Читаем CISSP Practice полностью

System high-security mode is incorrect. It is the mode of operation in which system hardware or software is trusted to provide only need-to-know protection between users. In this mode, the entire system, to include all components electrically and/or physically connected, must operate with security measures commensurate with the highest classification and sensitivity of the information being processed and/or stored. All system users in this environment must possess clearances and authorizations for all information contained in the system, and all system output must be clearly marked with the highest classification and all system caveats, until the information has been reviewed manually by an authorized individual to ensure appropriate classifications and caveats have been affixed.

Partitioned mode is incorrect. It is a mode of operation in which all persons have the clearance, but not necessarily the need-to-know and formal access approval, for all data handled by a computer system.

57. Which of the following is not like active content?

a. Character documents

b. Trigger actions automatically

c. Portable instructions

d. Interpretable content

57. a. Broadly speaking, active content refers to electronic documents that, unlike past character documents based on ASCII, can carry out or trigger actions automatically without an individual directly or knowingly invoking the actions.

Active content technologies allow code, in the form of a script, macro, or other kind of portable instruction representation, to execute when the document is rendered. Examples of active content include PostScript documents, Web pages containing Java applets and JavaScript instructions, proprietary desktop-application formatted files containing macros, spreadsheet formulas, or other interpretable content, and interpreted electronic mail formats having embedded code or bearing executable attachments. Electronic mail and Web pages accessed through the Internet provide efficient means for conveying active content, but they are not the only ones. Active content technologies span a broad range of products and services, and involve various computational environments including those of the desktop, workstations, servers, and gateway devices.

58. Which of the following creates a covert channel?

a. Use of fixed labels

b. Use of variable labels

c. Use of floating labels

d. Use of nonfloating labels

58. c. The covert channel problem resulting from the use of floating labels can lead to erroneous information labels but cannot be used to violate the access control policy enforced by the fixed labels. A fixed label contains a “sensitivity” level and is the only label used for access control. The floating label contains an “information” level that consists of a second sensitivity level and additional security markings.

59. Attackers installing spyware and connecting the computing platform to a botnet are examples of which of the following?

a. Browser-oriented attacks

b. Server-oriented attacks

c. Network-oriented attacks

d. User-oriented attacks

59. a. Attackers may take advantage of browser vulnerabilities in mobile code execution environments. Attackers may install spyware, connect the computing platform to a botnet, or modify the platform’s configuration, which are examples of browser-oriented attacks.

60. Which of the following is applied to all aspects of a system design or security solution?

a. Policy

b. Procedure

c. Standard

d. Control

60. a. A security policy is applied to all aspects of the system design or security solution. The policy identifies security goals (i.e., confidentiality, integrity, and availability) the system should support and theses goals guide the procedures, standards, and controls used in the IT security architecture design.

61. A system employs sufficient hardware and software integrity measures to allow its use for processing simultaneously a range of sensitive or classified information. Which of the following fits this description?

a. Boundary system

b. Trusted system

c. Open system

d. Closed system

61. b. A trusted system employs sufficient hardware and software integrity measures to allow its use for processing simultaneously a range of sensitive or classified information.