Which of the following is an unintended communication path that is NOT protected by the system's normal security mechanisms?
Correct Answer: C
A covert channel is an unintended communication path within a system, therefore it is not protected by the system's normal security mechanisms. Covert channels are a secret way to convey information. Covert channels are addressed from TCSEC level B2. The following are incorrect answers: A trusted path is the protected channel that allows a user to access the Trusted Computing Base (TCB) without being compromised by other processes or users. A protection domain consists of the execution and memory space assigned to each process. A maintenance hook is a hardware or software mechanism that was installed to permit system maintenance and to bypass the system's security protections. Reference used for this question: KRUTZ, Ronald L. & VINES, Russel D., The CISSP Prep Guide: Mastering the Ten Domains of Computer Security, John Wiley & Sons, 2001, Chapter 6: Operations Security (page 219).
CISSP Exam Question 67
When attempting to establish liability, which of the following would be described as performing the ongoing maintenance necessary to keep something in proper working order, updated, effective, or to abide by what is commonly expected in a situation?
Correct Answer: A
Explanation/Reference: Explanation: Due care is performing the ongoing maintenance necessary to keep something in proper working order, or to abide by what is commonly expected in a situation. This is especially important if the due care situation exists because of a contract, regulation, or law. The opposite of due care is "negligence." EXAM TIP: The Due Diligence refers to the steps taken to identify risks that exist within the environment. This is based on best practices, standards such as ISO 27001, ISO 17799, and other consensus. The first letter of the word Due and the word Diligence should remind you of this. The two letters are DD = Do Detect. In the case of due care, it is the actions that you have taken (implementing, designing, enforcing, updating) to reduce the risks identified and keep them at an acceptable level. The same apply here, the first letters of the work Due and the work Care are DC. Which should remind you that DC = Do correct. Incorrect Answers: B: Due concern is not a valid answer. Due Care is what is described in the question. C: Due diligence is performing reasonable examination and research before committing to a course of action. Basically, "look before you leap." In law, you would perform due diligence by researching the terms of a contract before signing it. The opposite of due diligence might be "haphazard" or "not doing your homework." This is not what is described in the question. D: Due practice is not a valid answer. Due Care is what is described in the question.
CISSP Exam Question 68
Which of the following describes the sequence of steps required for a Kerberos session to be established between a user (Principal P1), and an application server (Principal P2)?
Correct Answer: C
Principles P1 and P2 authenticate to the Key Distribution Center (KDC), principle P1 receives a Ticket Granting Ticket (TGT), and principle P2 requests a service ticket from the KDC. The principle P2 does not request a service ticket. P1 would request a service ticket. Principles P1 and P2 authenticate to the Key Distribution Center (KDC), principle P1 requests a Ticket Granting Ticket (TGT) from the authentication server, and application server P2 requests a service ticket from P1 A request by P1 to access P2 will fail without a service ticket, but this is not the best answer. Principle P1 authenticates to the Key Distribution Center (KDC), principle P1 requests a Ticket Granting Ticket (TGT) from the authentication server, and principle P1 requests a service ticket from the application server P2 The request for a service ticket is made to the KDC, not to P2 P2 does not proxy authentication requests for the principle P1 The following reference(s) were/was used to create this question: Sybex CISSP Study Guide, Third Edition. pg 21 Kerberos logon process: User types in username and password, a symmetric key is derive from the password, the user sends a Kerberos Authentication requrest to KDC, which returns a TGT showing the user was identified. "1) The client sends its TGT back to Ticket Granting Service (TGS) on the KDC with request for access to a server or service" "3) A service ticket (ST) is granted and sent to the client. The service ticket includes a session key encrypted with the client symmetric key and also encrypted with the service or server symmetric key" "4) The client sends the ST to the server or service host."
CISSP Exam Question 69
Which of the following is the BEST mitigation from phishing attacks?
Correct Answer: B
CISSP Exam Question 70
Which of the following services is provided by S-RPC?
Correct Answer: D
Secure RPC provides authentication services. Secure RPC (Remote Procedure Call) protects remote procedures with an authentication mechanism. The Diffie-Hellman authentication mechanism authenticates both the host and the user who is making a request for a service. The authentication mechanism uses Data Encryption Standard (DES) encryption. Applications that use Secure RPC include NFS and the naming services, NIS and NIS+. WHAT IS RPC? Remote Procedure Call (RPC) is a protocol that one program can use to request a service from a program located in another computer in a network without having to understand network details. (A procedure call is also sometimes known as a function call or a subroutine call.) RPC uses the client/server model. The requesting program is a client and the service-providing program is the server. Like a regular or local procedure call, an RPC is a synchronous operation requiring the requesting program to be suspended until the results of the remote procedure are returned. However, the use of lightweight processes or threads that share the same address space allows multiple RPCs to be performed concurrently. When program statements that use RPC are compiled into an executable program, a stub is included in the compiled code that acts as the representative of the remote procedure code. When the program is run and the procedure call is issued, the stub receives the request and forwards it to a client runtime program in the local computer. The client runtime program has the knowledge of how to address the remote computer and server application and sends the message across the network that requests the remote procedure. Similarly, the server includes a runtime program and stub that interface with the remote procedure itself. Results are returned the same way. There are several RPC models and implementations. A popular model and implementation is the Open Software Foundation's Distributed Computing Environment (DCE). The Institute of Electrical and Electronics Engineers defines RPC in its ISO Remote Procedure Call Specification, ISO/IEC CD 11578 N6561, ISO/IEC, November 1991. RPC spans the Transport layer and the Application layer in the Open Systems Interconnection (OSI) model of network communication. RPC makes it easier to develop an application that includes multiple programs distributed in a network. All of the other answers are not features of S/RPC. Reference(s) used for this Question: http://docs.sun.com/app/docs/doc/816-4883/6mb2joane?a=view and http://docs.oracle.com/cd/E23823_01/html/816-4557/auth-2.html and
