- (Topic 6)
Packet Filtering Firewalls examines both the source and destination address of the:
Correct Answer:
A
Packeting filtering firewalls are devices that enforce administrative security policies by filtering incoming traffic as well as outgoing traffic based on rules that can include the source and/or destination addresses.
"Outgoing data packets" is incorrect. Firewalls filter incoming as well as outgoing traffic. This is sometimes called Egress and Ingress filtering.
"Incoming data packets only" is incorrect. (see previous explantion)
"User data packet" is incorrect. A packet filtering firewall does not typicallly look into the data portion of the packet.
References CBK, p. 464
AIO3, pp. 482 - 484
- (Topic 2)
Which of the following is considered the weakest link in a security system?
Correct Answer:
A
The Answer People. The other choices can be strengthened and counted on (For the most part) to remain consistent if properly protected. People are fallible and unpredictable. Most security intrusions are caused by employees. People get tired, careless, and greedy. They are not always reliable and may falter in following defined guidelines and best practices. Security professionals must install adequate prevention and detection controls and properly train all systems users Proper hiring and firing practices can eliminate certain risks. Security Awareness training is key to ensuring people are aware of risks and their responsibilities.
The following answers are incorrect:Software. Although software exploits are major threat and cause for concern, people are the weakest point in a security posture. Software can be removed, upgraded or patched to reduce risk.
Communications. Although many attacks from inside and outside an organization use communication methods such as the network infrastructure, this is not the weakest point in
a security posture. Communications can be monitored, devices installed or upgraded to reduce risk and react to attack attempts.
Hardware. Hardware components can be a weakness in a security posture, but they are not the weakest link of the choices provided. Access to hardware can be minimized by such measures as installing locks and monitoring access in and out of certain areas.
The following reference(s) were/was used to create this question: Shon Harris AIO v.3 P.19, 107-109
ISC2 OIG 2007, p.51-55
- (Topic 5)
What key size is used by the Clipper Chip?
Correct Answer:
D
The Clipper Chip is a NSA designed tamperproof chip for encrypting data and it uses the SkipJack algorithm. Each Clipper Chip has a unique serial number and a copy of the unit key is stored in the database under this serial number. The sending Clipper Chip generates and sends a Law Enforcement Access Field (LEAF) value included in the transmitted message. It is based on a 80-bit key and a 16-bit checksum.
Source: WALLHOFF, John, CBK#5 Cryptography (CISSP Study Guide), April 2002 (page 1).
- (Topic 2)
In what way could Java applets pose a security threat?
Correct Answer:
C
Source: TIPTON, Hal, (ISC)2, Introduction to the CISSP Exam presentation.
- (Topic 4)
Which of the following recovery plan test results would be most useful to management?
Correct Answer:
B
After a test has been performed the most useful test results for manangement would be knowing what worked and what didn't so that they could correct the mistakes where needed.
The following answers are incorrect:
elapsed time to perform various activities. This is incorrect because it is not the best answer, these results are not as useful as list of successful and unsuccessful activities would be to managment.
amount of work completed. This is incorrect because it is not the best answer, these results are not as useful as list of successful and unsuccessful activities would be to managment.
description of each activity. This is incorrect because it is not the best answer, these results are not as useful as list of successful and unsuccessful activities would be to managment.