SSCP

The three classic ways of authenticating yourself to the computer security software are by something you know, by something you have, and by something:A .  you need.B .  non-trivialC .  you are.D .  you can get.View AnswerAnswer: C Explanation: This is more commonly known as biometrics and is one of...

What security model implies a central authority that define rules and sometimes global rules, dictating what subjects can have access to what objects?A .  Flow ModelB .  Discretionary access controlC .  Mandatory access controlD .  Non-discretionary access controlView AnswerAnswer: D Explanation: As a security administrator you might configure user profiles so...

What is the PRIMARY use of a password?A .  Allow access to files.B .  Identify the user.C .  Authenticate the user.D .  Segregate various user's accesses.View AnswerAnswer: C Explanation: Source: TIPTON, Hal, (ISC)2, Introduction to the CISSP Exam presentation.

Access Control techniques do not include which of the following choices?A .  Relevant Access ControlsB .  Discretionary Access ControlC .  Mandatory Access ControlD .  Lattice Based Access ControlView AnswerAnswer: A Explanation: Access Control Techniques Discretionary Access Control Mandatory Access Control Lattice Based Access Control Rule-Based Access Control Role-Based Access Control...

Which type of password provides maximum security because a new password is required for each new log-on?A .  One-time or dynamic passwordB .  Congnitive passwordC .  Static passwordD .  PassphraseView AnswerAnswer: A Explanation: "one-time password" provides maximum security because a new password is required for each new log-on. Source: KRUTZ,...

The throughput rate is the rate at which individuals, once enrolled, can be processed and identified or authenticated by a biometric system. Acceptable throughput rates are in the range of:A .  100 subjects per minute.B .  25 subjects per minute.C .  10 subjects per minute.D .  50 subjects per minute.View...

Sensitivity labels are an example of what application control type?A .  Preventive security controlsB .  Detective security controlsC .  Compensating administrative controlsD .  Preventive accuracy controlsView AnswerAnswer: A Explanation: Sensitivity labels are a preventive security application controls, such as are firewalls, reference monitors, traffic padding, encryption, data classification, one-time passwords, contingency...

Which of the following can be used as a covert channel?A .  Storage and timing.B .  Storage and low bits.C .  Storage and permissions.D .  Storage and classification.View AnswerAnswer: A Explanation: The Orange book requires protection against two types of covert channels, Timing and Storage. The following answers are incorrect: Storage...

Technical controls such as encryption and access control can be built into the operating system, be software applications, or can be supplemental hardware/software units. Such controls, also known as logical controls, represent which pairing?A .  Preventive/Administrative PairingB .  Preventive/Technical PairingC .  Preventive/Physical PairingD .  Detective/Technical PairingView AnswerAnswer: B Explanation: Preventive/Technical...

In Mandatory Access Control, sensitivity labels attached to object contain what information?A .  The item's classificationB .  The item's classification and category setC .  The item's categoryD .  The items's need to knowView AnswerAnswer: B Explanation: A Sensitivity label must contain at least one classification and one category set. Category set...