Читаем CISSP Practice полностью

The evaluation scheme, evaluation methodology, and certification processes are the responsibility of the evaluation authorities that run evaluation schemes and are outside the scope of the CC. The CC for IT security evaluation is the new standard for specifying and evaluating the security features of computer products and systems globally. The CC is intended to replace previous security criteria used in North America and Europe with a standard that can be used everywhere in the world effectively since early 1999.

34. Which of the following cannot be initiated by untrusted software?

a. Trusted channel

b. Overt channel

c. Security-compliant channel

d. Exploitable channel

34. a. A trusted channel cannot be initiated by untrusted software due to its design. The other three choices are not as trustworthy as the trusted channel due to their design.

An overt channel is a path within a computer system or network designed for the authorized data transfer. A security-compliant channel enforces the network policy. An exploitable channel is a covert channel intended to violate the security policy.

35. Countermeasures against emanation attacks include which of the following?

1. High watermark policy

2. Information label

3. Control zones

4. White noise

a. 1 and 2

b. 1 and 3

c. 2 and 3

d. 3 and 4

35. d. Control zones and white noise are countermeasures against emanation attacks. A control zone is the space surrounding equipment processing sensitive information that is under sufficient physical and technical control to prevent an unauthorized entry or compromise. White noise is a distribution of uniform spectrum of random electrical signals so that an intruder cannot decipher real data from random (noise) data due to use of constant bandwidth.

A high watermark policy is used to maintain an upper bound on fused data. An information label results from a floating label. The high watermark policy, information label, and floating label are part of a covert channel.

36. Which of the following can increase emanation attacks?

a. Greater separation between the system and the receiver

b. Higher signal-to-noise ratio

c. Wireless local-area network connections

d. More workstations of the same type in the same location

36. c. The trend toward wireless local-area network (WLAN) connections can increase the likelihood of successful interception leading to emanation attack. The other three choices decrease the emanation attacks.

37. In the trust hierarchy of a computer system, which of the following is least trusted?

a. Operating system

b. System user

c. Hardware/firmware

d. Application system

37. c. In a computer system, trust is built from the bottom layer up, with each layer trusting all its underlying layers to perform the expected services in a reliable and trustworthy manner. The hardware/firmware layer is at the bottom of the trust hierarchy and is the least trusted. The system user layer is at the top of the trust hierarchy and is the most trusted. For example, the users trust the application system to behave in the manner they expect of it. The layers from the top to the bottom include system user, application system, operating system, and hardware/firmware.

38. In organizations, isolating the information system security functions from nonsecurity functions is achieved through:

1. Hardware separation

2. Independent modules

3. Layered structure

4. Minimal interactions

a. 1 and 2

b. 2 and 3

c. 3 and 4

d. 1, 2, 3, and 4

38. d. An information system isolates security functions from nonsecurity functions by means of partitions and domains, including control of access to and integrity of the hardware, software, and firmware that perform those security functions. The system maintains a separate execution domain (e.g., address space) for each executing process. It employs hardware separation techniques, divides the access control and information flow functions, maintains security functions in largely independent modules that avoid unnecessary interactions between modules, and maintains security functions in a layered structure minimizing interactions between layers of the design.

39. In the trusted computing base (TCB) environment, the compromise resulting from the execution of a Trojan horse can be examined from which of the following perspectives?

a. Compromise from above

b. Compromise from within

c. Compromise from below