パスできるSSCP試験最速合格保証2024問題集! [Q165-Q181]

Share

パスできるSSCP試験最速合格保証2024問題集!

SSCP問題集完全版問題で試験学習ガイド

質問 # 165
What kind of Encryption technology does SSL utilize?

  • A. Private key
  • B. Hybrid (both Symmetric and Asymmetric)
  • C. Secret or Symmetric key
  • D. Public Key

正解:B

解説:
Explanation/Reference:
SSL use public-key cryptography to secure session key, while the session key (secret key) is used to secure the whole session taking place between both parties communicating with each other.
The SSL protocol was originally developed by Netscape. Version 1.0 was never publicly released; version
2.0 was released in February 1995 but "contained a number of security flaws which ultimately led to the design of SSL version 3.0." SSL version 3.0, released in 1996, was a complete redesign of the protocol produced by Paul Kocher working with Netscape engineers Phil Karlton and Alan Freier.
All of the other answers are incorrect


質問 # 166
Out of the steps listed below, which one is not one of the steps conducted during the Business Impact Analysis (BIA)?

  • A. Alternate site selection
  • B. Select individuals to interview for data gathering
  • C. Create data-gathering techniques
  • D. Identify the company's critical business functions

正解:A

解説:
Selecting and Alternate Site would not be done within the initial BIA. It would be done at a later stage of the BCP and DRP recovery effort. All of the other choices were steps that would be conducted during the BIA. See below the list of steps that would be done during the BIA.
A BIA (business impact analysis ) is considered a functional analysis, in which a team collects data through interviews and documentary sources; documents business functions, activities, and transactions ; develops a hierarchy of business functions; and finally applies a classification scheme to indicate each individual function's criticality level.
BIA Steps
1.Select individuals to interview for data gathering.
2.Create data-gathering techniques (surveys, questionnaires, qualitative and quantitative approaches).
3.Identify the company's critical business functions.
4.Identify the resources these functions depend upon.
5.Calculate how long these functions can survive without these resources.
6.Identify vulnerabilities and threats to these functions.
7.Calculate the risk for each different business function.
8.Document findings and report them to management.
Reference(s) used for this question:
Harris, Shon (2012-10-18). CISSP All-in-One Exam Guide, 6th Edition (p. 905-909).
McGraw-Hill. Kindle Edition.


質問 # 167
What can best be defined as a strongly protected computer that is in a network protected by a firewall (or is part of a firewall) and is the only host (or one of only a few hosts) in the network that can be directly accessed from networks on the other side of the firewall?

  • A. A dual-homed host
  • B. A proxy server
  • C. A bastion host
  • D. A screened subnet

正解:C

解説:
Section: Network and Telecommunications
Explanation/Reference:
The Internet Security Glossary (RFC2828) defines a bastion host as a strongly protected computer that is in a network protected by a firewall (or is part of a firewall) and is the only host (or one of only a few hosts) in the network that can be directly accessed from networks on the other side of the firewall.
Source: SHIREY, Robert W., RFC2828: Internet Security Glossary, may 2000.


質問 # 168
Which encryption algorithm is BEST suited for communication with handheld wireless devices?

  • A. ECC (Elliptic Curve Cryptosystem)
  • B. SHA
  • C. RSA
  • D. RC4

正解:A

解説:
Explanation/Reference:
As it provides much of the same functionality that RSA provides: digital signatures, secure key distribution,and encryption. One differing factor is ECC's efficiency. ECC is more efficient that RSA and any other asymmetric algorithm.
The following answers are incorrect because :
RSA is incorrect as it is less efficient than ECC to be used in handheld devices.
SHA is also incorrect as it is a hashing algorithm.
RC4 is also incorrect as it is a symmetric algorithm.
Reference : Shon Harris AIO v3 , Chapter-8 : Cryptography , Page : 631 , 638.


質問 # 169
Which of the following floors would be most appropriate to locate information processing facilities in a 6-stories building?

  • A. Ground floor
  • B. Sixth floor
  • C. Third floor
  • D. Basement

正解:C

解説:
Section: Access Control
Explanation/Reference:
You data center should be located in the middle of the facility or the core of a building to provide protection from natural disasters or bombs and provide easier access to emergency crewmembers if necessary. By being at the core of the facility the external wall would act as a secondary layer of protection as well.
Information processing facilities should not be located on the top floors of buildings in case of a fire or flooding coming from the roof. Many crimes and theft have also been conducted by simply cutting a large hole on the roof.
They should not be in the basement because of flooding where water has a natural tendancy to flow down :-) Even a little amount of water would affect your operation considering the quantity of electrical cabling sitting directly on the cement floor under under your raise floor.
The data center should not be located on the first floor due to the presence of the main entrance where people are coming in and out. You have a lot of high traffic areas such as the elevators, the loading docks, cafeteria, coffee shopt, etc.. Really a bad location for a data center.
So it was easy to come up with the answer by using the process of elimination where the top, the bottom, and the basement are all bad choices. That left you with only one possible answer which is the third floor.
Source: HARRIS, Shon, All-In-One CISSP Certification Exam Guide, 5th Edition, Page 425.


質問 # 170
A potential problem related to the physical installation of the Iris Scanner in regards to the usage of the iris pattern within a biometric system is:

  • A. the iris pattern changes as a person grows older.
  • B. there is a relatively high rate of false accepts.
  • C. the optical unit must be positioned so that the sun does not shine into the aperture.
  • D. concern that the laser beam may cause eye damage

正解:C

解説:
Because the optical unit utilizes a camera and infrared light to create the
images, sun light can impact the aperture so it must not be positioned in direct light of any
type. Because the subject does not need to have direct contact with the optical reader,
direct light can impact the reader.
An Iris recognition is a form of biometrics that is based on the uniqueness of a subject's iris.
A camera like device records the patterns of the iris creating what is known as Iriscode.
It is the unique patterns of the iris that allow it to be one of the most accurate forms of
biometric identification of an individual. Unlike other types of biometics, the iris rarely
changes over time. Fingerprints can change over time due to scaring and manual labor,
voice patterns can change due to a variety of causes, hand geometry can also change as
well. But barring surgery or an accident it is not usual for an iris to change. The subject has
a high-resoulution image taken of their iris and this is then converted to Iriscode. The
current standard for the Iriscode was developed by John Daugman. When the subject
attempts to be authenticated an infrared light is used to capture the iris image and this
image is then compared to the Iriscode. If there is a match the subject's identity is
confirmed. The subject does not need to have direct contact with the optical reader so it is
a less invasive means of authentication then retinal scanning would be.
Reference(s) used for this question:
AIO, 3rd edition, Access Control, p 134.
AIO, 4th edition, Access Control, p 182.
Wikipedia - http://en.wikipedia.org/wiki/Iris_recognition
The following answers are incorrect:
concern that the laser beam may cause eye damage. The optical readers do not use laser
so, concern that the laser beam may cause eye damage is not an issue.
the iris pattern changes as a person grows older. The question asked about the physical installation of the scanner, so this was not the best answer. If the question would have been about long term problems then it could have been the best choice. Recent research has shown that Irises actually do change over time: http://www.nature.com/news/ageingeyes-hinder-biometric-scans-1.10722
there is a relatively high rate of false accepts. Since the advent of the Iriscode there is a very low rate of false accepts, in fact the algorithm used has never had a false match. This all depends on the quality of the equipment used but because of the uniqueness of the iris even when comparing identical twins, iris patterns are unique.


質問 # 171
Which of the following phases of a system development life-cycle is most concerned with establishing a good security policy as the foundation for design?

  • A. Maintenance
  • B. Initiation
  • C. Implementation
  • D. Development/acquisition

正解:B

解説:
Section: Security Operation Adimnistration
Explanation/Reference:
A security policy is an important document to develop while designing an information system. The security policy begins with the organization's basic commitment to information security formulated as a general policy statement.
The policy is then applied to all aspects of the system design or security solution. The policy identifies security goals (e.g., confidentiality, integrity, availability, accountability, and assurance) the system should support, and these goals guide the procedures, standards and controls used in the IT security architecture design.
The policy also should require definition of critical assets, the perceived threat, and security-related roles and responsibilities.
Source: STONEBURNER, Gary & al, National Institute of Standards and Technology (NIST), NIST Special Publication 800-27, Engineering Principles for Information Technology Security (A Baseline for Achieving Security), June 2001 (page 6).


質問 # 172
Which of the following embodies all the detailed actions that personnel are required to follow?

  • A. Guidelines
  • B. Baselines
  • C. Standards
  • D. Procedures

正解:D

解説:
Explanation/Reference:
Procedures are step-by-step instructions in support of of the policies, standards, guidelines and baselines.
The procedure indicates how the policy will be implemented and who does what to accomplish the tasks." Standards is incorrect. Standards are a "Mandatory statement of minimum requirements that support some part of a policy, the standards in this case is your own company standards and not standards such as the ISO standards"
Guidelines is incorrect. "Guidelines are discretionary or optional controls used to enable individuals to make judgments with respect to security actions."
Baselines is incorrect. Baselines "are a minimum acceptable level of security. This minimum is implemented using specific rules necessary to implement the security controls in support of the policy and standards." For example, requiring a password of at leat 8 character would be an example. Requiring all users to have a minimun of an antivirus, a personal firewall, and an anti spyware tool could be another example.
References:
CBK, pp. 12 - 16. Note especially the discussion of the "hammer policy" on pp. 16-17 for the differences between policy, standard, guideline and procedure.
AIO3, pp. 88-93.


質問 # 173
Which of the following types of Intrusion Detection Systems uses behavioral characteristics of a system's operation or network traffic to draw conclusions on whether the traffic represents a risk to the network or host?

  • A. Signature Analysis.
  • B. Anomaly Detection.
  • C. Host-based ID systems.
  • D. Network-based ID systems.

正解:B

解説:
Section: Analysis and Monitoring
Explanation/Reference:
There are two basic IDS analysis methods: pattern matching (also called signature analysis) and anomaly detection.
Anomaly detection uses behavioral characteristics of a system's operation or network traffic to draw conclusions on whether the traffic represents a risk to the network or host. Anomalies may include but are not limited to:
Multiple failed log-on attempts
Users logging in at strange hours
Unexplained changes to system clocks
Unusual error messages
The following are incorrect answers:
Network-based ID Systems (NIDS) are usually incorporated into the network in a passive architecture, taking advantage of promiscuous mode access to the network. This means that it has visibility into every packet traversing the network segment. This allows the system to inspect packets and monitor sessions without impacting the network or the systems and applications utilizing the network.
Host-based ID Systems (HIDS) is the implementation of IDS capabilities at the host level. Its most significant difference from NIDS is that related processes are limited to the boundaries of a single-host system. However, this presents advantages in effectively detecting objectionable activities because the IDS process is running directly on the host system, not just observing it from the network. This offers unfettered access to system logs, processes, system information, and device information, and virtually eliminates limits associated with encryption. The level of integration represented by HIDS increases the level of visibility and control at the disposal of the HIDS application.
Signature Analysis Some of the first IDS products used signature analysis as their detection method and simply looked for known characteristics of an attack (such as specific packet sequences or text in the data stream) to produce an alert if that pattern was detected. For example, an attacker manipulating an FTP server may use a tool that sends a specially constructed packet. If that particular packet pattern is known, it can be represented in the form of a signature that IDS can then compare to incoming packets. Pattern-based IDS will have a database of hundreds, if not thousands, of signatures that are compared to traffic streams. As new attack signatures are produced, the system is updated, much like antivirus solutions. There are drawbacks to pattern-based IDS. Most importantly, signatures can only exist for known attacks. If a new or different attack vector is used, it will not match a known signature and, thus, slip past the IDS. Additionally, if an attacker knows that the IDS is present, he or she can alter his or her methods to avoid detection. Changing packets and data streams, even slightly, from known signatures can cause an IDS to miss the attack. As with some antivirus systems, the IDS is only as good as the latest signature database on the system.
For additional information on Intrusion Detection Systems - http://en.wikipedia.org/wiki/ Intrusion_detection_system Reference(s) used for this question:
Hernandez CISSP, Steven (2012-12-21). Official (ISC)2 Guide to the CISSP CBK, Third Edition ((ISC)2 Press) (Kindle Locations 3623-3625, 3649-3654, 3666-3686). Auerbach Publications. Kindle Edition.


質問 # 174
Which protocol makes USE of an electronic wallet on a customer's PC and sends encrypted credit card information to merchant's Web server, which digitally signs it and sends it on to its processing bank?

  • A. S/MIME (Secure MIME)
  • B. SSH ( Secure Shell)
  • C. SET (Secure Electronic Transaction)
  • D. SSL (Secure Sockets Layer)

正解:C

解説:
Section: Cryptography
Explanation/Reference:
As protocol was introduced by Visa and Mastercard to allow for more credit card transaction possibilities. It is comprised of three different pieces of software, running on the customer's PC (an electronic wallet), on the merchant's Web server and on the payment server of the merchant's bank. The credit card information is sent by the customer to the merchant's Web server, but it does not open it and instead digitally signs it and sends it to its bank's payment server for processing.
The following answers are incorrect because :
SSH (Secure Shell) is incorrect as it functions as a type of tunneling mechanism that provides terminal like access to remote computers.
S/MIME is incorrect as it is a standard for encrypting and digitally signing electronic mail and for providing secure data transmissions.
SSL is incorrect as it uses public key encryption and provides data encryption, server authentication, message integrity, and optional client authentication.
Reference : Shon Harris AIO v3 , Chapter-8: Cryptography , Page : 667-669


質問 # 175
The basic language of modems and dial-up remote access systems is:

  • A. Asynchronous Communication.
  • B. Synchronous Interaction.
  • C. Synchronous Communication.
  • D. Asynchronous Interaction.

正解:A

解説:
Asynchronous Communication is the basic language of modems and dial-up remote access systems.
Source: KRUTZ, Ronald L. & VINES, Russel D., The CISSP Prep Guide: Mastering the Ten Domains of Computer Security, 2001, John Wiley & Sons, Page 100.


質問 # 176
Which of the following is less likely to be included in the change control sub-phase of the maintenance phase of a software product?

  • A. Determining the interface that is presented to the user
  • B. Estimating the cost of the changes requested
  • C. Recreating and analyzing the problem
  • D. Establishing the priorities of requests

正解:D

解説:
Explanation/Reference:
Change control sub-phase includes Recreating and analyzing the problem, Determining the interface that is presented to the user, and Establishing the priorities of requests.
Source: KRUTZ, Ronald L. & VINES, Russel D., The CISSP Prep Guide: Mastering the Ten Domains of Computer Security, John Wiley & Sons, 2001, Chapter 7: Applications and Systems Development (page
252).


質問 # 177
Which of the following offers advantages such as the ability to use stronger passwords, easier password administration, one set of credential, and faster resource access?

  • A. Single Sign-On (SSO)
  • B. Public Key Infrastructure (PKI)
  • C. Symmetric Ciphers
  • D. Smart cards

正解:A

解説:
Section: Access Control
Explanation/Reference:
The advantages of SSO include having the ability to use stronger passwords, easier administration as far as changing or deleting the passwords, minimize the risks of orphan accounts, and requiring less time to access resources.
Source: KRUTZ, Ronald L. & VINES, Russel D., The CISSP Prep Guide: Mastering the Ten Domains of Computer Security, 2001, John Wiley & Sons, Page 39.


質問 # 178
What would be the Annualized Rate of Occurrence (ARO) of the threat "user input error", in the case where a company employs 100 data entry clerks and every one of them makes one input error each month?

  • A. 0
  • B. 1
  • C. 2
  • D. 3

正解:B

解説:
If every one of the 100 clerks makes 1 error 12 times per year, it makes a total of 1200 errors. The Annnualized Rate of Occurence (ARO) is a value that represents the estimated frequency in which a threat is expected to occur. The range can be from 0.0 to a large number. Having an average of 1200 errors per year means an ARO of 1200


質問 # 179
Which of the following is immune to the effects of electromagnetic interference (EMI) and therefore has a much longer effective usable length?

  • A. Coaxial cable
  • B. Fiber Optic cable
  • C. Axial cable
  • D. Twisted Pair cable

正解:B

解説:
Fiber Optic cable is immune to the effects of electromagnetic interference (EMI) and therefore has a much longer effective usable length (up to two kilometers in some cases). Source: KRUTZ, Ronald L. & VINES, Russel D., The CISSP Prep Guide: Mastering the Ten Domains of Computer Security, 2001, John Wiley & Sons, Page 72.


質問 # 180
Which of the following are not Remote Access concerns?

  • A. Access badges
  • B. Auditing of activities
  • C. Justification for remote access
  • D. Regular review of access privileges

正解:A

解説:
Section: Access Control
Explanation/Reference:
Access badges are more relevant to physical security rather than remote access.
"Justification for remote access" is incorrect. Justification for remote access is a relevant concern.
"Auditing of activities" is incorrect. Auditing of activites is an imporant aspect to assure that malicious or unauthorized activities are not occuring.
"Regular review of access privileges" is incorrect. Regular review of remote accept privileges is an important management responsibility.
References:
AIO3, pp. 547 - 548


質問 # 181
......

ISC Certification無料認定試験資料は1074問:https://jp.fast2test.com/SSCP-premium-file.html


弊社を連絡する

我々は12時間以内ですべてのお問い合わせを答えます。

我々の働いている時間: ( GMT 0:00-15:00 )
月曜日から土曜日まで

サポート: 現在連絡 

English Deutsch 繁体中文 한국어