Free Download the Most Update CertBus ISC CISSP Brain Dumps

CertBus 2021 Valid ISC CISSP ISC Certification Exam VCE and PDF Dumps for Free Download!

CISSP ISC Certification Exam PDF and VCE Dumps : 970QAs Instant Download: https://www.certbus.com/CISSP.html [100% CISSP Exam Pass Guaranteed or Money Refund!!]
☆ Free view online pdf on CertBus free test CISSP PDF: https://www.certbus.com/online-pdf/CISSP.pdf
☆ CertBus 2021 Valid CISSP ISC Certification exam Question PDF Free Download from Google Drive Share: https://drive.google.com/file/d/0B_3QX8HGRR1mVXBDYy0tYmNFSHM/view?usp=sharing

Following CISSP 970QAs are all new published by ISC Official Exam Center

Don’t worry about how to get yourself well prepared your ISC Certification Newest CISSP study guide exam! CertBus will work you out of your ISC Certification Hotest CISSP QAs exam with the latest updated Hotest CISSP free download Certified Information Systems Security Professional PDF and VCE dumps. CertBus provides the latest real ISC ISC Certification Feb 01,2021 Hotest CISSP pdf exam preparation material, covering every aspect of Hotest CISSP pdf exam curriculum.

CertBus – help you prepare for CISSP certification exams. latest update, most accurate and high pass rate. CertBus | CISSP certification materials | videos | study guides. CertBus – leading provider on all CISSP certification real exam practice and test questions and answers. CertBus – CISSP certification exams – original questions and answers – success guaranteed.

We CertBus has our own expert team. They selected and published the latest CISSP preparation materials from ISC Official Exam-Center: https://www.certbus.com/CISSP.html

Question 1:

The primary service provided by Kerberos is which of the following?

A. non-repudiation

B. confidentiality

C. authentication

D. authorization

Correct Answer: C

Explanation: non-repudiation. Since Kerberos deals primarily with symmetric cryptography, it does not help with non-repudiation.

confidentiality. Once the client is authenticated by Kerberos and obtains its session key and ticket, it may use them to assure confidentiality of its communication with a server; however, that is not a Kerberos service as such.

authorization. Although Kerberos tickets may include some authorization information, the meaning of the authorization fields is not standardized in the Kerberos specifications, and authorization is not a primary Kerberos service.

The following reference(s) were/was used to create this question:

ISC2 OIG,2007 p. 179-184

Shon Harris AIO v.3 152-155


Question 2:

Which of the following is true of two-factor authentication?

A. It uses the RSA public-key signature based on integers with large prime factors.

B. It requires two measurements of hand geometry.

C. It does not use single sign-on technology.

D. It relies on two independent proofs of identity.

Correct Answer: D

Explanation: It relies on two independent proofs of identity. Two-factor authentication refers to using two independent proofs of identity, such as something the user has (e.g. a token card) and something the user knows (a password). Two-

factor authentication may be used with single sign-on.

The following answers are incorrect: It requires two measurements of hand geometry. Measuring hand geometry twice does not yield two independent proofs.

It uses the RSA public-key signature based on integers with large prime factors. RSA encryption uses integers with exactly two prime factors, but the term “two-factor authentication” is not used in that context.

It does not use single sign-on technology. This is a detractor. The following reference(s) were/was used to create this question:

Shon Harris AIO v.3 p.129

ISC2 OIG, 2007 p. 126


Question 3:

You wish to make use of “port knocking” technologies. How can you BEST explain this?

A. Port knocking is where the client will attempt to connect to a predefined set of ports to identify him as an authorized client.

B. Port knocking is where the user calls the server operator to have him start the service he wants to connect to.

C. This is where all the ports are open on the server and the connecting client scans the open port to which he wants to connect to see if it\’s open and running.

D. Port knocking is where the port sequence is encrypted with 3DES and only the server has the other key to decrypt the port sequence.

Correct Answer: A

Explanation: The other answers are incorrect

The following reference(s) were/was used to create this question:

http://www.portknocking.org/


Question 4:

Which of the following is required in order to provide accountability?

A. Authentication

B. Integrity

C. Confidentiality

D. Audit trails

Correct Answer: D

Explanation: Accountability can actually be seen in two different ways:

1) Although audit trails are also needed for accountability, no user can be accountable for their actions unless properly authenticated.

2) Accountability is another facet of access control. Individuals on a system are responsible for their actions. This accountability property enables system activities to be traced to the proper individuals. Accountability is supported by audit trails

that record events on the system and network. Audit trails can be used for intrusion detection and for the reconstruction of past events. Monitoring individual activities, such as keystroke monitoring, should be accomplished in accordance with

the company policy and appropriate laws. Banners at the log-on time should notify the user of any monitoring that is being conducted. The point is that unless you employ an appropriate auditing mechanism, you don\’t have accountability.

Authorization only gives a user certain permissions on the network. Accountability is far more complex because it also includes intrusion detection, unauthorized actions by both unauthorized users and authorized users, and system faults.

The audit trail provides the proof that unauthorized modifications by both authorized and unauthorized users took place. No proof, No accountability.

Source: KRUTZ, Ronald L. and VINES, Russel D., The CISSP Prep Guide: Mastering the Ten Domains of Computer Security, John Wiley and Sons, 2001, Page 50

The Shon Harris AIO book, 4th Edition, on Page 243 also states:

Auditing Capabilities ensures users are accountable for their actions, verify that the secutiy policies are enforced,

and can be used as investigation tools. Accountability is tracked by recording user, system, and application activities.

This recording is done through auditing functions and mechanisms within an operating sytem or application.

Audit trail contain information about operating System activities, application events, and user actions.


Question 5:

A host-based IDS is resident on which of the following?

A. On each of the critical hosts

B. decentralized hosts

C. central hosts

D. bastion hosts

Correct Answer: A

Explanation: A host-based IDS is resident on a host and reviews the system and event logs in order to detect an attack on the host and to determine if the attack was successful. All critical serves should have a Host Based Intrusion Detection System (HIDS) installed. As you are well aware, network based IDS cannot make sense or detect pattern of attacks within encrypted traffic. A HIDS might be able to detect such attack after the traffic has been decrypted on the host. This is why critical servers should have both NIDS and HIDS.

FROM WIKIPEDIA:

A HIDS will monitor all or part of the dynamic behavior and of the state of a computer system. Much as a NIDS will dynamically inspect network packets, a HIDS might detect which program accesses what resources and assure that (say) a word-processor hasn\\’t suddenly and inexplicably started modifying the system password-database. Similarly a HIDS might look at the state of a system, its stored information, whether in RAM, in the file- system, or elsewhere; and check that the contents of these appear as expected.

One can think of a HIDS as an agent that monitors whether anything/anyone – internal or external – has circumvented the security policy that the operating system tries to enforce. http://en.wikipedia.org/wiki/Hostbased_intrusion_detection_system


Latest CISSP DumpsCISSP VCE DumpsCISSP Study Guide

Question 6:

Which of the following statements pertaining to biometrics is FALSE?

A. User can be authenticated based on behavior.

B. User can be authenticated based on unique physical attributes.

C. User can be authenticated by what he knows.

D. A biometric system\’s accuracy is determined by its crossover error rate (CER).

Correct Answer: C

Explanation: As this is not a characteristic of Biometrics this is the rigth choice for this question. This is one of the three basic way authentication can be performed and it is not related to Biometrics. Example of something you know would be a

password or PIN for example.

Please make a note of the negative \’FALSE\’ within the question. This question may seem tricky to some of you but you would be amazed at how many people cannot deal with negative questions. There will be a few negative questions within

the real exam, just like this one the keyword NOT or FALSE will be in Uppercase to clearly indicate that it is negative.

Biometrics verifies an individual\’s identity by analyzing a unique personal attribute or behavior, which is one of the most effective and accurate methods of performing authentication (one to one matching) or identification (a one to many

matching). A biometric system scans an attribute or behavior of a person and compares it to a template store within an authentication server datbase, such template would be created in an earlier enrollment process. Because this system

inspects the grooves of a person\’s fingerprint, the pattern of someone\’s retina, or the pitches of someone\’s voice, it has to be extremely sensitive.

The system must perform accurate and repeatable measurements of anatomical or physiological characteristics. This type of sensitivity can easily cause false positives or false negatives. The system must be calibrated so that these false

positives and false negatives occur infrequently and the results are as accurate as possible.

There are two types of failures in biometric identification:

False Rejection also called False Rejection Rate (FRR) — The system fail to recognize a legitimate user. While it could be argued that this has the effect of keeping the protected area extra secure, it is an intolerable frustration to legitimate

users who are refused access because the scanner does not recognize them.

False Acceptance or False Acceptance Rate (FAR) — This is an erroneous recognition, either by confusing one user with another or by accepting an imposter as a legitimate user.

Physiological Examples:

Unique Physical Attributes:

Fingerprint (Most commonly accepted)

Hand Geometry

Retina Scan (Most accurate but most intrusive)

Iris Scan

Vascular Scan

Behavioral Examples:

Repeated Actions

Keystroke Dynamics

(Dwell time (the time a key is pressed) and Flight time (the time between “key up” and the next “key down”).

Signature Dynamics

(Stroke and pressure points)

EXAM TIP:

Retina scan devices are the most accurate but also the most invasive biometrics system available today. The continuity of the retinal pattern throughout life and the difficulty in fooling such a device also make it a great long-term, high-security

option. Unfortunately, the cost of the proprietary hardware as well the stigma of users thinking it is potentially harmful to the eye makes retinal scanning a bad fit for most situations.

Remember for the exam that fingerprints are the most commonly accepted type of biometrics system.

The other answers are incorrect:

\’Users can be authenticated based on behavior.\’ is incorrect as this choice is TRUE as it pertains to BIOMETRICS.

Biometrics systems makes use of unique physical characteristics or behavior of users. \’User can be authenticated based on unique physical attributes.\’ is also incorrect as this choice is also TRUE as it pertains to BIOMETRICS. Biometrics

systems makes use of unique physical characteristics or behavior of users. \’A biometric system\’s accuracy is determined by its crossover error rate (CER)\’ is also incorrect as this is TRUE as it also pertains to BIOMETRICS. The CER is the

point at which the false rejection rates and the false acceptance rates are equal. The smaller the value of the CER, the more accurate the system.

Reference(s) used for this question:

Hernandez CISSP, Steven (2012-12-21). Official (ISC)2 Guide to the CISSP CBK, Third Edition ((ISC)2 Press) (Kindle Locations 25353-25356). Auerbach Publications. Kindle Edition.

and

Hernandez CISSP, Steven (2012-12-21). Official (ISC)2 Guide to the CISSP CBK, Third Edition ((ISC)2 Press) (Kindle Locations 25297-25303). Auerbach Publications. Kindle Edition.


Question 7:

Which access control model enables the OWNER of the resource to specify what subjects can access specific resources based on their identity?

A. Discretionary Access Control

B. Mandatory Access Control

C. Sensitive Access Control

D. Role-based Access Control

Correct Answer: A

Explanation: Data owners decide who has access to resources based only on the identity of the person accessing the resource.

The following answers are incorrect :

Mandatory Access Control : users and data owners do not have as much freedom to determine who can access files. The operating system makes the final decision and can override the users\’ wishes and access decisions are based on security labels.

Sensitive Access Control : There is no such access control in the context of the above question.

Role-based Access Control : uses a centrally administered set of controls to determine how subjects and objects interact , also called as non discretionary access control.

In a mandatory access control (MAC) model, users and data owners do not have as much freedom to determine who can access files. The operating system makes the final decision and can override the users\’ wishes. This model is much more structured and strict and is based on a security label system. Users are given a security clearance (secret, top secret, confidential, and so on), and data is classified in the same way. The clearance and classification data is stored in the security labels, which are bound to the specific subjects and objects. When the system makes a decision about fulfilling a request to access an object, it is based on the clearance of the subject, the classification of the object, and the security policy of the system. The rules for how subjects access objects are made by the security officer, configured by the administrator, enforced by the operating system, and supported by security technologies Reference : Shon Harris , AIO v3 , Chapter-4 : Access Control , Page : 163-165


Question 8:

Which of the following answers best describes the type of penetration testing where the analyst has full knowledge of the network on which he is going to perform his test?

A. White-Box Penetration Testing

B. Black-Box Pen Testing

C. Penetration Testing

D. Gray-Box Pen Testing

Correct Answer: A

Explanation: In general there are three ways a pen tester can test a target system.

White-Box: The tester has full access and is testing from inside the system.

Gray-Box: The tester has some knowledge of the system he\’s testing.

Black-Box: The tester has no knowledge of the system. Each of these forms of testing has different benefits and can test different aspects of the system from different approaches.

The following answers are incorrect:

Black-Box Pen Testing: This is where no prior knowledge is given about the target network. Only a domain name or business name may be given to the analyst.

Penetration Testing: This is half correct but more specifically it is white-box testing because the tester has full access.

Gray-Box Pen Testing: This answer is not right because Gray-Box testing you are given a little information about the target network.

The following reference(s) was used to create this question:

2013 Official Security Curriculum.

and

tester is provided no information about the target\’s network or environment. The tester is simply left to his abilities

Hernandez CISSP, Steven (2012-12-21). Official (ISC)2 Guide to the CISSP CBK, Third Edition ((ISC)2 Press) (Kindle Locations 4742-4743). Auerbach Publications. Kindle Edition.


Question 9:

The type of discretionary access control (DAC) that is based on an individual\’s identity is also called:

A. Identity-based Access control

B. Rule-based Access control

C. Non-Discretionary Access Control

D. Lattice-based Access control

Correct Answer: A

Explanation: An identity-based access control is a type of Discretionary Access Control (DAC) that is based on an individual\’s identity.

DAC is good for low level security environment. The owner of the file decides who has access to the file.

If a user creates a file, he is the owner of that file. An identifier for this user is placed in the file header and/or in an access control matrix within the operating system.

Ownership might also be granted to a specific individual. For example, a manager for a certain department might be made the owner of the files and resources within her department. A system that uses discretionary access control (DAC) enables the owner of the resource to specify which subjects can access specific resources.

This model is called discretionary because the control of access is based on the discretion of the owner. Many times department managers, or business unit managers , are the owners of the data within their specific department. Being the owner, they can specify who should have access and who should not.

Reference(s) used for this question:

Harris, Shon (2012-10-18). CISSP All-in-One Exam Guide, 6th Edition (p. 220). McGraw- Hill . Kindle Edition.


Question 10:

Passwords can be required to change monthly, quarterly, or at other intervals:

A. depending on the criticality of the information needing protection

B. depending on the criticality of the information needing protection and the password\’s frequency of use.

C. depending on the password\’s frequency of use.

D. not depending on the criticality of the information needing protection but depending on the password\’s frequency of use.

Correct Answer: B

Explanation: Passwords can be compromised and must be protected. In the ideal case, a password should only be used once. The changing of passwords can also fall between these two extremes. Passwords can be required to change monthly, quarterly, or at other intervals, depending on the criticality of the information needing protection and the password\’s frequency of use. Obviously, the more times a password is used, the more chance there is of it being compromised. Source: KRUTZ, Ronald L. and VINES, Russel D., The CISSP Prep Guide: Mastering the Ten Domains of Computer Security, 2001, John Wiley and Sons, Page 36 and 37


CertBus exam braindumps are pass guaranteed. We guarantee your pass for the CISSP exam successfully with our ISC materials. CertBus Certified Information Systems Security Professional exam PDF and VCE are the latest and most accurate. We have the best ISC in our team to make sure CertBus Certified Information Systems Security Professional exam questions and answers are the most valid. CertBus exam Certified Information Systems Security Professional exam dumps will help you to be the ISC specialist, clear your CISSP exam and get the final success.

CISSP Latest questions and answers on Google Drive(100% Free Download): https://drive.google.com/file/d/0B_3QX8HGRR1mVXBDYy0tYmNFSHM/view?usp=sharing

CISSP ISC exam dumps (100% Pass Guaranteed) from CertBus: https://www.certbus.com/CISSP.html [100% Exam Pass Guaranteed]

Why select/choose CertBus?

Millions of interested professionals can touch the destination of success in exams by certbus.com. products which would be available, affordable, updated and of really best quality to overcome the difficulties of any course outlines. Questions and Answers material is updated in highly outclass manner on regular basis and material is released periodically and is available in testing centers with whom we are maintaining our relationship to get latest material.

Brand Certbus Testking Pass4sure Actualtests Others
Price $45.99 $124.99 $125.99 $189 $69.99-99.99
Up-to-Date Dumps
Free 365 Days Update
Real Questions
Printable PDF
Test Engine
One Time Purchase
Instant Download
Unlimited Install
100% Pass Guarantee
100% Money Back
Secure Payment
Privacy Protection

Author: CertBus