Which of the following is the most secure way to distribute password?
Correct Answer: B
Employees must show up in person and present proper identification before obtaining a new or changed password (depending on your policy). After three unsuccessful attempts to enter a password, the account will be locked and only an administrator or the help desk can reactivate the involved user ID.
CISSP Exam Question 47
Which of the following statements pertaining to message digests is incorrect?
Correct Answer: C
A message digest should be calculated using all of the original file's data, not the first 128 bytes. Source: KRUTZ, Ronald L. & VINES, Russel D., The CISSP Prep Guide: Mastering the Ten Domains of Computer Security, John Wiley & Sons, 2001, Chapter 4: Cryptography (page 160).
CISSP Exam Question 48
Which of the following is MOST important when assigning ownership of an asset to a department?
Correct Answer: C
CISSP Exam Question 49
Within Crime prevention through Environmental Design (CPTED) the concept of territoriality is best described as:
Correct Answer: A
Crime prevention through Environmental Design (CPTED) is a concept that encourages individuals to feel ownership and respect for the territory they consider occupy. By encouraging the use of physical attributes that express ownership, the individual is more apt to protect and be aware in that environment The three main components of CPTED are: 1) natural access control - the guidance of people entering and leaving a space by the placement of doors, fences, lighting, and even landscaping 2 ) natural surveillance - the goal is make criminals feel uncomfortable by providing many ways observers could potentially see them 3 ) natural territorial reinforcement - creates physical designs that emphasize or extend the company's physical sphere of influence so users feel a sense of ownership of that space. The following answers are incorrect: Localized emissions is incorrect because it was a made up answer. Compromise of the perimeter is incorrect because territoriality is meant to protect the perimeter and the territory, not compromise it. Protecting specific areas with different measures is incorrect. Compartmentalized Areas would require specific protection to prevent intrusion. Territoriality deals with the protection of the entire facility and a sense of ownership, not the protection of a specific area only. The following reference(s) were/was used to create this question: ISC2 Official Guide to the CiSSP exam, p455, Shon Harris, All in One Exam Guide, p344- 346 and AIO Version 5 (Shon Harris) page 411-412
CISSP Exam Question 50
Which of the following is the MOST important reason for using a chain of custody from?
