CISSP Practice полностью

174. c. A fundamental tenet of the defense-in-depth strategy is to prevent a cyber attack from penetrating networks and to detect and to respond effectively to mitigate the effects of attacks that do. Detect and respond capabilities are complex structures that run the gamut of intrusion and attack detection, characterization, and response.

Sneak and peek are incorrect because they are an element of the U.S. Patriot Act of 2001, which was developed to provide convenience to law enforcement authorities in the event of terrorism. Trap and trace are incorrect because they are a part of a criminal investigation. Protect and detect are incorrect because they are a part of physical security function.

175. Which of the following controls provide a first line-of-defense against potential security threats, risks, or losses to the network?

a. Passwords and user IDs

b. Software testing

c. Dial-back modem

d. Transaction logs

175. a. Passwords and user identification are the first line-of-defense against a breach to a network’s security. Several restrictions can be placed on passwords to improve their effectiveness. These restrictions may include minimum length and format and forced periodic password changes.

Software testing is the last line-of-defense to ensure data integrity and security. Therefore, the software must be tested thoroughly by end users, information systems staff, and computer operations staff.

Switched ports (not Cisco switches) are among the most vulnerable security points on a network. These allow dial in and dial out access. They are security risks because they allow users with telephone terminals to access systems. Although callback or dial-back is a potential control as a first line-of-defense, it is not necessarily the most effective because of the call forwarding capability of telephone circuits.

For online applications, the logging of all transactions processed or reflected by input programs provides a complete audit trail of actual and attempted entries, thus providing a last line-of-defense. The log can be stored on tape or disk files for subsequent analysis. The logging control should include the date, time, user ID and password used, the location, and number of unsuccessful attempts made.

The line-of-defenses are security mechanisms for limiting and controlling access to and use of computer system resources. They exercise a directing or restraining influence over the behavior of individuals and the content of computer systems. The line-of-defenses form a core part of defense-in-depth strategy or security-in-depth strategy.

176. Which of the following enables adequate user authentication of mobile hand-held devices?

a. First line-of-defense

b. Second line-of-defense

c. Third line-of-defense

d. Last line-of-defense

176. a. Enabling adequate user authentication is the first line-of-defense against unauthorized use of an unattended, lost, or stolen mobile hand-held device such as personal digital assistant (PDA) and smartphones. Authentication is the first-line-of-defense.

177. Which of the following supports the security-in-depth strategy?

a. Abstraction

b. Data hiding

c. Layering

d. Encryption

177. c. By using multiple, overlapping protection mechanisms, the failure or circumvention of any individual protection approach will not leave the system unprotected. The concept of layered protections is called security-in-depth or defense-in-depth strategy. Abstraction, data hiding, and encryption are some examples of protection mechanisms, which are part of security-in-depth strategy.

178. If Control A misses 30 percent of attacks and Control B also misses 30 percent of attacks, in combination, what percentage of attacks will be caught?

a. 40 percent

b. 60 percent

c. 70 percent

d. 91 percent

178. d. Controls work in an additive way, meaning that their combined effect is far greater than the sum of each individual effect. In combination, both controls should miss only 9 percent (i.e., 0.3 x 0.3) of attacks. This means 91 percent (i.e., 100 percent – 9 percent) of attacks should be caught. Forty percent is incorrect because it adds 30 percent and 30 percent and subtracts the result from 100%. Sixty percent is incorrect because it simply adds 30 percent for Control A and B. Seventy percent is incorrect because it subtracts 30 percent from 100 percent, resulting in 70 percent.

179. Pharming attacks are an example of which of the following?

a. Browser-oriented attacks