An identifier for this user is placed in the file header and/or in an access control matrix within the operating system.

 

Ownership might also be granted to a specific individual. For example, a manager for a certain department might be made the owner of the files and resources within her department. A system that uses discretionary access control (DAC) enables the owner of the resource to specify which subjects can access specific resources.

 

This model is called discretionary because the control of access is based on the discretion of the owner. Many times department managers, or business unit managers , are the owners of the data within their specific department. Being the owner, they can specify who should have access and who should not.

 

Reference(s) used for this question:

Harris, Shon (2012-10-18). CISSP All-in-One Exam Guide, 6th Edition (p. 220). McGraw- Hill . Kindle Edition.

 

 

QUESTION 240

In biometric identification systems, at the beginning, it was soon apparent that truly positive identification could only be based on :

 

A.

sex of a person

B.

physical attributes of a person

C.

age of a person

D.

voice of a person

 

Correct Answer: B

Explanation:

Today implementation of fast, accurate reliable and user-acceptable biometric identification systems
is already under way.

From: TIPTON, Harold F.& KRAUSE, MICKI, Information Security Management Handbook, 4th Edition, Volume 1, Page 7.

Free VCE & PDF File for ISC SSCP Real Exam

Instant Access to Free VCE Files: ISC | ISC | SAP …
Instant Access to Free PDF Files: ISC | ISC | SAP …

This entry was posted in Uncategorized and tagged , , , , , , . Bookmark the permalink.