Читаем CISSP Practice полностью

137. d. Two main approaches to mitigate the risks in using active content include avoidance, which is staying completely clear of known and potential vulnerabilities and harm reduction, which is applying measures to limit the potential loss due to exposure. The other three choices are incorrect because principles and practices are a part of security policy, which is a part of safeguards or controls.

138. Implementing layered and diverse defenses to an information system means:

1. Attacks are progressively weakened.

2. Attacks are eventually defeated.

3. Placing identical controls in succession.

4. Placing different controls that complement each other.

a. 1 and 2

b. 1 and 3

c. 2 and 4

d. 1, 2, 3, and 4

138. d. Defending an information system requires safeguards applied not only at points of entry, but also throughout the system. Ideally, selecting and placing security controls are done in such a way that all attacks are progressively weakened and eventually defeated. Having an identical control in succession tends to lengthen the duration of the attack. Applying different types of controls that complement each other and are mutually supportive is a much more effective approach (i.e., defense-in-depth strategy).

139. Structured Query Language (SQL) security threats include which of the following?

a. Data retrieval and manipulation

b. Aggregation and inference

c. Schema definition and manipulation

d. Transaction and diagnostic management

139. b. Aggregation is the result of assembling or combining distinct units of data when handling sensitive information. Aggregation of data at one sensitivity level may result in all the data being designated at a higher sensitivity level. Inference is derivation of new information from known information. The inference problem refers to the fact that the derived information may be classified at a level for which the user is not cleared. Items included in the other three choices are functions and features of a SQL.

140. A data dictionary is which of the following?

a. It is a central catalog of programs.

b. It is a central catalog of processes.

c. It is a central catalog of data.

d. It is a central catalog of objects.

140. c. A data dictionary is a tool to help organizations control their data assets by providing a central catalog of data. The data dictionary requires security protection.

141. What is a database relation containing multiple rows with the same primary key called?

a. Polyinstantiation

b. Polymorphism

c. Inference

d. Aggregation

141. a. Polyinstantiation enables a relation to contain multiple rows with the same primary key. The multiple instances are distinguished by their security levels. In polymorphism, a name may denote objects of many different classes that are related by some common superclass. Inference is derivation of new information from known information. Aggregation is the result of assembling distinct units of data when handling sensitive information.

142. A data warehouse contains which of the following?

a. Raw data

b. Massaged data

c. Source data

d. Transaction data

142. b. A database contains raw data whereas a data warehouse contains massaged data (i.e., summarized data or correlated data). Source data and transaction data are the same as raw data.

143. Which of the following tools is most useful in detecting security intrusions?

a. Data mining tools

b. Data optimization tools

c. Data reorganization tools

d. Data access tools

143. a. Data mining is a set of automated tools that convert the data in the data warehouse to some useful information. It selects and reports information deemed significant from a data warehouse or database. Data mining techniques can also be used for intrusion detection, fraud detection, and auditing the databases. You can apply data mining tools to detect abnormal patterns in data, which can provide clues to fraud.

Data optimization tools improve database performance. Data reorganization tools help relocate the data to facilitate faster access. Data access tools help in reaching the desired data.

144. Which of the following can be most easily exploited when executing behind firewalls?

a. Electronic mail

b. Web requests

c. Active-X controls

d. File transfer protocol