The Ultimate ISC CISSP Dumps PDF Review [Q253-Q275]

Share

The Ultimate ISC CISSP Dumps PDF Review

Achieve The Utmost Performance In CISSP Exam Pass Guaranteed

NEW QUESTION # 253
2
The ISC Code of Ethics does not include which of the following behaviors for a CISSP:

  • A. Legality
  • B. Honesty
  • C. Control
  • D. Ethical behavior

Answer: C

Explanation:
Explanation/Reference:
Explanation:
2 2
ISC code of Ethics does not refer to control. To follow the ISC code of Ethics you should act honorably, honestly, justly, responsibly, and legally, and protect society.
Incorrect Answers:
2
A: To follow the ISC code of Ethics you should act honestly.
2
B: To follow the ISC code of Ethics you should use ethical behavior as you should act honorably, honestly, justly, responsibly, and legally, and protect society.
2
C: To follow the ISC code of Ethics you should act legally.
References:
Harris, Shon, All In One CISSP Exam Guide, 6th Edition, McGraw-Hill, New York, 2013, p. 1062


NEW QUESTION # 254
Which of the following is NOT an example of a detective control?

  • A. System Monitor
  • B. Backup data restore
  • C. Monitor detector
  • D. IDS

Answer: B

Explanation:
The word NOT is used as a keyword in the question. You need to find out a security control from an given options which in not detective control. Backup data restore is a corrective control and not a detective control. For your exam you should know below information about different security controls
Deterrent Controls Deterrent Controls are intended to discourage a potential attacker. Access controls act as a deterrent to threats and attacks by the simple fact that the existence of the control is enough to keep some potential attackers from attempting to circumvent the control. This is often because the effort required to circumvent the control is far greater than the potential reward if the attacker is successful, or, conversely, the negative implications of a failed attack (or getting caught) outweigh the benefits of success. For example, by forcing the identification and authentication of a user, service, or application, and all that it implies, the potential for incidents associated with the system is significantly reduced because an attacker will fear association with the incident. If there are no controls for a given access path, the number of incidents and the potential impact become infinite. Controls inherently reduce exposure to risk by applying oversight for a process. This oversight acts as a deterrent, curbing an attacker's appetite in the face of probable repercussions. The best example of a deterrent control is demonstrated by employees and their propensity to intentionally perform unauthorized functions, leading to unwanted events. When users begin to understand that by authenticating into a system to perform a function, their activities are logged and monitored, and it reduces the likelihood they will attempt such an action. Many threats are based on the anonymity of the threat agent, and any potential for identification and association with their actions is avoided at all costs. It is this fundamental reason why access controls are the key target of circumvention by attackers. Deterrents also take the form of potential punishment if users do something unauthorized. For example, if the organization policy specifies that an employee installing an unauthorized wireless access point will be fired, that will determine most employees from installing wireless access points.
Preventative Controls Preventive controls are intended to avoid an incident from occurring. Preventative access controls keep a user from performing some activity or function. Preventative controls differ from deterrent controls in that the control is not optional and cannot (easily) be bypassed. Deterrent controls work on the theory that it is easier to obey the control rather than to risk the consequences of bypassing the control. In other words, the power for action resides with the user (or the attacker). Preventative controls place the power of action with the system, obeying the control is not optional. The only way to bypass the control is to find a flaw in the control's implementation.
Compensating Controls Compensating controls are introduced when the existing capabilities of a system do not support the requirement of a policy. Compensating controls can be technical, procedural, or managerial. Although an existing system may not support the required controls, there may exist other technology or processes that can supplement the existing environment, closing the gap in controls, meeting policy requirements, and reducing overall risk. For example, the access control policy may state that the authentication process must be encrypted when performed over the Internet. Adjusting an application to natively support encryption for authentication purposes may be too costly. Secure Socket Layer (SSL), an encryption protocol, can be employed and layered on top of the authentication process to support the policy statement. Other examples include a separation of duties environment, which offers the capability to isolate certain tasks to compensate for technical limitations in the system and ensure the security of transactions. In addition, management processes, such as authorization, supervision, and administration, can be used to compensate for gaps in the access control environment.
Detective Controls Detective controls warn when something has happened, and are the earliest point in the postincident timeline. Access controls are a deterrent to threats and can be aggressively utilized to prevent harmful incidents through the application of least privilege. However, the detective nature of access controls can provide significant visibility into the access environment and help organizations manage their access strategy and related security risk. As mentioned previously, strongly managed access privileges provided to an authenticated user offer the ability to reduce the risk exposure of the enterprise's assets by limiting the capabilities that authenticated user has. However, there are few options to control what a user can perform once privileges are provided. For example, if a user is provided write access to a file and that file is damaged, altered, or otherwise negatively impacted (either deliberately or unintentionally), the use of applied access controls will offer visibility into the transaction. The control environment can be established to log activity regarding the identification, authentication, authorization, and use of privileges on a system. This can be used to detect the occurrence of errors, the attempts to perform an unauthorized action, or to validate when provided credentials were exercised. The logging system as a detective device provides evidence of actions (both successful and unsuccessful) and tasks that were executed by authorized users.
Corrective Controls When a security incident occurs, elements within the security infrastructure may require corrective actions. Corrective controls are actions that seek to alter the security posture of an environment to correct any deficiencies and return the environment to a secure state. A security incident signals the failure of one or more directive, deterrent, preventative, or compensating controls. The detective controls may have triggered an alarm or notification, but now the corrective controls must work to stop the incident in its tracks. Corrective controls can take many forms, all depending on the particular situation at hand or the particular security failure that needs to be dealt with.
Recovery Controls Any changes to the access control environment, whether in the face of a security incident or to offer temporary compensating controls, need to be accurately reinstated and returned to normal operations. There are several situations that may affect access controls, their applicability, status, or management. Events can include system outages, attacks, project changes, technical demands, administrative gaps, and full-blown disaster situations. For example, if an application is not correctly installed or deployed, it may adversely affect controls placed on system files or even have default administrative accounts unknowingly implemented upon install. Additionally, an employee may be transferred, quit, or be on temporary leave that may affect policy requirements regarding separation of duties. An attack on systems may have resulted in the implantation of a Trojan horse program, potentially exposing private user information, such as credit card information and financial data. In all of these cases, an undesirable situation must be rectified as quickly as possible and controls returned to normal operations.
For your exam you should know below information about different security controls Deterrent Controls Deterrent Controls are intended to discourage a potential attacker. Access controls act as a deterrent to threats and attacks by the simple fact that the existence of the control is enough to keep some potential attackers from attempting to circumvent the control. This is often because the effort required to circumvent the control is far greater than the potential reward if the attacker is successful, or, conversely, the negative implications of a failed attack (or getting caught) outweigh the benefits of success. For example, by forcing the identification and authentication of a user, service, or application, and all that it implies, the potential for incidents associated with the system is significantly reduced because an attacker will fear association with the incident. If there are no controls for a given access path, the number of incidents and the potential impact become infinite. Controls inherently reduce exposure to risk by applying oversight for a process. This oversight acts as a deterrent, curbing an attacker's appetite in the face of probable repercussions.
The best example of a deterrent control is demonstrated by employees and their propensity to intentionally perform unauthorized functions, leading to unwanted events.
When users begin to understand that by authenticating into a system to perform a function, their activities are logged and monitored, and it reduces the likelihood they will attempt such an action. Many threats are based on the anonymity of the threat agent, and any potential for identification and association with their actions is avoided at all costs. It is this fundamental reason why access controls are the key target of circumvention by attackers. Deterrents also take the form of potential punishment if users do something unauthorized. For example, if the organization policy specifies that an employee installing an unauthorized wireless access point will be fired, that will determine most employees from installing wireless access points.
Preventative Controls Preventive controls are intended to avoid an incident from occurring. Preventative access controls keep a user from performing some activity or function. Preventative controls differ from deterrent controls in that the control is not optional and cannot (easily) be bypassed. Deterrent controls work on the theory that it is easier to obey the control rather than to risk the consequences of bypassing the control. In other words, the power for action resides with the user (or the attacker). Preventative controls place the power of action with the system, obeying the control is not optional. The only way to bypass the control is to find a flaw in the control's implementation.
Compensating Controls Compensating controls are introduced when the existing capabilities of a system do not support the requirement of a policy. Compensating controls can be technical, procedural, or managerial. Although an existing system may not support the required controls, there may exist other technology or processes that can supplement the existing environment, closing the gap in controls, meeting policy requirements, and reducing overall risk. For example, the access control policy may state that the authentication process must be encrypted when performed over the Internet. Adjusting an application to natively support encryption for authentication purposes may be too costly. Secure Socket Layer (SSL), an encryption protocol, can be employed and layered on top of the authentication process to support the policy statement. Other examples include a separation of duties environment, which offers the capability to isolate certain tasks to compensate for technical limitations in the system and ensure the security of transactions. In addition, management processes, such as authorization, supervision, and administration, can be used to compensate for gaps in the access control environment.
Detective Controls Detective controls warn when something has happened, and are the earliest point in the post-incident timeline. Access controls are a deterrent to threats and can be aggressively utilized to prevent harmful incidents through the application of least privilege. However, the detective nature of access controls can provide significant visibility into the access environment and help organizations manage their access strategy and related security risk. As mentioned previously, strongly managed access privileges provided to an authenticated user offer the ability to reduce the risk exposure of the enterprise's assets by limiting the capabilities that authenticated user has. However, there are few options to control what a user can perform once privileges are provided. For example, if a user is provided write access to a file and that file is damaged, altered, or otherwise negatively impacted (either deliberately or unintentionally), the use of applied access controls will offer visibility into the transaction. The control environment can be established to log activity regarding the identification, authentication, authorization, and use of privileges on a system. This can be used to detect the occurrence of errors, the attempts to perform an unauthorized action, or to validate when provided credentials were exercised. The logging system as a detective device provides evidence of actions (both successful and unsuccessful) and tasks that were executed by authorized users.
Corrective Controls When a security incident occurs, elements within the security infrastructure may require corrective actions. Corrective controls are actions that seek to alter the security posture of an environment to correct any deficiencies and return the environment to a secure state. A security incident signals the failure of one or more directive, deterrent, preventative, or compensating controls. The detective controls may have triggered an alarm or notification, but now the corrective controls must work to stop the incident in its tracks. Corrective controls can take many forms, all depending on the particular situation at hand or the particular security failure that needs to be dealt with.
Recovery Controls
Any changes to the access control environment, whether in the face of a security incident or to
offer temporary compensating controls, need to be accurately reinstated and returned to normal
operations. There are several situations that may affect access controls, their applicability, status,
or management.
Events can include system outages, attacks, project changes, technical demands, administrative
gaps, and full-blown disaster situations. For example, if an application is not correctly installed or
deployed, it may adversely affect controls placed on system files or even have default
administrative accounts unknowingly implemented upon install.
Additionally, an employee may be transferred, quit, or be on temporary leave that may affect policy
requirements regarding separation of duties. An attack on systems may have resulted in the
implantation of a Trojan horse program, potentially exposing private user information, such as
credit card information and financial data. In all of these cases, an undesirable situation must be
rectified as quickly as possible and controls returned to normal operations.
The following answers are incorrect:
The other examples are belongs to detective control.
The following reference(s) were/was used to create this question:
CISA Review Manual 2014 Page number 44
and
Official ISC2 CISSP guide 3rd edition Page number 50 and 51


NEW QUESTION # 255
What is called the type of access control where there are pairs of elements that have the least upper bound of values and greatest lower bound of values?

  • A. Rule model
  • B. Discretionary model
  • C. Mandatory model
  • D. Lattice model

Answer: D

Explanation:
In a lattice model, there are pairs of elements that have the least upper bound of
values and greatest lower bound of values.
Reference(s) used for this question:
KRUTZ, Ronald L. & VINES, Russel D., The CISSP Prep Guide: Mastering the Ten Domains of
Computer Security, 2001, John Wiley & Sons, Page 34.


NEW QUESTION # 256
Which access control model was proposed for enforcing access control in government and military applications?

  • A. Sutherland model
  • B. Bell-LaPadula model
  • C. Brewer-Nash model
  • D. Biba model

Answer: B

Explanation:
The Bell-LaPadula model, mostly concerned with confidentiality, was proposed for enforcing access control in government and military applications. It supports mandatory access control by determining the access rights from the security levels associated with subjects and objects. It also supports discretionary access control by checking access rights from an access matrix. The Biba model, introduced in 1977, the Sutherland model, published in 1986, and the Brewer-Nash model, published in 1989, are concerned with integrity. Source: ANDRESS, Mandy, Exam Cram CISSP, Coriolis, 2001, Chapter 2: Access Control Systems and Methodology (page 11).


NEW QUESTION # 257
Which is NOT a suitable method for distributing certificate revocation information?

  • A. Delta CRL
  • B. CA revocation mailing list
  • C. OCSP (online certificate status protocol)
  • D. Distribution point CRL

Answer: B

Explanation:
The following are incorrect answers because they are all suitable methods.
A Delta CRL is a CRL that only provides information about certificates whose statuses have
changed since the issuance of a specific, previously issued CRL.
The Online Certificate Status Protocol (OCSP) is an Internet protocol used for obtaining the
revocation status of an X.509 digital certificate.
A Distribution point CRL or CRL Distribution Point, a location specified in the CRL Distribution
Point (CRL DP) X.509, version 3, certificate extension when the certificate is issued.
References:
RFC 2459: Internet X.509 Public Key Infrastru
http://csrc.nist.gov/groups/ST/crypto_apps_infra/documents/sliding_window.pdf
http://www.ipswitch.eu/online_certificate_status_protocol_en.html
Computer Security Handbook By Seymour Bosworth, Arthur E. Hutt, Michel E. Kabay
http://books.google.com/books?id=rCx5OfSFUPkC&printsec=frontcover&dq=Computer+Security+
Handbook#PRA6-PA4,M1


NEW QUESTION # 258
Business Continuity and Disaster Recovery Planning (Primarily) addresses the:

  • A. Integrity of the CIA triad
  • B. Availability, Confidentiality and Integrity of the CIA triad
  • C. Availability of the CIA triad
  • D. Confidentiality of the CIA triad

Answer: C

Explanation:
Explanation/Reference:
Explanation:
Availability is one of the main themes behind business continuity planning, in that it ensures that the resources required to keep the business going will continue to be available to the people and systems that rely upon them.
Note: The CIA Triad, primary goals and objectives of security, is the three essential security principles of confidentiality, integrity, and availability. Vulnerabilities and risks are also evaluated based on the threat they pose against one or more of the CIA Triad principles.
Incorrect Answers:
B: Business Continuity and Disaster Recovery Planning primarily addresses availability, Confidentiality.
C: Business Continuity and Disaster Recovery Planning primarily addresses availability, not integrity.
D: Business Continuity and Disaster Recovery Planning primarily addresses availability, , Confidentiality or integrity.
References:
Harris, Shon, All In One CISSP Exam Guide, 6th Edition, McGraw-Hill, 2013, p. 888


NEW QUESTION # 259
What is known as the probability that you are not authenticated to access your account?

  • A. ERR
  • B. FAR
  • C. MTBF
  • D. FRR

Answer: D

Explanation:
Biometric performance is most commonly measured in two ways: False Rejection Rate (FRR), and False Acceptance Rate (FAR). The FRR is the probability that you are not authenticated to access your account. A strict definition states that the FRR is the probability that a mated comparison (i.e. 2 biometric samples of the same finger) incorrectly determines that there is no match.


NEW QUESTION # 260
Which of the following refers to the data left on the media after the media has been erased?

  • A. remanence
  • B. sticky bits
  • C. recovery
  • D. semi-hidden

Answer: A

Explanation:
Actually the term "remanence" comes from electromagnetism, the study of the
electromagnetics. Originally referred to (and still does in that field of study) the magnetic flux that
remains in a magnetic circuit after an applied magnetomotive force has been removed. Absolutely
no way a candidate will see anywhere near that much detail on any similar CISSP question, but
having read this, a candidate won't be likely to forget it either.
It is becoming increasingly commonplace for people to buy used computer equipment, such as a
hard drive, or router, and find information on the device left there by the previous owner;
information they thought had been deleted. This is a classic example of data remanence: the
remains of partial or even the entire data set of digital information. Normally, this refers to the data
that remain on media after they are written over or degaussed. Data remanence is most common
in storage systems but can also occur in memory.
Specialized hardware devices known as degaussers can be used to erase data saved to magnetic
media. The measure of the amount of energy needed to reduce the magnetic field on the media to
zero is known as coercivity.
It is important to make sure that the coercivity of the degausser is of sufficient strength to meet
object reuse requirements when erasing data. If a degausser is used with insufficient coercivity,
then a remanence of the data will exist. Remanence is the measure of the existing magnetic field
on the media; it is the residue that remains after an object is degaussed or written over.
Data is still recoverable even when the remanence is small. While data remanence exists, there is
no assurance of safe object reuse.
Reference(s) used for this question:
Hernandez CISSP, Steven (2012-12-21). Official (ISC)2 Guide to the CISSP CBK, Third Edition
((ISC)2 Press) (Kindle Locations 4207-4210). Auerbach Publications. Kindle Edition.
and
Hernandez CISSP, Steven (2012-12-21). Official (ISC)2 Guide to the CISSP CBK, Third Edition
((ISC)2 Press) (Kindle Locations 19694-19699). Auerbach Publications. Kindle Edition.


NEW QUESTION # 261
Which of the following teams should NOT be included in an organization's contingency plan?

  • A. Damage assessment team
  • B. Hardware salvage team
  • C. Tiger team
  • D. Legal affairs team

Answer: C

Explanation:
According to NIST's Special publication 800-34, a capable recovery strategy will require some or all of the following functional groups: Senior management official, management team, damage assessment team, operating system administration team, systems software team, server recovery team, LAN/WAN recovery team, database recovery team, network operations recovery team, telecommunications team, hardware salvage team, alternate site recovery coordination team, original site restoration/salvage coordination team, test team, administrative support team, transportation and relocation team, media relations team, legal affairs team, physical/personal security team, procurements team. Ideally, these teams would be staffed with the personnel responsible for the same or similar operation under normal conditions. A tiger team, originally a U.S. military jargon term, defines a team (of sneakers) whose purpose is to penetrate security, and thus test security measures. Used today for teams performing ethical hacking. Source: SWANSON, Marianne, & al., National Institute of Standards and Technology (NIST), NIST Special Publication 800-34, Contingency Planning Guide for Information Technology Systems, December 2001 (page 23).


NEW QUESTION # 262
What is the term used to define where data is geographically stored in the cloud?

  • A. Data sovereignty
  • B. Data warehouse
  • C. Data privacy rights
  • D. Data subject rights

Answer: A


NEW QUESTION # 263
Why do some sites choose not to implement Trivial File Transfer Protocol (TFTP)?

  • A. directory restriction
  • B. user authentication requirement
  • C. inherent security risks
  • D. list restrictions

Answer: C


NEW QUESTION # 264
Which xDSL flavour delivers both downstream and upstream speeds of 1.544 Mbps over two copper twisted pairs?

  • A. ADSL
  • B. HDSL
  • C. VDSL
  • D. SDSL

Answer: B

Explanation:
HDSL - High-Data-Rate Digital Subscriber Line - 1.544 Mbps each way over 2 copper twisted pair (http://www.cisco.com/en/US/tech/tk175/tk318/tsd_technology_support_protocol_home.html)


NEW QUESTION # 265
Controls provide accountability for individuals who are accessing sensitive information. This accountability is accomplished:

  • A. through access control mechanisms that require identification and authentication and through the audit function.
  • B. through logical or technical controls involving the restriction of access to systems and the protection of information
  • C. through logical or technical controls but not involving the restriction of access to systems and the protection of information.
  • D. through access control mechanisms that do not require identification and authentication and do not operate through the audit function.

Answer: A


NEW QUESTION # 266
Data remanence is the biggest threat in which of the following scenarios?

  • A. A physical disk drive has been overwritten and reused within a datacenter.
  • B. A flash drive has been overwritten and released to a third party for destruction.
  • C. A flash drive has been overwritten, verified, and reused within a datacenter.
  • D. A physical disk drive has been degaussed, verified, and released to a third party for dest.......

Answer: B


NEW QUESTION # 267
An organization is selecting a service provider to assist in the consolidation of multiple computing sites including development, implementation and ongoing support of various computer systems. Which of the following MUST be verified by the Information Security Department?

  • A. The service provider's policies can meet the requirements imposed by the new environment even if they differ from the organization's current policies.
  • B. The service provider will impose controls and protections that meet or exceed the current systems controls and produce audit logs as verification.
  • C. The service provider's policies are consistent with ISO/IEC27001 and there is evidence that the service provider is following those policies.
  • D. The service provider will segregate the data within its systems and ensure that each region's policies are met.

Answer: A


NEW QUESTION # 268
Which of the following testing method examines the functionality of an application without peering into its internal structure or knowing the details of its internals?

  • A. Parallel Test
  • B. Pilot Testing
  • C. Black-box testing
  • D. Regression Testing

Answer: C

Explanation:
Explanation/Reference:
Explanation:
Black box testing examines the functionality of an application without peering into its internal structures or workings. Black box testing provides the tester with no internal details; the software is treated as a black box that receives inputs.
Incorrect Answers:
B: Parallel Testing is the process of entering the same inputs in two different versions of the application and reporting the anomalies.
C: Regression Testing is the process of rerunning a portion of a test scenario or test plan to ensure that changes or corrections have not introduced new errors.
D: Pilot Testing is a preliminary test that focuses on specific and predefined aspect of a system.
References:
Conrad, Eric, Seth Misenar, Joshua Feldman, CISSP Study Guide, 2nd Edition, Syngress, Waltham, 2012, p. 194 Harris, Shon, All In One CISSP Exam Guide, 6th Edition, McGraw-Hill, 2013, p. 1105
https://en.wikipedia.org/wiki/Black-box_testing
http://www.tutorialspoint.com/software_testing_dictionary/parallel_testing.htm
http://soft-engineering.blogspot.co.za/2010/12/what-is-difference-between-pilot-and.html


NEW QUESTION # 269
Layer 2 of the OSI model has two sublayers. What are those sublayers, and what are two IEEE standards that describe technologies at that layer?

  • A. Network and MAC; IEEE 802.1 and 802.3
  • B. LLC and MAC; IEEE 802.1 and 802.3
  • C. LLC and MAC; IEEE 802.2 and 802.3
  • D. LLC and MAC; IEEE 802.2 and 802.3

Answer: C

Explanation:
Explanation/Reference:
Explanation:
OSI layer is the data link layer. The data link layer is divided into two functional sublayers: the Logical Link Control (LLC) and the Media Access Control (MAC).
The IEE LLC specification for Ethernet is defined in the IEEE 802.2 standard, while the IEEE MAC specification for Ethernet is 802.3
Incorrect Answers:
A: LCL is not a sublayer of OSI layer 2.
B: LCL is not a sublayer of OSI layer 2.
C: Network is not a sublayer of OSI layer 2.
References:
Harris, Shon, All In One CISSP Exam Guide, 6th Edition, McGraw-Hill, New York, 2013, p. 528
http://en.wikipedia.org/wiki/OSI_model


NEW QUESTION # 270
Which of the following are the two commonly defined types of covert channels?

  • A. Software and Timing
  • B. Storage and Timing
  • C. Kernel and Timing
  • D. Storage and Kernel

Answer: B

Explanation:
Explanation/Reference:
Explanation:
A covert channel is a way for an entity to receive information in an unauthorized manner. It is an information flow that is not controlled by a security mechanism.
Covert channels are of two types: storage and timing.
A covert storage channel involves direct or indirect reading of a storage location by another process. A covert timing channel depends upon being able to influence the rate that some other process is able to acquire resources, such as the CPU.
A covert storage channel is a "covert channel that involves the direct or indirect writing of a storage location by one process and the direct or indirect reading of the storage location by another process.
Covert storage channels typically involve a finite resource (e.g. sectors on a disk) that is shared by two subjects at different security levels.
A covert timing channel is a "covert channel in which one process signals information to another by modulating its own use of system resources (e.g. CPU time) in such a way that this manipulation affects the real response time observed by the second process
Incorrect Answers:
B: Software and Timing are not defined types of covert channels.
C: Kernel is not a defined type of covert channel.
D: Kernel is not a defined type of covert channel.
References:
http://www.isg.rhul.ac.uk/~prai175/ISGStudentSem07/CovertChannels.ppt
Harris, Shon, All In One CISSP Exam Guide, 6th Edition, McGraw-Hill, 2013, pp. 378-379


NEW QUESTION # 271
"Stateful" differs from "Static" packet filtering firewalls by being aware of which of the following?

  • A. Originating application session
  • B. Originating network location
  • C. Difference between a new and an established connection
  • D. Difference between a malicious and a benign packet payload

Answer: C

Explanation:
Section: Communication and Network Security


NEW QUESTION # 272
In a cryptographic key distribution system, the master key is used to exchange?

  • A. Public keys
  • B. Secret keys
  • C. Private keys
  • D. Session keys

Answer: D

Explanation:
"The Key Distribution Center (KDC) is the most import component within a Kerberos environment. The KDC holds all users' and services' cryptographic keys. It provides authentication services, as well as key distribution functionality. The clients and services trust the integrity of the KDC, and this trust is the foundation of Kerberos security." Pg. 148 Shon Harris CISSP All-In-One Certification Exam Guide 'The basic principles of Kerberos operation are as follows: 1.)The KDC knows the secret keys of all clients and servers on the network. 2.)The KDC initially exchanges information with the client and server by using these secret keys. 3.)Kerberos authenticates a client to a requested service on a server through TGS, and by using temporary symmetric session keys for communications between the client and KDC, the server and the KDC, and the client and server. 4.)Communication then takes place between the client and the server using those temporary session keys." Pg. 40 Krutz: The CISSP Prep Guide


NEW QUESTION # 273
At which OSI layer does SSL reside in?

  • A. Session
  • B. Transport
  • C. Application
  • D. Network

Answer: B

Explanation:
The following answers are incorrect: Application - SSL resides in the transport layer.
Session - While SSL does straddle both the session and transport layers, for exam purposes, choose transport.
Network - SSL resides in the transport layer.
The following reference(s) were/was used to create this question: All In One CISSP Exam guide by Shon Harris, Chapter 7, pg 493


NEW QUESTION # 274
A security practitioner has been tasked with establishing organizational asset handling procedures.
What should be considered that would have the GRFATEST impact to the development of these procedures?

  • A. Information classification scheme
  • B. User roles and responsibilities
  • C. Media handling procedures
  • D. Acceptable Use Policy (ALP)

Answer: A


NEW QUESTION # 275
......

Achive your Success with Latest ISC CISSP Exam: https://www.dumps4pdf.com/CISSP-valid-braindumps.html

The CISSP Exam Test For Brief Preparation: https://drive.google.com/open?id=1FMoJB8pvosgmzQzSdX6PIfxMzJ-EaWX2