- (Topic 1)
Which of the following is most relevant to determining the maximum effective cost of access control?

1. A. the value of information that is protected
2. B. management's perceptions regarding data importance
3. C. budget planning related to base versus incremental spending.
4. D. the cost to replace lost data

Correct Answer: A
The cost of access control must be commensurate with the value of the information that is being protected.
Source: KRUTZ, Ronald L. & VINES, Russel D., The CISSP Prep Guide: Mastering the Ten Domains of Computer Security, 2001, John Wiley & Sons, Page 49.

- (Topic 6)
Which of the following is TRUE regarding Transmission Control Protocol (TCP) and User Datagram Protocol (UDP)?

1. A. TCP is connection-oriented, UDP is not.
2. B. UDP provides for Error Correction, TCP does not.
3. C. UDP is useful for longer messages, rather than TCP.
4. D. TCP does not guarantee delivery of data, while UDP does guarantee data delivery.

Correct Answer: A
TCP is a reliable connection-oriented transport for guaranteed delivery of data.
Protocols represent certain rules and regulations that are essential in order to have data communication between two entities. Internet Protocols work in sending and receiving data packets. This type of communication may be either connection-less or connection-oriented.
In a connection-oriented scenario, an acknowledgement is being received by the sender from the receiver in support of a perfect transfer. Transmission Control Protocol or TCP is such a protocol.
On the other hand, UDP or User Datagram Protocol is of the connection-less type where no feedback is being forwarded to the sender after delivery and the data transfer have taken place or not. Though, it's not a guaranteed method, but, once a connection is established, UDP works much faster than TCP as TCP has to rely on a feedback and accordingly, the entire 3-way handshaking takes place.
The following answers are incorrect:
UDP provides for Error Correction, TCP does not: UDP does not provide for error correction, while TCP does.
UDP is useful for longer messages, rather than TCP: UDP is useful for shorter messages due to its connectionless nature.
TCP does not guarantee delivery of data, while UDP does guarantee data delivery: The opposite is true.
References Used for this question:
http://www.cyberciti.biz/faq/key-differences-between-tcp-and-udp-protocols/ http://www.skullbox.net/tcpudp.php
James's TCP-IP FAQ - Understanding Port Numbers.

- (Topic 4)
A prolonged power supply that is below normal voltage is a:

1. A. brownout
2. B. blackout
3. C. surge
4. D. fault

Correct Answer: A
A prolonged power supply that is below normal voltage is a brownout. From: HARRIS, Shon, All-In-One CISSP Certification Exam Guide, 3rd. Edition McGraw-
Hill/Osborne, 2005, page 368.

- (Topic 6)
Which type of attack involves hijacking a session between a host and a target by predicting the target's choice of an initial TCP sequence number?

1. A. IP spoofing attack
2. B. SYN flood attack
3. C. TCP sequence number attack
4. D. Smurf attack

Correct Answer: C
A TCP sequence number attack exploits the communication session which was established between the target and the trusted host that initiated the session. It involves hijacking the session between the host and the target by predicting the target's choice of an initial TCP sequence number. An IP spoofing attack is used to convince a system that it is communication with a known entity that gives an intruder access. It involves modifying the source address of a packet for a trusted source's address. A SYN attack is when an attacker floods a system with connection requests but does not respond when the target system replies to those requests. A smurf attack occurs when an attacker sends a spoofed (IP spoofing) PING (ICMP ECHO) packet to the broadcast address of a large network (the bounce site). The modified packet containing the address of the target system, all devices on its local network respond with a ICMP REPLY to the target system, which is then saturated with those replies.
Source: KRUTZ, Ronald L. & VINES, Russel D., The CISSP Prep Guide: Mastering the Ten Domains of Computer Security, John Wiley & Sons, 2001, Chapter 3: Telecommunications and Network Security (page 77).

- (Topic 5)
Which of the following is not a property of the Rijndael block cipher algorithm?

1. A. It employs a round transformation that is comprised of three layers of distinct and invertible transformations.
2. B. It is suited for high speed chips with no area restrictions.
3. C. It operates on 64-bit plaintext blocks and uses a 128 bit key.
4. D. It could be used on a smart card.

Correct Answer: C
All other properties above apply to the Rijndael algorithm, chosen as the AES standard to replace DES.
The AES algorithm is capable of using cryptographic keys of 128, 192, and 256 bits to encrypt and decrypt data in blocks of 128 bits. Rijndael was designed to handle additional block sizes and key lengths, however they are not adopted in the AES standard.
IDEA cipher algorithm operates on 64-bit plaintext blocks and uses a 128 bit key. Reference(s) used for this question: http://csrc.nist.gov/publications/fips/fips197/fips-197.pdf
and
http://en.wikipedia.org/wiki/Advanced_Encryption_Standard