CISSP - Practice
Home > Preview
The flashcards below were created by user
on FreezingBlue Flashcards.
Triple DES key bit
168 (3 x 56 key bit of DES)
access control administration
hybrid, centralized, decentralized
baseline of normal activit
# of layers in Ip/TCP model
The columns of an access control matrix are known as
"Access control Lists"
used to communicate items that require immediate attention.
Types of decision systems -
Expert system - capabilities of a human
Strength of a cryptosystem is dependant on ..
- 1) Secrecy of the key
- 2) initialization vector
- 3) algorithm
- 4) length of key
Boundary protection and security mechanism - firewall
database model - networked
Heirarchical data model
distrubuted data model
relational data model
networked - all types of data models connected
Heirarchical data model - one to many relationships
distrubuted data model - many many relationships
relational data model - one to one relatiohsips
Jurisdiction of computer crimes
- FBI and Secret Service
Referential integrity mechanism
Semantic Integrity Rules
- Referential integrity mechanism - every tuple has a primary
- key and that every primary key is related to an existing record
- Semantic Integrity Rules - all structural and semantics
- rules of database are not violated
- Transaction Management - concurrent transactions can be
- processed without encountering problems
- Concurrency - database information is always correct and
- uses the lock feature to protect cells during editing
Common backup tape management systems
- six-cartridge weekly backup principle
- Tower of Hanoi
- Grandfather, father son
STATE of CPU
- STATE of CPU
- – Problem, Supervisor, User
Which RAID level provides data mirroring?
Most effective implementation of encryption in hardware
a product that will utilize an algorithm such as AES which would be the strongest
mode to select for default product operation?
- the best mode to select for a product would be CTR. Failure to randomize the nonce, and
- preventing nonce reuse will decrease the security of CTR mode.
– EAL 7 –
The Common Criteria (ISO 15408)
indicates that a system has been formally verified, designed and tested
- The Common Criteria (ISO 15408) - Establishing a common evaluation basis to be used
- internationally to measure overall product security
Data hiding is a required TCSEC criterion of module development for systems beginning at what criterion level?
The most common forms of asymmetric key cryptography include -
designed and optimized for use with a 32 bit microprocessor
A security association - uniquely identified by a triple consisting of a
- 1) Security Parameter Index (SPI),
- 2) IP Destination Address
- 3) security protocol (AH or ESP) identifier.
- access control
- connectionless integrity
- data origin authentication
- session hi-jacking analysis
- and limited traffic flow confidentiality
To Prove Negligence:
- A failure to perform a legally recognized obligation
- An injury (financial or otherwise) must have occurred
- Proximate causation must exist
CHAP - Challenge Handshake Authentication Protocol (CHAP)
protects a password from eavesdroppers and supports the encryption of communication
Which of the following defines a disk drive
system with 39 disks: 32
disks of user storage and seven disks of error recovery coding?
- hide data from unauthorized users by allowing a
- relation in a database to contain multiple tuples with the same primary
- keys with each instance distinguished by a security level?
Bell-LaPadula - Does not include data integrity
Categories of Access Control:
Deterrent, Preventative, detective, corrective, compensating, and recovery
Three types of Access Control:
Administrtive, Physical, Technical
Fundamental disadvantage of biometrics:
Disaster is not over until ...
Critical business systems are recovered at the recovery site
First step of BIA
Understand your business
Fiber optics are immune to wiretaps
What would you like to do?
Home > Flashcards > Print Preview