SSCP

Related to information security, integrity is the opposite of which of the following?A .  abstractionB .  alterationC .  accreditationD .  applicationView AnswerAnswer: B Explanation: Integrity is the opposite of "alteration." Source: KRUTZ, Ronald L. & VINES, Russel D., The CISSP Prep Guide: Mastering the Ten Domains of Computer Security, 2001, John...

Which software development model is actually a meta-model that incorporates a number of the software development models?A .  The Waterfall modelB .  The modified Waterfall modelC .  The Spiral modelD .  The Critical Path Model (CPM)View AnswerAnswer: C Explanation: The spiral model is actually a meta-model that incorporates a number...

Who of the following is responsible for ensuring that proper controls are in place to address integrity, confidentiality, and availability of IT systems and data?A .  Business and functional managersB .  IT Security practitionersC .  System and information ownersD .  Chief information officerView AnswerAnswer: C Explanation: The system and information...

What security problem is most likely to exist if an operating system permits objects to be used sequentially by multiple users without forcing a refresh of the objects?A .  Disclosure of residual data.B .  Unauthorized obtaining of a privileged execution state.C .  Denial of service through a deadly embrace.D ....

Which of the following determines that the product developed meets the projects goals?A .  verificationB .  validationC .  concurrenceD .  accuracyView AnswerAnswer: B Explanation: Software Development Verification vs. Validation: Verification determines if the product accurately represents and meets the design specifications given to the developers. A product can be developed that...

Which of the following is not one of the three goals of Integrity addressed by the Clark-Wilson model?A .  Prevention of the modification of information by unauthorized users.B .  Prevention of the unauthorized or unintentional modification of information by authorized users.C .  Preservation of the internal and external consistency.D ....

An Architecture where there are more than two execution domains or privilege levels is called:A .  Ring Architecture.B .  Ring LayeringC .  Network Environment.D .  Security ModelsView AnswerAnswer: A Explanation: In computer science, hierarchical protection domains, often called protection rings, are a mechanism to protect data and functionality from faults...

The Information Technology Security Evaluation Criteria (ITSEC) was written to address which of the following that the Orange Book did not address?A .  integrity and confidentiality.B .  confidentiality and availability.C .  integrity and availability.D .  none of the above.View AnswerAnswer: C Explanation: TCSEC focused on confidentiality while ITSEC added integrity...

Related to information security, availability is the opposite of which of the following?A .  delegationB .  distributionC .  documentationD .  destructionView AnswerAnswer: D Explanation: Availability is the opposite of "destruction." Source: KRUTZ, Ronald L. & VINES, Russel D., The CISSP Prep Guide: Mastering the Ten Domains of Computer Security, 2001, John...

Which of the following was developed by the National Computer Security Center (NCSC) for the US Department of Defense ?A .  TCSECB .  ITSECC .  DIACAPD .  NIACAPView AnswerAnswer: A Explanation: The Answer TCSEC; The TCSEC, frequently referred to as the Orange Book, is the centerpiece of the DoD Rainbow Series...