Читаем CISSP Practice полностью

c. 2 and 3

d. 1, 2, 3, and 4

198. d. Security designs should consider a layered approach to address or protect against a specific threat or to reduce vulnerability. For example, the use of a packet-filtering router with an application gateway and an intrusion detection system combine to increase the work-factor an attacker must expend to successfully attack the system. Adding good password controls and adequate user training improves the system’s security posture even more.

199. In the trusted computing base (TCB) environment, which of the following is referred to when a failure results from the modifications to the hardware?

a. Compromise from above

b. Compromise from within

c. Compromise from below

d. Compromise from cross domains

199. c. Compromise from below results when a failure occurs due to modification to the hardware. This is because the hardware is located at the bottom of the hierarchy. Compromise from above occurs when an unprivileged user can write untrusted code that exploits vulnerability. Compromise from within occurs when a privileged user or process misuses the allocated privileges. Compromise from cross domains is not relevant here.

200. Which of the following is the most important property of well-designed distributed systems?

a. Fault tolerance through redundancy

b. Security protection through isolation

c. Extendibility through adaptability

d. Distribution transparency through separation of components

200. d. Distribution transparency provides a unified interface to a collection of computing resources using the same names and operations regardless of their location. This means that services are delivered wherever the user is located. New components can be added to the system without interrupting system operations. The other three choices are benefits of well-designed distributed systems.

201. Regarding Common Criteria (CC), which of the following provides an implementation-independent statement of security needs?

a. Target of evaluation (TOE)

b. Security target (ST)

c. Protection profile (PP)

d. Evaluation of assurance level (EAL)

201. c. Protection profile (PP) is an implementation-independent statement of security needs for a product type.

TOE is incorrect because it is a product that has been installed and is being operated according to its guidance. ST is incorrect because it is an implementation-dependent statement of security needs for a specific identified TOE. EAL is incorrect because it is an assurance package, consisting of assurance requirements, representing a point on the CC predefined assurance scale.

202. Which of the following contains a security kernel, some trusted-code facilities, hardware, and some communication channels?

a. Security domain

b. Security model

c. Security perimeter

d. Security parameters

202. c. A security perimeter is a boundary within which security controls are applied to protect information assets.

The security domain is a set of elements, a security policy, an authority, and a set of relevant activities. The security model is a formal presentation of the security policy enforced by the system. Examples of security parameters include passwords and encryption keys.

203. Phishing attacks are mostly an example of which of the following?

a. Browser-oriented attacks

b. Server-oriented attacks

c. Network-oriented attacks

d. User-oriented attacks

203. d. In a phishing attack, attackers try to trick users into accessing a fake website and divulging personal information. Social engineering methods are employed in phishing attacks. Note that some phishing attacks can be a blended attack targeting the browser.

204. In which of the following security operating modes is the system access secured to at least the top level?

a. Multilevel security mode

b. Dedicated security mode

c. Compartmented security mode

d. Controlled mode