Читаем CISSP Practice полностью

d. Recovery services

68. a. Only the prevention services are needed to maintain the confidentiality security objective. When lost, confidentiality cannot be restored. The other three choices do not apply to the confidentiality security objective.

69. The security services that provide for availability security objectives also provide for which of the following security objectives?

a. Integrity

b. Confidentiality

c. Accountability

d. Assurance

69. a. Examples of common security services between availability and integrity objectives include access authorization and access control enforcement.

The primary availability services are those that directly impact the ability of the system to maintain operational effectiveness. One aspect of maintaining operational effectiveness is protection from unauthorized changes or deletions by defining authorized access and enforcing access controls. Operational effectiveness is also maintained by detecting intrusions, detecting loss of wholeness, and providing the means of returning to a secure state.

The services that provide for availability also provide for integrity. This is because maintaining or restoring system integrity is an essential part of maintaining system availability.

By definition, integrity is the property that protected and sensitive data has not been modified or deleted in an unauthorized and undetected manner. By definition, availability means ensuring timely and reliable access to and use of data and information by authorized users. How is the data available to authorized users if it was deleted or destroyed?

The security services provided to fulfill the security objectives of availability, confidentiality, accountability, and assurance together have nothing in common.

70. Web spoofing using the man-in-the-middle attack is an example of which of the following?

a. Browser-oriented attacks

b. Server-oriented attacks

c. Network-oriented attacks

d. User-oriented attacks

70. c. An attacker can gain information by masquerading as a Web server using a man-in-the-middle (MitM) attack, whereby requests and responses are conveyed via the imposter as a watchful intermediary. Such a Web spoofing attack enables the imposter to shadow not only a single targeted server, but also every subsequent server accessed on the network.

71. To mitigate the risks of using active content, which of the following is an example of a technical safeguard?

a. Filters

b. Incident response handling

c. Security policy

d. Risk analysis

71. a. Filters can examine program code at points of entry and block or disable it if deemed harmful. Examples of filters include ingress filtering, egress filtering, and intrusion detection systems. The other three choices are examples of management and operational safeguards (controls).

72. To mitigate the risks of using active content, which of the following is an example of a technical safeguard?

a. Security audit

b. Evaluated technology

c. Application settings

d. Software cages

72. d. Software cages or quarantine mechanisms (technical safeguards) can constrain a program’s code behavior during its execution by dynamically intercepting and thwarting attempts by the subject code to take unacceptable actions that violate security policy. The other three choices are examples of management and operational safeguards.

73. To mitigate the risks of using active content, which of the following is an example of a technical safeguard?

a. Version control

b. Digital signatures

c. Patch management

d. System isolation

73. b. Digital signatures can prevent a program code execution unless it is digitally signed by a trusted source (a technical safeguard). The other three choices are examples of management and operational safeguards.

74. To mitigate the risks of using active content, which of the following is an example of a technical safeguard?

a. Virtualization

b. Isolate proprietary program components

c. Proof carrying code

d. Isolate tightly bounded programs

74. c. Proof carrying code (a technical safeguard) contains the safety properties of the program code. The code and the proof are sent together to the code consumer (user) where the safety properties can be verified before the code is executed. The other three choices are examples of management and operational safeguards.