1. Главная
  2. Книги
  3. Vallabhaneni S. Rao
  4. CISSP Practice
  5. Страница 48
Выбрать главу

File locks, record locks, and semaphores are needed to synchronize file updates. File locks provide a coarse security due to file-level locking. Record locking can be done through logical or physical locks. The PC operating system ensures that the protected records cannot be accessed on the hard disk. Logical locks work by assigning a lock name to a record or a group of records. A semaphore is a flag that can be named, set, tested, changed, and cleared. Semaphores can be applied to files, records, group of records, or any shareable network device, such as a printer or modem. Semaphores are similar to logical locks in concept and can be used for advanced network control functions.

26. Which of the following is a byproduct of administering the security policy for firewalls?

a. Protocol filtering policy

b. Connectivity policy

c. Firewall implementation

d. Protocol filtering rules

26. c. The role of site security policy is important for firewall administration. A firewall should be viewed as an implementation of a policy; the policy should never be made by the firewall implementation. In other words, agreement on what protocols to filter, what application gateways to use, how network connectivity will be made, and what the protocol filtering rules are all need to be codified beforehand because ad hoc decisions will be difficult to defend and will eventually complicate firewall administration.

27. Which of the following reduces the need to secure every user endpoint?

1. Diskless nodes

2. Thin client technology

3. Client honeypots

4. Thick client technology

a. 1 only

b. 1 and 2

c. 3 only

d. 3 and 4

27. b. A deployment of information system components with minimal functionality (e.g., diskless nodes and thin client technology) reduces the need to secure every user endpoint and may reduce the exposure of data/information, information systems, and services to a successful attack. Client honeypots are devices that actively seek out Web-based malicious code by posing as clients. Thick client technology is not recommended because it cannot protect the user endpoints, and it is less secure than the thin client technology in the way encryption keys are handled.

28. Communications between computers can take several approaches. Which of the following approaches is most secure?

a. Public telephone network

b. Fiber optic cables

c. Direct wiring of lines between the computer and the user workstation

d. Microwave transmission or satellites

28. b. Due to their design, fiber optic cables are relatively safer and more secure than other types of computer links. A dial-up connection through a public telephone network is not secure unless a dial-back control is established. Direct wiring of lines between the computer and the user workstation is relatively secure when compared to the public telephone network. Microwave transmissions or satellites are subject to sabotage, electronic warfare, and wiretaps.

29. Which of the following is risky for transmission integrity and confidentiality when a network commercial service provider is engaged to provide transmission services?

a. Commodity service

b. Cryptographic mechanisms

c. Dedicated service

d. Physical measures

29. a. An information system should protect the integrity and confidentiality of transmitted information whether using a network service provider. If the provider transmits data as a commodity service rather than a fully dedicated service, it is risky. Cryptographic mechanisms that include use of encryption and physical measures include a protected distribution system.

30. Network security and integrity do not depend on which of the following controls?

a. Logical access controls

b. Business application system controls

c. Hardware controls

d. Procedural controls

30. b. Application system controls include data editing and validation routines to ensure integrity of the business-oriented application systems such as payroll and accounts payable. It has nothing to do with the network security and integrity.

Logical access controls prevent unauthorized users from connecting to network nodes or gaining access to applications through computer terminals.

Hardware controls include controls over modem usage, the dial-in connection, and the like. A public-switched network is used to dial into the internal network. Modems enable the user to link to a network from a remote site through a dial-in connection.

Procedural controls include (i) limiting the distribution of modem telephone numbers on a need to know basis, (ii) turning the modem off when not in use, and (iii) frequent changes of modem telephone numbers.

31. Which of the following questions must be answered first when planning for secure telecommuting?

a. What data is confidential?

b. What systems and data do employees need to access?

c. What type of access is needed?

d. What is the sensitivity of systems and data?

31. c. Telecommuting is the use of telecommunications to create a virtual office away from the established (physical) office. The telecommuting office can be in an employee’s home, a hotel room or conference center, an employee’s travel site, or a telecommuting center. In planning for secure telecommuting, management must first determine what type of access is needed (i.e., end user, IT user, system/security administrator, permanent/temporary access, guest/contractor access, global/local access, read, write, update add, delete, or change, view, print, or collaborate). The type of access drives most of access control decisions, including the other three choices.

The other three choices come later, although they are important in their own way and support the type of access. What systems and data do employees need? What is the sensitivity of these systems and data? Do they need system administrator privileges? Do they need to share files with other employees? Is the data confidential?

32. The Internet uses which of the following?

a. Mesh topology

b. Star topology

c. Bus topology

d. Ring topology

32. a. The Internet uses the mesh topology with a high degree of fault tolerance. Dial-up telephone services and PBX systems (switched networks) use the star topology, Ethernet mostly uses the bus topology, and FDDI uses the ring topology.

33. Phishing attacks can occur using which of the following?

1. Cell phones

2. Personal digital assistants

3. Traditional computers

4. Websites

a. 3 only

b. 4 only

c. 1 and 2

d. 1, 2, 3, and 4

33. d. Phishing attacks are not limited to traditional computers and websites; they may also target mobile computing devices, such as cell phones and personal digital assistants. To perform a phishing attack, an attacker creates a website or e-mail that looks as if it is from a well-known organization, such as an online business, credit card company, or financial institution in the case of cell phones; it is often the SMS/MMS attack vector or calls with spoofed caller-ID.

~ 48 ~