The structured walk-through test occurs when the functional representatives meet to review the plan in detail. This involves a thorough look at each of the plan steps, and the procedures that are invoked at that point in the plan. This ensures that the actual planned activities are accurately described in the plan. The checklist test is a method of testing the plan by distributing copies to each of the functional areas. The simulation test plays out different scenarios. The parallel test is essentially an operational test that is performed without interrupting current processing. Source: HARE, Chris, CISSP Study Guide: Business Continuity Planning Domain,

The operation phase of an IT system is concerned with user authentication.
Authentication is the process where a system establishes the validity of a transmission, message,
or a means of verifying the eligibility of an individual, process, or machine to carry out a desired
action, thereby ensuring that security is not compromised by an untrusted source.
It is essential that adequate authentication be achieved in order to implement security policies and
achieve security goals. Additionally, level of trust is always an issue when dealing with cross-
domain interactions. The solution is to establish an authentication policy and apply it to cross-
domain interactions as required.
Source: STONEBURNER, Gary & al, National Institute of Standards and Technology (NIST), NIST
Special Publication 800-27, Engineering Principles for Information Technology Security (A Baseline for Achieving Security), June 2001 (page 15).

A DoS attack on a syslog server exploits weakness in TCP and UDP protocols. A syslog server is a server that collects and stores log messages from various devices on a network, such as routers, switches, firewalls, or servers. A syslog server uses either TCP or UDP protocols to receive log messages from the devices. A DoS attack on a syslog server can exploit the weakness of these protocols by sending a large volume of fake or malformed log messages to the syslog server, causing it to crash or become unresponsive. The other protocols are not relevant to a syslog server or a DoS attack. References: Denial-of-Service Attacks: History, Techniques & Prevention; What is a syslog server? | SolarWinds MSP.

Diffusion is aimed at obscuring redundancy in the plaintext by
spreading the effect of the transformation over the ciphertext. Permutation is also known as transposition and operates by rearranging the letters of the plaintext.
*Answer substitution is used to implement
confusion in a block cipher. Confusion tries to hide the relationship
between the plaintext and the ciphertext. The Caesar cipher is an
example of a substitution cipher.
* XORing is incorrect since XORing, for example, as used in a stream cipher, implements confusion and not diffusion. Similarly, nonlinear S-boxes implement substitution. In DES, for example, there are eight different S-boxes that each has an input of 6 bits and an output of 4 bits. Thus, nonlinear substitution is effected.

Explanation/Reference:
Explanation:
Port Address Translation (PAT) maps one internal IP address to an external IP address and port number combination. Thus, PAT can theoretically support 65,536 (2 16 ) simultaneous communications from internal clients over a single external leased IP address. A company can save a lot of money by using PAT, because the company needs to buy only a few public IP addresses, which are used by all systems in the network.
Incorrect Answers:
A: NAT maps one internal IP address to one external IP address. Compared to PAT this is pretty bad.
C: There is no NAT implementation called Dedicated Address Translation.
D: Static Address Translation is not convenient as it must be configured manually.
References:
Harris, Shon, All In One CISSP Exam Guide, 6th Edition, McGraw-Hill, New York, 2013, p. 606