SSCP

Degaussing is used to clear data from all of the following medias except: A . Floppy DisksB .  Read-Only MediaC .  Video TapesD .  Magnetic Hard DisksView AnswerAnswer: B Explanation: Atoms and Data Shon Harris says: "A device that performs degaussing generates a coercive magnetic force that reduces the magnetic flux...

Which of the following is an example of discretionary access control?A .  Identity-based access controlB .  Task-based access controlC .  Role-based access controlD .  Rule-based access controlView AnswerAnswer: A Explanation: An identity-based access control is an example of discretionary access control that is based on an individual's identity. Identity-based access...

Which of the following control pairing places emphasis on "soft" mechanisms that support the access control objectives?A .  Preventive/Technical PairingB .  Preventive/Administrative PairingC .  Preventive/Physical PairingD .  Detective/Administrative PairingView AnswerAnswer: B Explanation: Soft Control is another way of referring to Administrative control. Technical and Physical controls are NOT soft control, so...

When considering an IT System Development Life-cycle, security should be:A .  Mostly considered during the initiation phase.B .  Mostly considered during the development phase.C .  Treated as an integral part of the overall system design.D .  Added once the design is completed.View AnswerAnswer: C Explanation: Security must be considered in...

Detective/Technical measures:A .  include intrusion detection systems and automatically-generated violation reports from audit trail information.B .  do not include intrusion detection systems and automatically-generated violation reports from audit trail information.C .  include intrusion detection systems but do not include automatically-generated violation reports from audit trail information.D .  include intrusion detection...

Rule-Based Access Control (RuBAC) access is determined by rules. Such rules would fit within what category of access control ?A .  Discretionary Access Control (DAC)B .  Mandatory Access control (MAC)C .  Non-Discretionary Access Control (NDAC)D .  Lattice-based Access controlView AnswerAnswer: C Explanation: Rule-based access control is a type of non-discretionary...

What is called the act of a user professing an identity to a system, usually in the form of a log-on ID?A .  AuthenticationB .  IdentificationC .  AuthorizationD .  ConfidentialityView AnswerAnswer: B Explanation: Identification is the act of a user professing an identity to a system, usually in the form...

A Security Kernel is defined as a strict implementation of a reference monitor mechanism responsible for enforcing a security policy. To be secure, the kernel must meet three basic conditions, what are they?A .  Confidentiality, Integrity, and AvailabilityB .  Policy, mechanism, and assuranceC .  Isolation, layering, and abstractionD .  Completeness,...

Which of the following offers advantages such as the ability to use stronger passwords, easier password administration, one set of credential, and faster resource access?A .  Smart cardsB .  Single Sign-On (SSO)C .  Symmetric CiphersD .  Public Key Infrastructure (PKI)View AnswerAnswer: B Explanation: The advantages of SSO include having the...

What is called the use of technologies such as fingerprint, retina, and iris scans to authenticate the individuals requesting access to resources?A .  MicrometricsB .  MacrometricsC .  BiometricsD .  MicroBiometricsView AnswerAnswer: C Explanation: Source: KRUTZ, Ronald L. & VINES, Russel D., The CISSP Prep Guide: Mastering the Ten Domains of...