SSCP

In the CIA triad, what does the letter A stand for?A .  AuditabilityB .  AccountabilityC .  AvailabilityD .  AuthenticationView AnswerAnswer: C Explanation: The CIA triad stands for Confidentiality, Integrity and Availability.

A timely review of system access audit records would be an example of which of the basic security functions?A .  avoidance.B .  deterrence.C .  prevention.D .  detection.View AnswerAnswer: D Explanation: By reviewing system logs you can detect events that have occured. The following answers are incorrect: avoidance. This is incorrect, avoidance...

If an operating system permits shared resources such as memory to be used sequentially by multiple users/application or subjects without a refresh of the objects/memory area, what security problem is MOST likely to exist?A .  Disclosure of residual data.B .  Unauthorized obtaining of a privileged execution state.C .  Data leakage...

Which of the following security controls might force an operator into collusion with personnel assigned organizationally within a different function in order to gain access to unauthorized data?A .  Limiting the local access of operations personnelB .  Job rotation of operations personnelC .  Management monitoring of audit logsD .  Enforcing...

The Reference Validation Mechanism that ensures the authorized access relationships between subjects and objects is implementing which of the following concept:A .  The reference monitor.B .  Discretionary Access Control.C .  The Security Kernel.D .  Mandatory Access Control.View AnswerAnswer: A Explanation: The reference monitor concept is an abstract machine that ensures...

In response to Access-request from a client such as a Network Access Server (NAS), which of the following is not one of the response from a RADIUS Server?A .  Access-AcceptB .  Access-RejectC .  Access-GrantedD .  Access-ChallengeView AnswerAnswer: C Explanation: In response to an access-request from a client, a RADIUS server...

Which TCSEC level is labeled Controlled Access Protection?A .  C1B .  C2C .  C3D .  B1View AnswerAnswer: B Explanation: C2 is labeled Controlled Access Protection. The TCSEC defines four divisions: D, C, B and A where division A has the highest security. Each division represents a significant difference in the trust...

Controlling access to information systems and associated networks is necessary for the preservation of their:A .  Authenticity, confidentiality and availabilityB .  Confidentiality, integrity, and availability.C .  integrity and availability.D .  authenticity,confidentiality, integrity and availability.View AnswerAnswer: B Explanation: Controlling access to information systems and associated networks is necessary for the preservation...

What is one disadvantage of content-dependent protection of information?A .  It increases processing overhead.B .  It requires additional password entry.C .  It exposes the system to data locking.D .  It limits the user's individual address space.View AnswerAnswer: A Explanation: Source: TIPTON, Hal, (ISC)2, Introduction to the CISSP Exam presentation.

What are the components of an object's sensitivity label?A .  A Classification Set and a single Compartment.B .  A single classification and a single compartment.C .  A Classification Set and user credentials.D .  A single classification and a Compartment Set.View AnswerAnswer: D Explanation: Both are the components of a sensitivity label....